Hi everyone, I have a question regarding the intended privacy limits of the DeviceActivityReportExtension. According to the documentation and the WWDC21 session "Meet the Screen Time API", this extension was created specifically to prevent the host application from accessing the user's underlying activity data (websites visited, app usage, screen time, etc). But I have found that my host app is actually able to reconstruct this raw activity data from the activity report. I am able to extract specific visited websites and app usage durations back into the main app. I reported this to Apple Security (Case ID: OE1100504480881 ), assuming it was a sandbox bypass. However, they closed the ticket stating that this is "expected behavior" and requires no fix. My question for Screen Time Engineers: Is the documentation incorrect? If my host app is expected to be able to read this data, is there a formal API we should be using instead of extracting it from the report extension? The current behavior contradicts the privacy limits described in the documentation, so I am confused if I should rely on this data access for my app features or if it will be patched later. Thanks.

Hi, We’re building an iOS app that uses the Screen Time APIs (FamilyControls and DeviceActivity) to display a user’s own usage metrics inside the app. With the appropriate permissions granted, we are successfully reading and presenting metrics such as: Total screen time Device pickups These metrics are already visible to the user inside our app. We would now like to introduce a user-initiated “Share” feature. The idea is to: Render selected Screen Time metrics into a shareable image card generated locally on device. Present the standard iOS share sheet (UIActivityViewController). Allow the user to share that image to Messages, social apps, etc., if they choose. Important clarifications: This is fully user-initiated. The app does not automatically transmit Screen Time data. The metrics are already displayed in-app with user permission. The share asset would be generated locally. No background export or server-side posting would occur unless explicitly triggered by the user via the share sheet. We are seeking clarification on whether there are any policy or API restrictions around: Rendering Screen Time-derived metrics into a user-facing share card Allowing user-initiated export of those metrics via the standard iOS share flow Are there any additional privacy requirements, entitlement constraints, or App Review considerations we should be aware of when implementing this? Thanks in advance for any guidance.

I’m building an iOS app that uses FamilyControls + ManagedSettings + DeviceActivity. Goal: temporarily “unlock” a shielded app for N minutes, then automatically re-apply the shield when the timer expires. What I do: In the main app, when user picks an expiry (e.g. 15 min, 30 min). I start a non-repeating DeviceActivity schedule and remove the app’s ApplicationToken from ManagedSettingsStore().shield.applications. I also store activeUnlockBundleID etc. in an App Group so the DeviceActivityMonitor extension can re-lock at the end. Expected: DeviceActivityMonitor.intervalDidEnd(for:) is invoked when the non-repeating interval ends, and I re-add the token to the shield set. Actual: The app does not re-lock when the interval expires. I added OS logs as well as “debug local notifications” from the DeviceActivityMonitor extension in: init() intervalDidStart intervalDidEnd eventDidReachThreshold None of these logs or notifications ever appear, which suggests the extension is never invoked (or cannot schedule local notifications or OS logs). Environment: Device: iPhone 17 Pro iOS 26.3.1 Xcode 26.4 Running on a physical device Notification permissions for the app: granted App + extensions are in the same App Group entitlement. Extension Info.plist has: NSExtensionPointIdentifier = com.apple.deviceactivity.monitor NSExtensionPrincipalClass = $(PRODUCT_MODULE_NAME).DeviceActivityMonitorExtension Questions: Are there known limitations/requirements for DeviceActivityMonitor callbacks where intervalDidEnd doesn't to fire? Is posting local notifications / OS Logs from a DeviceActivityMonitor extension supported/reliable? If not, what’s the recommended way to verify the extension is invoked? If this looks like a platform bug, should I file Feedback Assistant? If so, what logs/artifacts are most useful?

Hi, we are developing a screen time management app. The app locks the device after it was used for specified amount of time. After updating to iOS 26.2, we noticed a huge issue: the events started to fire (reach the threshold) in the DeviceActivityMonitorExtension prematurely, almost immediately after scheduling. The only solution we've found is to delete the app and reboot the device, but the effect is not lasting long and this does not always help. Before updating to iOS 26, events also used to sometimes fire prematurely, but rescheduling the event often helped. Now the rescheduling happens almost every second and the events keep reaching the threshold prematurely. Can you suggest any workarounds for this issue?

