Team-scoped keys introduce the ability to restrict your token authentication keys to either development or production environments. Topic-specific keys in addition to environment isolation allow you to associate each key with a specific Bundle ID streamlining key management. For detailed instructions on accessing these features, read our updated documentation on establishing a token-based connection to APNs.

How do I make a basic request with URLSession? See https://stackoverflow.com/questions/30573898 for reference. Also https://developer.apple.com/documentation/ has details.

URLSession question

The AppIntent feature is available on tvOS since OS 16. https://developer.apple.com/documentation/appintents I tried a real basic integration where I just want simply open a specific tab in my tabbar. But the perform action gets never called. Is it really possible already to use AppIntent on tvOS? Or is this feature still mostly targeted for mobile devices? Also, the documentaiton says so often something about shortcuts app and features, that are not available on tvOS, that I started doubting that the AppIntent is really usable on tvOS. If AppIntents are available and usable for tvOS, what could be wrong, so that I do not see the expected results?

I haven’t been able to get this to work at any level! I’m running into multiple issues, any light shed on any of these would be nice: I can’t implement a bloom filter that produces the same output as can be found in the SimpleURLFilter sample project, after following the textual description of it that’s available in the documentation. No clue what my implementation is doing wrong, and because of the nature of hashing, there is no way to know. Specifically: The web is full of implementations of FNV-1a and MurmurHash3, and they all produce different hashes for the same input. Can we get the proper hashes for some sample strings, so we know which is the “correct” one? Similarly, different implementations use different encodings for the strings to hash. Which should we use here? The formulas for numberOfBits and numberOfHashes give Doubles and assign them to Ints. It seems we should do this conversing by rounding them, is this correct? Can we get a sample correct value for the combined hash, so we can verify our implementations against it? Or ignoring all of the above, can we have the actual code instead of a textual description of it? 😓 I managed to get Settings to register my first attempt at this extension in beta 1. Now, in beta 2, any other project (including the sample code) will redirect to Settings, show the Allow/Deny message box, I tap Allow, and then nothing happens. This must be a bug, right? Whenever I try to enable the only extension that Settings accepted (by setting its isEnabled to true), its status goes to .stopped and the error is, of course, .unknown. How do I debug this? While the extension is .stopped, ALL URL LOADS are blocked on the device. Is this to be expected? (shouldFailClosed is set to false) Is there any way to manually reload the bloom filter? My app ships blocklist updates with background push, so it would be wasteful to fetch the filter at a fixed interval. If so, can we opt out of the periodic fetch altogether? I initially believed the API to be near useless because I didn’t know of its “fuzzy matching” capabilities, which I’ve discovered by accident in a forum post. It’d be nice if those were documented somewhere! Thanks!!

Hello team, We are using below example https://github.com/apple/pir-service-example as a starting point to setup PIR server for our backend, but I am not really understanding what else we need in this example to configure OHTTP gateway. Any help will be appreciated.

Many times the device totally lost connectivity, WIFI is completely down, no ip was assigned after device wakeup. From system log I can see BPF socket for DHCP was closed and detached right after attached to en0 in DHCP INIT phase, as result even the DHCP server sent back OFFER(I see server sent OFFER back from packet capture), but there is no persistent BPF socket since it is closed reception during the entire INIT phase. It is definitely an OS issue, is it a known issue? Please help understand Why BPF socket was close right after sending DISCOVER? Default 0x0 0 0 kernel: bpf26 attached to en0 by configd:331 2026-03-25 14:06:33.625851+0100 0x31dea Default 0x0 0 0 kernel: bpf26 closed and detached from en0 fcount 0 dcount 0 by configd:331 System log and packet capture attach, please check.

The M5 Pro does not connect to the Wi-Fi AP using RADIUS when NetworkExtension Activiate. The M1 and M2 Pro worked, but only the M5 Pro MacBook Pro did not work. If you deactivate NetworkExtension, it connects to the AP, and afterwards, it works even if you activate NetworkExtension.

We're developing a Mac App Store application that embeds the V8 JavaScript engine (via Electron). The application has shipped successfully on macOS 15.x with the following entitlements: com.apple.security.app-sandbox = true com.apple.security.cs.allow-jit = true com.apple.security.cs.allow-unsigned-executable-memory = true com.apple.security.cs.disable-library-validation = true On macOS 26 Tahoe, the exact same signed binary crashes deterministically within ~1.5 seconds on Apple Silicon with EXC_BREAKPOINT (SIGTRAP), ESR 0xf2000000. The crash is in V8's background JIT compilation thread when it attempts to manage memory page protections (transitioning pages between Read-Write and Read-Execute states via mprotect). The crash does not occur in these configurations: macOS 26 + App Sandbox + Intel x86_64 — works macOS 26 + Hardened Runtime (no sandbox) + ARM64 — works macOS 15.x + App Sandbox + ARM64 — works This appears to be a regression in how the XNU kernel handles mprotect calls for sandboxed processes on ARM64 under macOS 26, specifically in the context of the allow-jit entitlement. Has the behavior of allow-jit changed in macOS 26 with respect to runtime code generation memory management on ARM64? Is there a new API or entitlement that V8-style JIT engines should use instead of mprotect-based RW↔RX page transitions?

