Hello, The purpose of "Screen Time Passcode" under Settings/Screen Time is to protect Screen Time preferences and it is asked every time the user updates Downtime, App Limits, Content & Privacy Restrictions and so on. But the private passcode is not requested if the user disables Screen Time for a particular app (only Face ID or phone passcode is requested, but not the private Screen Time passcode). I think this is a mistake, I think the purpose of a private Screen Time passcode is to protect all settings, including apps that use this API, right? Is there any solution to this? Thank you.

Hello, I’m currently reviewing and implementing age assurance and parental approval flows using AgeRangeService and PermissionKit (AskCenter) in the context of Texas regulatory compliance requirements. While the high-level APIs are clear, there are several technical aspects where the intended usage patterns are not fully explicit in the documentation. Clarification on these points would help ensure our implementation aligns with system expectations and regulatory obligations. ⸻ Querying the current approval state for SignificantAppUpdateTopic AskCenter.ask(...) returns Void, and AskCenter.responses(for:) provides an AsyncSequence of approval events. Is there an official or recommended way to determine whether a SignificantAppUpdateTopic has already been approved when the app launches, or is listening for future responses events the only supported mechanism? ⸻ Behavior of AskCenter.responses(for:) regarding past approvals When subscribing to AskCenter.responses(for:): • Does the stream replay previously recorded approval or decline decisions? • Or does it only emit events that occur after subscription? This affects whether the listener must be registered early in the app lifecycle. ⸻ Recommended lifecycle timing for registering a responses(for:) listener What is the intended or recommended time to register a responses(for:) listener? • At application launch • Immediately before calling ask(...) • When entering a specific gated feature Clarification on the expected lifecycle usage would be helpful. ⸻ Repeated calls to ask(...) after approval If AskCenter.ask(...) is called again for the same SignificantAppUpdateTopic after parental approval has already been granted: • Is the request ignored? • Is a new approval request sent to the parent? • Or is the call handled idempotently by the system? ⸻ Delivery of approval results when the child app is not running If a parent approves or declines a SignificantAppUpdateTopic while the child app is not running: • Will the approval decision be delivered as a responses(for:) event on the next app launch? • Or is the app expected to persist approval state locally? ⸻ Persistence of approval state Is the approval decision for SignificantAppUpdateTopic persisted by the system at the OS level, or is the app responsible for storing approval state? Additionally, does the approval persist across: • app restarts? • app deletion and reinstallation? ⸻ Meaning of activeParentalControls.significantAppChangeApprovalRequired How is activeParentalControls.significantAppChangeApprovalRequired determined? • Is this value explicitly configured by a parent (for example via Screen Time)? • Or is it automatically determined by the system based on region, age, or regulatory requirements? ⸻ Relationship between significantAppChangeApprovalRequired and AgeRangeService When activeParentalControls contains significantAppChangeApprovalRequired, is it still expected that apps call AgeRangeService.requestAgeRange(...)? Or can the presence of this flag be treated as sufficient indication that the user is a minor for gating purposes? ⸻ Recommended interpretation of AgeRangeDeclaration Is the intended usage of AgeRangeDeclaration to handle each case individually, or is it acceptable and recommended to interpret the values as different trust levels (for example, self-declared vs. government ID or payment verified)? ⸻ Clarification on these points would help ensure that implementations of age assurance and parental approval flows are consistent with system behavior while meeting regulatory compliance requirements. Thank you for your guidance.

We persist ApplicationTokens in a storage container that ShieldConfigurationExtension has access to. In rare, cases all the ApplicationTokens for a user seem to change. We know this because the Application parameter passed into configuration(shielding application: Application) -> ShieldConfiguration function has a Token that does not match (using == ) any of the ones we are persisting in storage. Interestingly, the persisted ones still work, so I don't believe storage has gotten corrupted or anything. We can use them to add or remove shields, we can use them to display labels of the apps they represent, etc. But they don’t match what’s passed into the ShieldConfiguration extension. If the user goes into the FamilyPicker at this point and selects an app of a token that we are already persisting, the FamilyPickerSelection will have a token matching the new one that is passed into ShieldConfigurationExtension, not the one we persisted when they last selected that app. This leads me to believe the tokens are updated/rotated in some cases. When and why does this happen, and how can we handle it gracefully?