Hi Everyone, We're experiencing a persistent issue where Apple's CDN returns SWCERR00301 Timeout for some of our associated domains, while other domains hosted on the exact same server work perfectly. Note: Using aliases below for privacy. "working.example.com" and "failing.example.com" are not our actual domains. The Problem Our app has multiple associated domains. When checking Apple's CDN: Working domain: $ curl -sD - "https://app-site-association.cdn-apple.com/a/v1/www.working.example.com" -o /dev/null HTTP/1.1 200 OK Apple-Origin-Format: json Cache-Control: max-age=21600,public Failing domain (same server, same IP, same AASA content): $ curl -sD - "https://app-site-association.cdn-apple.com/a/v1/www.failing.example.com" -o /dev/null HTTP/1.1 404 Not Found Apple-Failure-Reason: SWCERR00301 Timeout Apple-Failure-Details: {"cause":"context deadline exceeded (Client.Timeout exceeded while awaiting headers)"} Apple-Try-Direct: true Cache-Control: max-age=3600,public On device, swcutil dl -d www.failing.example.com returns SWCErrorDomain error 7, confirming the CDN has no valid cache. What We've Verified Both domains are hosted on the same server (same IP) and serve identical AASA files: HTTP 200, Content-Type: application/json, 229 bytes Valid JSON with correct appID Valid SSL certificates (Amazon RSA 2048), no redirects Both registered in the app's Associated Domains entitlement Response time < 500ms from multiple locations We simulated Apple's crawler locally: $ curl -H "User-Agent: com.apple.swcd (unknown version) CFNetwork/1568.200.51 Darwin/24.1.0" --connect-timeout 5 --max-time 5 -4 --tls-max 1.2 "https://www.failing.example.com/.well-known/apple-app-site-association" Result: 200 OK, 0.25s — well within the 5-second limit. We cannot reproduce the timeout from any network we've tested. Scope Out of 43 associated domains, 5 return 404 (Timeout) on Apple CDN while the other 38 work fine. All 43 domains serve valid AASA files from the same server infrastructure. What We've Tried Verified AASA content, headers, SSL, and response times for all domains Submitted new TestFlight builds to trigger re-crawl — timeout persists The failing CDN cache (max-age=3600) expires every hour, but Apple's crawler keeps timing out on retry No WAF or rate-limiting rules that would block Apple IPs (17.0.0.0/8) Impact The failing domain is our primary email campaign domain. Universal Links not working means newsletter links open in the browser instead of the app, affecting millions of email recipients daily. Questions Is there a way to request Apple's CDN to refresh/invalidate the cache for specific domains? Could the Apple crawler be experiencing connectivity issues to our server (AWS us-west-2) for specific SNI hostnames? We have 43 associated domains — could the volume affect crawl reliability? Is there an internal team we can escalate this to for CDN-side investigation? Any guidance would be greatly appreciated. Thank you!

I have made a screensaver for mac in swift, but couldn't find how to add an icon the logo image that shows up on saver file) and thumbnail (the cover image that shows up in the screensaver catalogue). Currently, it just shows a default blue spiral galaxy thumbnail and no icon image

I'm not sure if this is a recent issue, but I discovered NSIndexSet concurrency has a bug where not all indexes are enumerated. The following is a small sample demonstrating the issue in ObjC: NSLog(@"Hello, World! %@", NSProcessInfo.processInfo.operatingSystemVersionString); for (NSUInteger i = 0, n = 10; i < n; i++) { NSUInteger total = 301; NSMutableIndexSet *all = [NSMutableIndexSet indexSetWithIndexesInRange:NSMakeRange(0, total)]; NSIndexSet *pass = [all indexesWithOptions:NSEnumerationConcurrent passingTest:^BOOL(NSUInteger idx, BOOL *stop) { return true; }]; NSCAssert(all.count == pass.count, @"Mismatch #%ld %ld != %ld", i, all.count, pass.count); } Results on Version 26.4 (Build 25E246) look like Mismatch #0 297 != 301 Disabling concurrency (options:0) is a workaround. Feedback FB22447001