Summary I'm implementing NEURLFilter with the com.apple.developer.networking.networkextension.url-filter-provider entitlement for a system-wide URL filtering feature. The feature works perfectly in development-signed builds (connecting successfully to my PIR server over extended testing) but every production-signed build fails before any network call is made. NEURLFilterManager reports .serverSetupIncomplete (code 9). After installing the NetworkExtension debug profile, the unredacted com.apple.CipherML logs reveal the cause: no privacy proxy is provisioned for this bundle identifier, and the connection is configured proxy fail closed. Environment iOS 26 Entitlement: com.apple.developer.networking.networkextension.url-filter-provider Extension point: com.apple.networkextension.url-filter-control PIR server configured via NEURLFilterManager.setConfiguration(...) Privacy Pass issuer configured Dev-signed builds: working correctly, connecting to the PIR server Production-signed builds (both TestFlight and distribution): failing identically The Error Chain Surfaced to the app via NEURLFilterManager.lastDisconnectError: NEURLFilterManager.Error.serverSetupIncomplete (code 9) ← NEAgentURLFilterErrorDomain Code 3 ← com.apple.CipherML Code 1100 "Unable to query status" ← com.apple.CipherML Code 1800 (error details were logged and redacted) After installing the VPN (NetworkExtension) debug profile, the unredacted com.apple.CipherML subsystem shows: queryStatus(for:options:) threw an error: Error Domain=NSURLErrorDomain Code=-1009 "The Internet connection appears to be offline." UserInfo={ _NSURLErrorNWPathKey = satisfied (Path is satisfied), interface: en0[802.11], ipv4, dns, uses wifi, LQM: good, NSErrorFailingURLKey = https://<my-pir-server>/config, NSUnderlyingError = { Error Domain=NSPOSIXErrorDomain Code=50 "Network is down" }, _NSURLErrorPrivacyProxyFailureKey = true, NSLocalizedDescription = "The Internet connection appears to be offline." } The critical diagnostic line in the com.apple.network subsystem is: nw_endpoint_proxy_handler_should_use_proxy Proxies not present, but required to fail closed And the connection setup shows the proxy fail closed flag is mandatory for the connection: [C... ... Hostname#...:443 quic, bundle id: <my-bundle-id>, attribution: developer, using ephemeral configuration, context: NWURLSession (sensitive), proxy fail closed] start The network path itself is healthy (Wi-Fi good, DNS resolves correctly), but the connection is explicitly configured to fail closed if no proxy is present, and no proxy is provisioned for this bundle identifier. The entire failure happens in approximately 18 ms, far too fast for any network round-trip, confirming no traffic ever leaves the device. What I've Verified The entitlement is present in the distribution build The NEURLFilterControlProvider extension loads and returns a valid Bloom filter prefilter (with a tag that round-trips correctly between extension and framework) NEURLFilterManager.setConfiguration(pirServerURL:pirPrivacyPassIssuerURL:pirAuthenticationToken:controlProviderBundleIdentifier:) accepts all four parameters without error Development-signed builds of the same bundle identifier connect successfully to the same PIR server On production-signed builds, zero requests reach the PIR server — failure is purely client-side, before any network activity The Question How does the OHTTP privacy proxy get provisioned for a bundle identifier so that production builds can successfully use NEURLFilter? Specifically: Is there a Capability Request form I need to submit for url-filter-provider? I cannot find one in the Capability Requests section of my developer portal. Should I be running my own OHTTP gateway (for example using swift-nio-oblivious-http), and if so, does Apple then need to provision routing from their OHTTP relay to my gateway URL? Is the OHTTP relay path meant to be automatic once the entitlement is active, and if so, is there a specific activation step I'm missing? Is there any way to verify the current provisioning state for a specific bundle identifier from the developer portal? I can provide the full sysdiagnose and unredacted bundle/server details privately to an Apple engineer if that would help diagnose. I'd prefer to keep them out of a public post. Thanks!