Since iOS 18.4 and macOS 15.4 updating the calendar of an (ek)event (to another accounts calendar) or detaching an repeating event throws an error while saving: "Access denied" EKEventStore.save(event, span: .thisEvent, commit: true) catch { "Access denied" }

I'm trying to digest and understand the new set of APIs relating age verification that were released last week. I have say that without some cohesive overview, example app, just a simple diagram showing the relationship of everything, its not at all clear to me what's going on nor what an app developer is expected to do to use these apis (I'm a senior engineer with 15 year's iOS experience, but hey maybe I'm just a bit slow in the head). I have a few questions, but the topic of this post is what is the relationship between age verification i.e. between the declared age range/significant change and Permission Kit? The documentation for the former mentions the Significant Change API/Topic (https://developer.apple.com/news/?id=2ezb6jhj / https://developer.apple.com/documentation/PermissionKit/SignificantAppUpdateTopic). Now the Significant Change Topic is documented as being part of PermissionKit, however the documentation for that (https://developer.apple.com/documentation/permissionkit) States emphatically at the top: "Communication experiences using the PermissionKit framework are only available using iMessage." Meaning you can't use PermissionKit for anything other than iMessage? If it doesn't mean that, then why does it state so? If it does mean that, then how does an app which has nothing to do with iMessage make use of Significant Change - because this documentation:https://developer.apple.com/news/?id=2ezb6jhj Is talking about using significant change for all apps, not iMessage. So there is a contradiction here.

Hi! Sms reporting is no longer available in iOS beta 26 builds. I can set my app as the SMS/Call Reporting Extensions but the report button is missing for sms messages in the messages app. Xcode 26 beta 7 build the app without errors. This is a breaking change. Same extension was previously broken for calls but has been fixed in beta 7 build, as reported here. It is however still missing for sms messages in the messages app (beta 9 build).

All of my apps stopped working with WeatherKit this morning. They all return an "Error Domain=WeatherDaemon.WDSJWTAuthenticatorServiceListener.Errors Code=2" error. I am certain that the WeatherKit capability added (in project) and enabled as a Capability & App Service (on developer portal for the identifier). All other iCloud features of my apps are working as expected. I have also done all the normal troubleshooting using codesign / security cms, etc. to verify entitlements. I created the following simple project to verify the integration. import WeatherKit import CoreLocation struct ContentView: View { @State private var temp: Measurement<UnitTemperature>? = nil var body: some View { VStack { if let t = temp { Text("\(t.value.rounded())°\(t.unit.symbol)") } else { Text("Fetching…") .task { let service = WeatherService() do { let location = CLLocation(latitude: 50.318668, longitude: -114.917710) let weather = try await service.weather(for: location, including: .current) temp = weather.temperature } catch { print("Error:", error) } } } } } } Any ideas what may be happening?

Our app includes showing external web service with WebView or Safari and returning to the app with custom URL scheme or universal link. When we set "Hide and Require Face ID" feature which was available on iOS 18, neither custom URL scheme nor universal link activated the app. If we only set "Require Face ID", the deep link worked properly. Here is what we've tried: Define custom URL scheme or universal link in the app https://developer.apple.com/documentation/xcode/defining-a-custom-url-scheme-for-your-app https://developer.apple.com/documentation/xcode/supporting-universal-links-in-your-app Implement external web service with one of the following frameworks ASWebAuthenticationSession https://developer.apple.com/documentation/authenticationservices/aswebauthenticationsession/ SFSafariViewController https://developer.apple.com/documentation/safariservices/sfsafariviewcontroller Safari WKWebView https://developer.apple.com/documentation/webkit/wkwebview On iOS 18 device, install the app and set "Hide and Require Face ID" Access external web page and tap the link which activates custom URL scheme or universal link We expected the deep link to work, but the results were: Custom URL scheme &amp;amp; ASWebAuthenticationSession/SFSafariViewController/Safari The system shows "Cannot open the page because the address is invalid" Custom URL scheme &amp;amp; WKWebView Nothing happens when tapping the link Universal link Directed to the server with associated domain file, but the system doesn't call the app which is defined in the associated domain file We tested the feature with the app built with Xcode16 beta 6, and the device with iOS 18 Seed 8(22A5350a). Does hide app feature support custom URL scheme and universal link?

Hi, On iOS 26 beta, calls can no longer be reported by swiping left on a call. This is unfortunately a breaking change. I have submitted a report on this on June with Feedback Assistant: FB17893517 I hope it will get some more exposure by posting here.