Hi all, I submitted a FamilyControls entitlement request on March 27, 2026. It has been 9 days with no confirmation or response of any kind. I also submitted a TSI today (Case ID: 102861687343). My app is live on the App Store and is built to use Screen Time APIs to block specific apps during user defined hours. I need FamilyControls, DeviceActivity, ManagedSettings, and ManagedSettingsUI approved for the main app and its extensions. Has anyone experienced similar wait times recently? Is there a way to check on the status of an entitlement request? Thank you, Max

I’m testing FinanceKit with Apple Cash and noticed that transfers don’t include any counterparty information. Here’s an example transaction I fetched: Transaction( id: 5A96EA49-B7C9-4481-949D-88247210C1D7, accountID: 28D7C0E2-DC2A-4138-B105-BCE5EE00B705, transactionAmount: 30 USD, creditDebitIndicator: .credit, transactionDescription: "Transfer", originalTransactionDescription: "", merchantCategoryCode: nil, merchantName: nil, transactionType: .transfer, status: .booked, transactionDate: 2025-08-19 21:57:54 +0000, postedDate: 2025-08-19 21:57:55 +0000 ) As you can see: transactionDescription is just "Transfer" originalTransactionDescription is empty merchantName is nil No counterparty details are exposed In contrast, the Wallet app clearly shows the other person’s name and avatar for Apple Cash transfers, making it easy to understand who the payment was with. In FinanceKit, there’s no way to distinguish between transfers with different people — every transfer looks identical. Questions Is there a hidden or planned field for Apple Cash counterparty information? Can FinanceKit provide at least minimal metadata (e.g., contact name, initials, or a privacy-preserving identifier)? Is there any workaround today to correlate Apple Cash transfers with contacts? Feature request: Please expose counterparty information for Apple Cash transfers. Even something as simple as a stable identifier or name string would enable developers to build Wallet-quality transaction detail screens. Thanks!

Device: iPhone 15 Pro Max, iOS 26.4 Xcode: Latest version, development signing with "Automatically manage signing" Team: Registered Apple Developer Program (Organization) Problem DeviceActivityReport SwiftUI view renders completely blank. The Report Extension's makeConfiguration(representing:) is never called (confirmed via App Group counter that stays at 0). The DeviceActivityMonitorExtension callbacks (intervalDidStart, eventDidReachThreshold) also never fire. What works AuthorizationCenter.shared.requestAuthorization(for: .individual) → .approved DeviceActivityCenter().startMonitoring() → registers schedules successfully, center.activities returns them ManagedSettingsStore.shield.applications → blocks apps correctly from the main app process Screen Time is enabled and actively collecting data (Settings > Screen Time shows per-app usage: Clash Royale 2h 35m, etc.) App Group UserDefaults(suiteName:) read/write works from the main app What doesn't work DeviceActivityReportExtension.makeConfiguration() is never called (callCount stays 0 in App Group) DeviceActivityMonitorExtension.intervalDidStart() is never called No extension callbacks fire at all — the extension process is never launched by iOS Confirmed it's NOT our app's issue We created a brand new Xcode project from Apple's template: File > New > Project > App File > New > Target > Device Activity Report Extension Added Family Controls capability to both targets Embedded DeviceActivityReport view in ContentView with daily filter Built and ran on the same device Result: Same blank screen. The template project's Report Extension also never renders any data. Console errors Failed to locate container app bundle record. The process may not be entitled to access the LaunchServices database or the app may have moved. (501) personaAttributesForPersonaType for type:0 failed with error Error Domain=NSCocoaErrorDomain Code=4099 "The connection to service named com.apple.mobile.usermanagerd.xpc was invalidated: Connection init failed at lookup with error 159 - Sandbox restriction." LaunchServices: store (null) or url (null) was nil: Error Domain=NSOSStatusErrorDomain Code=-54 "process may not map database" Attempt to map database failed: permission was denied. This attempt will not be retried. Failed to initialize client context with error Error Domain=NSOSStatusErrorDomain Code=-54 "process may not map database" What we've tried Deleting app, rebooting device, reinstalling Re-requesting FamilyControls authorization on every launch Embedding extensions with "Embed & Sign" (not just "Embed Without Signing") Verified all 3 .appex files are in PlugIns/ directory at runtime Verified App Group (group.com.parentguard.app) is accessible Verified all App IDs and capabilities registered in Apple Developer portal Tried different DeviceActivityFilter configurations (daily, hourly) Placed DeviceActivityReport view at root of view hierarchy Clean build, new provisioning profiles Extensions embedded [Diagnose] Found extension: DeviceActivityReportExtension.appex [Diagnose] Found extension: DeviceActivityMonitorExtension.appex [Diagnose] Found extension: ShieldConfigurationExtension.appex Question Has anyone gotten DeviceActivityReport or DeviceActivityMonitorExtension to work on iOS 26.4 with a development-signed build from Xcode? Is there a specific configuration or workaround that makes the extension process launch? The Sandbox restriction error (159) on usermanagerd.xpc seems to be the root cause — is there an entitlement or device setting we're missing?