I'm relatively new to socket networking, and am migrating an older project from CocoaAsyncSocket to Swift's native Network. The project utilises GCDAsyncUdpSocket.enableBroadcast(_ flag: Bool), but I don't know how to replicate this in Network. How do I enable UDP Broadcast on NWConnection?

Hi all, I submitted a FamilyControls entitlement request on March 27, 2026. It has been 9 days with no confirmation or response of any kind. I also submitted a TSI today (Case ID: 102861687343). My app is live on the App Store and is built to use Screen Time APIs to block specific apps during user defined hours. I need FamilyControls, DeviceActivity, ManagedSettings, and ManagedSettingsUI approved for the main app and its extensions. Has anyone experienced similar wait times recently? Is there a way to check on the status of an entitlement request? Thank you, Max

I've looked around quite a bit at the EventKit documentation and done all the searching I could think of, as well as examining the EKCalendar and EKEventStore types. Trying to find out how to view, modify, and create groups of reminders lists.

I am trying to provide my clients with subscribable calendar link so they can see their schedules from an App I have. I've got the basics working on building out the various fields for the VEVENT, however no matter what I have tried the LOCATION is always showing up as a text and not a location within Apple Maps that I can have them click on from the event. Any idea what the best way to go about this would be, and feeding the ICS an address, Apple Maps URL, GPS coordinates either in the location, Geo or the X-APPLE-STRUCTURED-LOCATION or combinations haven't been working. I am using/hosting on Google Scripts.

Overview I'm developing a document-based app for macOS using SwiftData. When I undo/redo changes using Command-Z/ Command-Shift-Z, the app randomly crashes with the following error: SwiftData/BackingData.swift:425: Fatal error: Failed to retrieve the identifier for \ChildItem.parentItem from KnownKeysDictionary:KnownKeysMap: ["parentItem": 2, "isModified": 1, "index": 0] values: [Optional(0), Optional(false), Optional(DocumentTest.ParentItem)] SwiftData._KKMDBackingData<DocumentTest.ChildItem> And sometimes, instead of the app crashing, my created @Model objects simply disappear. They do not reappear in the @Query on undo/redo. Both of these issues go away when I set modelContext.autosaveEnabled = false The issues are occurring with Xcode 26.4 (17E192) and macOS Tahoe 26.4 (25E246). I have modified the macOS Document App project template to showcase the issue. The project, along with a screen recording of the crash, can be downloaded from here: https://drive.google.com/drive/folders/1aDO34QleTm_rB9BuvVGjzzAP6jDXOc-o?usp=share_link Has anyone else experienced this? I'd like to know if this is a bug in the autosave feature of SwiftData and if I should file a bug report via Feedback Assistant. Steps to Reproduce To recreate the issue, follow these steps: Download and extract the "Xcode Project.zip" file linked above. Open the extracted "DocumentTest" project in Xcode. Build and run the "DocumentTest" app. In the document selection window, click "New Document" at the bottom-left. In the app, click the "+" button at the top-right to add a ParentItem with ChildItems. Click on the added ParentItem's button to modify one of its ChildItems. Repeat steps 5–6 until you have 5 ParentItems with a modified ChildItem. Press Command-Z 10 times to undo all the changes. Press Command-Shift-Z 10 times to redo all the changes. Repeat steps 8–9 until either the app crashes or some of the 5 ParentItems go missing in the list (you may have to repeat them 10–20 times before the issue occurs). If you change line 43 of ContentView.swift to modelContext.autosaveEnabled = false and repeat the same steps above, the app will not crash and no ParentItems will go missing. Code ParentItem Model @Model final class ParentItem { var timestamp: Date @Relationship( deleteRule: .cascade, inverse: \ChildItem.parentItem ) var childItems: [ChildItem] = [] init(timestamp: Date) { self.timestamp = timestamp } } ChildItem Model @Model final class ChildItem { var index: Int var isModified = false var parentItem: ParentItem? init(index: Int) { self.index = index } } Creating, Inserting, and Linking ParentItem and ChildItem // Create and insert ParentItem let newParentItem = ParentItem( timestamp: Date() ) modelContext.insert(newParentItem) // Create and insert ChildItems var newChildItems: [ChildItem] = [] for index in 0..<Int.random(in: 2...8) { let newChildItem = ChildItem(index: index) newChildItems.append(newChildItem) modelContext.insert(newChildItem) } /* Establish relationship between ParentItem and ChildItems */ newParentItem.childItems = newChildItems Modifying ChildItem let firstChildItem = parentItem.childItems .sorted(by: { $0.index < $1.index }).first if let firstChildItem, !firstChildItem.isModified { firstChildItem.isModified = true }