I’m hitting a WeatherKit JWT failure (WDSJWTAuthenticatorServiceListener Code = 2) at runtime even though the entitlement is present in both the signed binary and the embedded provisioning profile. Environment Team ID 5SZLQLQ9MD Bundle ID ParkProfessor.ParkProfessorDisneyland Device / OS iPhone 15 Pro · iOS 17.4.1 (hardware, not simulator) Xcode 15.3 (15E204a) Console output Failed to generate jwt token for: com.apple.weatherkit.authservice Error Domain=WeatherDaemon.WDSJWTAuthenticatorServiceListener.Errors Code=2 "(null)" Entitlement & profile snippets codesign -d --entitlements :- WeatherKitTest.app | grep -A2 weatherkit com.apple.developer.weatherkit security cms -D -i embedded.mobileprovision | grep -A2 weatherkit com.apple.developer.weatherkit What I’ve already tried Regenerated a new development certificate and a new iOS App Development provisioning profile with WeatherKit enabled. Confirmed the capability is selected in Certificates ▸ Identifiers ▸ Profiles and added in Xcode target settings. WeatherKit Terms of Service accepted in the portal. Deleted the app, removed any device management profiles, rebooted the phone, clean-built & ran again. Reproduced the issue in a minimal SwiftUI app that calls: WeatherService.shared.weather(for: CLLocation(latitude: 33.8121, longitude: -117.9190), including: .current) – same Code 2 error. Request It looks like the App ID may need a backend entitlement sync. Could someone from the WeatherKit team please check the status for Team 5SZLQLQ9MD, Bundle ID ParkProfessor.ParkProfessorDisneyland and enable WeatherKit token generation? Thanks!

In recent versions, the increase in background abnormal exits is significant. According to monitoring data, it is closely related to the iOS 26 system. Could you please look into the reasons or provide some suggestions for troubleshooting the issue?

I put a test.mp3 (30 sec) file into the App Bundle. I scheduled an AlarmKit alarm with the file name test.mp3. The custom sound plays ✅ I copied the file from the App Bundle to Library/Sounds/test2.mp3. I scheduled an AlarmKit alarm with the file name test2.mp3. Instead of playing the custom sound, it falls back to the default sound ❌ According to the documentation, sounds placed in Library/Sounds should be playable: I filed report FB19779004 on August 20, but haven’t received any response yet. This functionality is critical for our use case, so could you please let me know whether this is expected to be fixed soon, or if I’m misunderstanding the intended behavior?

Environment: Xcode 26 iOS 26 Also tested on iOS 18 (working correctly) Description: I'm experiencing a behavior change with URL(fileURLWithPath:) when the filename starts with a tilde (~) character. On iOS 18, passing a filename like ~MyFile.txt to URL(fileURLWithPath:) treats the tilde as a literal character. However, on iOS 26, the same code resolves the tilde as the home directory, resulting in unexpected output. Minimal Example: let filename = "~MyFile.txt" let url = URL(fileURLWithPath: filename) print(url.lastPathComponent) Expected Result (iOS 18): ~MyFile.txt Actual Result (iOS 26): 924AF0C4-C3CD-417A-9D5F-733FBB8FCF29 The tilde is being resolved to the app's container directory, and lastPathComponent returns the container UUID instead of the filename. Questions: 1. Is this an intentional behavior change in iOS 26? 2. Is there documentation about this change? 3. What is the recommended approach for extracting filename components when the filename may contain special characters like ~? Workaround: Using NSString.lastPathComponent works correctly on both iOS versions: let filename = "~MyFile.txt" let result = (filename as NSString).lastPathComponent // Returns: "~MyFile.txt" ✅ Is this the recommended approach going forward?

I'm currently using Swift to write an independent Apple Watch app for watchOS 7+. My app uses Location Services, and in case the user doesn't allow that at first, I'd like to have a button inside my watchOS app to send my user to the part of the Settings app (inside watchOS) where he can give the appropriate permissions for the app. I know that in iOS/macOS you can use the openSettingsURLString string from UIApplication to do what I want, but it's not available in watchOS and I haven't found any equivalent resource inside the WKExtension class (normally the equivalent for UIApplication in the watchOS environment). Does anyone know if there's any way to programatically open the Apple Watch Settings app from my watchOS app? I'm asking since as far as I understand asking for Location permissions again would not work since the user has already refused to allow the permissions before, making the authorization status "denied". I understand as well that there's the possibility of showing a modal and directing the user to go to Settings and allow the use of location services (as in "Please go to Settings > Privacy > Location Services > [AppName] to allow the use of location services") but I'd like if I could direct the user there instead as one might do in iOS. The code below is what I'm trying to do - but (of course) it crashes since I'm not actually passing any system URL. .alert(isPresented: $alertVisible) { Alert (title: Text("Please allow our app to use location services in order to get Weather Data"), message: Text("Go to Settings?"), primaryButton: .default(Text("Settings"), action: { WKExtension.shared().openSystemURL(URL(string: "")!) //UIApplication.shared.open(URL(string: UIApplication.openSettingsURLString)!) }),