Hi everyone, I’m the developer of one sec, an app used by a large number of users globally to reduce time spent on social media and to build healthier digital habits. Because of this, we rely heavily on Apple’s Screen Time / DeviceActivity / FamilyControls, ManagedSettings APIs – and unfortunately, we’re seeing increasingly severe issues in production that directly impact hundreds of thousands of real iOS users. During the past years, we have been busy filing dozens of feedback requests for different Screen Time issues – and there has been no response from Apple at all. Developer Relations might be able to "confirm" that the bugs are present and that they ended up with the right team – but they are never addressed, neither are workarounds provided. Instead, the situation gets worse and worse. iOS 26 introduced a series of heavy regressions (which have been reported via Apple’s official bug report tool "Feedback Assistant" on iOS 26 beta 1 in June 2025 – and have not been addressed 10 Months later). This is very frustrating for us as developers, but also for our end-users who run into these issues every day. In the end this impacts our ability to build an amazing product and hurts revenue (which affects both us and Apple). 1. DeviceActivity thresholds are not firing at all This affects both: our app’s usage of the API and Apple’s own Screen Time limits Radars: FB22304617, FB20526837, FB15491936, FB12195437, FB15663329, FB18198691, FB18289475, FB19827144 2. Screen Time usage data is clearly corrupted Websites showing hundreds of hours per week Up to ~20 hours per day of usage reported for a single domain Radars: FB22304617, FB17777429, FB18464235 3. DeviceActivity thresholds reaching threshold immediately Newly introduced with iOS 26 Reported on iOS 26 beta 1 in June No response so far / no workaround DeviceActivity calls didReachThreshold immediately after creating the DeviceActivityEvent – instead of waiting till the defined threshold is actually reached. Radars: FB13696022, FB18351583, FB21320644, FB18927456, FB18061981 4. Randomly Randomizing ApplicationTokens From time to time, and without consistency, Screen Time suddenly provides new, random, unknown tokens to my app in the ShieldConfigurationDataSource and ShieldActionDelegate. This has been reported on many times before here on the dev forms, many many years back already: https://forums.developer.apple.com/forums/thread/756440 https://forums.developer.apple.com/forums/thread/758325 https://forums.developer.apple.com/forums/thread/758325?answerId=793267022#793267022 Radars: FB14082790 and FB18764644 5. Moving Tokens from one ManagedSettingsStore to Another Removing an ApplicationToken from one SettingsStore and then adding it to another while the target app remains in foreground leads to the re-use of the ShieldConfiguration. Which can be wrong in many scenarios. It is not possible to request a re-request of the ShieldConfiguration in that scenario. Radar: FB14237883 6. Unable to Open Parent App (one sec) from Shield Many times, when a target app is blocked by a shield, the user wants to perform some action (e.g. to unlock more time for the target app via an intervention). That means, that somehow I have to forward the user from a ShieldActionDelegate back into my target app. Unfortunately, there’s no API for that. Many apps on the App Store rely on private API to achieve that, but that’s too risky for a popular app like one sec. Radar: FB15079668 7. Unable to Open Target App from an ApplicationToken When a user has completed an intervention within one sec, and they indend to to continue to the target app, there is no way that one sec can open the target app just from the token alone. Sure, there are URL schemes, but that means the user has to manually assign URL schemes to each ApplicationToken. That is not a very user friendly process (and in many cases impossible, because not every app registers URL schemes). It would be better if there was a way that my app could open a target app directly from an ApplicationToken, e.g. via an AppIntent that can be run on a button press. This way, the selected apps would remain fully private while still offering advanced functionality: struct OpenTargetAppIntent: AppIntent, OpenAppFromApplicationTokenIntent { func perform() { return .result(openAppFromApplicationToken: applicationToken) } } Radar: FB15500695 Summary Thanks a lot for taking the time to read my feedback. If you have any questions, please feel free to reach out to me any time. I’m always happy to provide more details, logs, and steps to reproduce in my radars / feedback requests or in-person in Cupertino. It would be extremely helpful if someone from the Screen Time / DeviceActivity engineering team could: Take a look at the listed radars. Work on bug fixes and be transparent about when fixes will be shipped. Provide workarounds in the meantime. We genuinely want to build great, reliable experiences on top of Screen Time – but in its current state, it’s becoming very difficult to depend on. – Frederik

Hi there, Starting with iOS 26.2 RC, all my DeviceActivityMonitor.eventDidReachThreshold get activated immediately as I pick up my iPhone for the first time, two nights in a row. Feedback: FB21267341 There's always a chance something odd is happening to my device in particular (although I can't recall making any changes here and the debug logs point to the issue), but just getting this out there ASAP in case others are seeing this (or haven't tried!), and it's critical as this is the RC. DeviceActivityMonitor.eventDidReachThreshold issues also mentioned here: https://developer.apple.com/forums/thread/793747; but I believe they are different and were potentially fixed in iOS 26.1, but it points to this part of the technology having issues and maybe someone from Apple has been tweaking it.

When I use the FinanceKit API to get the account balance history for my Apple Cash account, the data shows that I have $1 as a debit. The accounts endpoint reveals that the Apple Cash account is an asset account. This means that according to the FinanceKit data my account balance is -$1. However, I know this is incorrect because when I look at my Apple Cash account using the Wallet app I see that I have a balance of $1 (see image below). I believe the issue is the creditDebitIndicator’s value in the Account Balance data. Here are the steps to recreate this. Open new Apple Cash account Send $1 to Apple Cash account Query accountBalanceHistory with a nil history token (to fetch all data) Look at the account balance data and see the $1 and “debit” for creditDebitIndicator Also, the documentation says that an asset account with a balance of $0 will have creditDebitIndicator/Credit, however, I am getting creditDebitIndicator/Debit. See https://developer.apple.com/documentation/financekit/balance/creditdebitindicator Here is a formatted output of the data from FinanceKit showing my balance_history. Please note that the transaction history's creditDebitIndicator value is correct. This leads me to believe it’s some issue with FinanceKit, but I am not sure. Any help is greatly appreciated. "balance_history": [ { "inserted": [ { "id": "A", "account_id": "X", "available": { "amount": { "amount": 0, "currency_code": "USD" }, "as_of_date": "2026-03-30T17:02:51Z", "credit_debit_indicator": "debit" }, "booked": { "amount": { "amount": 0, "currency_code": "USD" }, "as_of_date": "2026-03-30T17:02:51Z", "credit_debit_indicator": "debit" }, "currency_code": "USD" } ], "deleted": [], "updated": [] }, { "inserted": [ { "available": { "as_of_date": "2026-04-02T13:12:48Z", "credit_debit_indicator": "debit", "amount": { "amount": 1, "currency_code": "USD" } }, "id": "B", "booked": { "amount": { "amount": 1, "currency_code": "USD" }, "as_of_date": "2026-04-02T13:12:48Z", "credit_debit_indicator": "debit" }, "currency_code": "USD", "account_id": "X" } ], "updated": [], "deleted": [] }, { "updated": [ { "id": "B", "booked": { "as_of_date": "2026-04-02T13:12:48Z", "credit_debit_indicator": "debit", "amount": { "currency_code": "USD", "amount": 1 } }, "account_id": "X", "currency_code": "USD", "available": { "credit_debit_indicator": "debit", "amount": { "amount": 1, "currency_code": "USD" }, "as_of_date": "2026-04-02T13:12:48Z" } } ], "deleted": [], "inserted": [] }, ], Xcode Version 26.4 (17E192) iOS 26.3.1 (23D8133) iPhone 14