There is an inconsistent issue when views are rendered from the Device Activity Report Extension. This issue is noticeable only on release versions and it works fine in debug mode. Around 80% of the times, the Report Views return blank screen and this is only the case when a weekly/monthly filter is used. Although, it works as expected for daily report views. My questions are: How are all the Report Activity Views working fine in debug mode but not in release mode? How the daily activity filter works fine in the release mode but the weekly/monthly filters don't work? Is this because of a memory limit issue in the extension? As of now, I have the family-controls(distribution) entitlement only for the app and for the extensions I only have family-controls(development) entitlement. Do I need to request for family-controls(Distribution) entitlement even for the extensions? I have seen threads on the forum mentioning the blank screen issue associated with the DeviceActivityReport but haven't found a solution to it. Any suggestions/feedback would be of great help, thanks.

We recently released an update to our app to prepare for TX SB2420. Almost immediately on release, we started getting crash reports of crashes when calling isEligibleForAgeFeatures. Crashed: com.apple.root.user-initiated-qos.cooperative EXC_BAD_ACCESS KERN_INVALID_ADDRESS 0x0000000000000004 Is it possible that these are beta users that have IOS 26.2 RC or is there a bug in the release version of IOS 26.2? Note: The crash reports are coming from Crashlytics so we are not getting OS build identifiers other than version "26.2"

Hello everyone. I use Translation Framework in my application. During development everything was fine, Translation framework worked well, but after two or three days of using the production version (that was published in AppStore and available for others also!) - my application stopped working. Translation framework gives errors: Error sending 1 paragraphs Error Domain=TranslationErrorDomain Code=16 "Translation failed" UserInfo={NSLocalizedDescription=Translation failed, NSLocalizedFailureReason=Offline models not available for language pair} Failed to translate input 0; returning error: Error Domain=TranslationErrorDomain Code=16 "Translation failed" UserInfo={NSLocalizedDescription=Translation failed, NSLocalizedFailureReason=Offline models not available for language pair} Received unbridged NSError to API, converting to .internalError: Error Domain=TranslationErrorDomain Code=16 "Translation failed" UserInfo={NSLocalizedDescription=Translation failed, NSLocalizedFailureReason=Offline models not available for language pair} Once again - it worked when I developed it, it was released on the AppStore, and suddenly it stopped working!

I am trying to set up a message filter extension that will use shared web credentials for basic auth when calling to its ILMessageFilterExtensionNetworkURL. I have associated domains set up for both "messagefilter:" and "webcredentials:" and the message filter IS correctly calling the ILMessageFilterExtensionNetworkURL with each message - so that part is working. As detailed here, I have set up Shared Web Credentials and my view controller is using SecAddSharedWebCredential() to save the creds to the correct domain. Using Authorization services, the creds are auto-filled into my app's login screen. When I go under Settings > Passwords, I see the creds are saved and they are the correct creds to the corrent website that matches ILMessageFilterExtensionNetworkURL. Regardless of all of this, the deferQueryRequestToNetwork() refuses to use the creds and implement Basic Auth in its URL call. It makes the call to the correct URL, it just won't use the Shared Web Creds for basic auth. Any help would be greatly appreciated.

PDFKit PDFPage.characterBounds(at: Int) is returning incorrect coordinates with iOS 18 beta 4 and later / Xcode 16 beta 4. It worked fine in iOS 17 and earlier (after showing the same issue during the early iOS 17 beta cycle) It breaks critical functionality that my app relies on. I have filed feedback (FB14843671). So far no changes in the latest betas. iOS release date is approaching fast! Anybody having the same issue? Any workaround available?

Hi, we are developing a screen time management app. The app locks the device after it was used for specified amount of time. After updating to iOS 26.2, we noticed a huge issue: the events started to fire (reach the threshold) in the DeviceActivityMonitorExtension prematurely, almost immediately after scheduling. The only solution we've found is to delete the app and reboot the device, but the effect is not lasting long and this does not always help. Before updating to iOS 26, events also used to sometimes fire prematurely, but rescheduling the event often helped. Now the rescheduling happens almost every second and the events keep reaching the threshold prematurely. Can you suggest any workarounds for this issue?