Nothing ruins the vibe of a clean file like a yellow warning banner, especially for something that was working perfectly fine yesterday. The "problem" isn't that your code is broken; it’s just that Apple is getting stricter about text encodings in the latest OS versions. They want you to explicitly state how the file should be read (e.g., UTF-8) rather than letting the system guess. On line 30, you just need to add the encoding parameter. For 99% of text files, .utf8 is what you want. Change this: let contents = try String(contentsOf: fileURL) To this: let contents = try String(contentsOf: fileURL, encoding: .utf8) Why is this happening? The Deprecation: As of macOS 15 (and iOS 18), the version of String(contentsOf:) that doesn't require an encoding is officially deprecated. The Logic: Without an explicit encoding, the system tries to "guess" if the file is UTF-8, Windows-1252, etc. If it guesses wrong, you get weird symbols or a crash. By forcing you to add , encoding: .utf8, Apple ensures your code is more predictable and stable. Once you add that one extra argument, that warning should vanish instantly!

By analysis the log, seems the following 3 calls has been ended by system callkit (Not mainly trigger the end call): @apple Do you have similar report that the iOS CallKit End the call withtour user action? Device info: iPhone18,1（iPhone 16 Pro） iOS 26.2 RCAppMobile/25.4.30.995 CTRadioAccessTechnologyNR（5G NR）

Original discussion pre iOS 26 Our app uses Auth0 with HTTPS callback, we've found the issue where AASA file is not ready immediately when app is initially launched, which is the exact issue from the above link. The issue seems mostly fixed on later versions on iOS 18, however, we are seeing some indications of a regression on iOS 26. Here's some measurement over the last week. | Platform | iOS 18 | iOS 26 | |---------------|----------|--------| | Adoption rate | 55% | 45% | | Issue seen | 1 | 5 | | Recover? | Yes | No | This only 1 iOS 18 instance was able to recover after 1 second after the first try, however, all iOS 26 instances were not able to recover in couple tens of seconds and less than 1 minute, the user eventually gave up. Is there a way to force app to update AASA file? Are there some iOS setting (like using a VPN) that could potentially downgrade the AASA fetch? Related Auth0 discussion: https://community.auth0.com/t/ios-application-not- recognizing-auth0-associated-domain/134847/27

Does Apple use a time series database to store sensorkit data? Would it make sense to use something like InfluxDB?

I've looked around quite a bit at the EventKit documentation and done all the searching I could think of, as well as examining the EKCalendar and EKEventStore types. Trying to find out how to view, modify, and create groups of reminders lists.

Hi everyone! I’m building Delta — an app designed to rethink time, because time is literally our most valuable currency. So the core mechanic involves earning time in useful apps and then spending it on apps that are a distraction. I already have a prototype that’s being actively tested in a closed beta, but I’ve started noticing that more and more testers are reporting the same bug. “Time is being counted even when I'm not in the app I marked as useful.” I suspect that Screen Time is also tracking background time, although this behavior isn't correct for my app. Does anyone know how to track specifically those moments when an app marked as useful and used for “time-earning” is in the foreground? Additionally, I hit a wall with Screen Time and had to accept that I can’t force a user away from another app if they’re active there, nor redirect them to my app to trigger the lock screen. Because of this, I had to resort to a penalty system, which is equal to the time the user spent additionally after their time ran out. And here, I run into the same problem I described at the beginning of the post. I can’t track the background status of another app, even though I’m trying really hard... Can anyone suggest any ways I can get out of this situation, or should I keep looking for a solution, or shift toward explaining this to the user?.. (However, I’m holding out until the very end before giving up on finding a solution)

HTTP status code: 401. Invalid credentials. Username or password is incorrect. Use the app-specific password generated at appleid.apple.com. Ensure that all authentication arguments are correct. I double checked every thing but still getting same error