Device: iPhone 15 Pro Max, iOS 26.4 Xcode: Latest version, development signing with "Automatically manage signing" Team: Registered Apple Developer Program (Organization) Problem DeviceActivityReport SwiftUI view renders completely blank. The Report Extension's makeConfiguration(representing:) is never called (confirmed via App Group counter that stays at 0). The DeviceActivityMonitorExtension callbacks (intervalDidStart, eventDidReachThreshold) also never fire. What works AuthorizationCenter.shared.requestAuthorization(for: .individual) → .approved DeviceActivityCenter().startMonitoring() → registers schedules successfully, center.activities returns them ManagedSettingsStore.shield.applications → blocks apps correctly from the main app process Screen Time is enabled and actively collecting data (Settings > Screen Time shows per-app usage: Clash Royale 2h 35m, etc.) App Group UserDefaults(suiteName:) read/write works from the main app What doesn't work DeviceActivityReportExtension.makeConfiguration() is never called (callCount stays 0 in App Group) DeviceActivityMonitorExtension.intervalDidStart() is never called No extension callbacks fire at all — the extension process is never launched by iOS Confirmed it's NOT our app's issue We created a brand new Xcode project from Apple's template: File > New > Project > App File > New > Target > Device Activity Report Extension Added Family Controls capability to both targets Embedded DeviceActivityReport view in ContentView with daily filter Built and ran on the same device Result: Same blank screen. The template project's Report Extension also never renders any data. Console errors Failed to locate container app bundle record. The process may not be entitled to access the LaunchServices database or the app may have moved. (501) personaAttributesForPersonaType for type:0 failed with error Error Domain=NSCocoaErrorDomain Code=4099 "The connection to service named com.apple.mobile.usermanagerd.xpc was invalidated: Connection init failed at lookup with error 159 - Sandbox restriction." LaunchServices: store (null) or url (null) was nil: Error Domain=NSOSStatusErrorDomain Code=-54 "process may not map database" Attempt to map database failed: permission was denied. This attempt will not be retried. Failed to initialize client context with error Error Domain=NSOSStatusErrorDomain Code=-54 "process may not map database" What we've tried Deleting app, rebooting device, reinstalling Re-requesting FamilyControls authorization on every launch Embedding extensions with "Embed & Sign" (not just "Embed Without Signing") Verified all 3 .appex files are in PlugIns/ directory at runtime Verified App Group (group.com.parentguard.app) is accessible Verified all App IDs and capabilities registered in Apple Developer portal Tried different DeviceActivityFilter configurations (daily, hourly) Placed DeviceActivityReport view at root of view hierarchy Clean build, new provisioning profiles Extensions embedded [Diagnose] Found extension: DeviceActivityReportExtension.appex [Diagnose] Found extension: DeviceActivityMonitorExtension.appex [Diagnose] Found extension: ShieldConfigurationExtension.appex Question Has anyone gotten DeviceActivityReport or DeviceActivityMonitorExtension to work on iOS 26.4 with a development-signed build from Xcode? Is there a specific configuration or workaround that makes the extension process launch? The Sandbox restriction error (159) on usermanagerd.xpc seems to be the root cause — is there an entitlement or device setting we're missing?

Original discussion pre iOS 26 Our app uses Auth0 with HTTPS callback, we've found the issue where AASA file is not ready immediately when app is initially launched, which is the exact issue from the above link. The issue seems mostly fixed on later versions on iOS 18, however, we are seeing some indications of a regression on iOS 26. Here's some measurement over the last week. | Platform | iOS 18 | iOS 26 | |---------------|----------|--------| | Adoption rate | 55% | 45% | | Issue seen | 1 | 5 | | Recover? | Yes | No | This only 1 iOS 18 instance was able to recover after 1 second after the first try, however, all iOS 26 instances were not able to recover in couple tens of seconds and less than 1 minute, the user eventually gave up. Is there a way to force app to update AASA file? Are there some iOS setting (like using a VPN) that could potentially downgrade the AASA fetch? Related Auth0 discussion: https://community.auth0.com/t/ios-application-not- recognizing-auth0-associated-domain/134847/27

StoreKit2 Repro Notes: the latest renewal appears in Transaction.unfinished after restore (2026-04-05) 1. Issue Summary In the current project, during a normal cold launch: Transaction.latest(for:) returns a value for the weekly subscription Transaction.all returns the full subscription history chain Transaction.unfinished is empty However, after tapping Restore Purchases and calling AppStore.sync(), one "latest renewal" transaction appears in Transaction.unfinished. This behavior looks more like a system-side replay triggered by AppStore.sync() than a consistently unfinished transaction during a normal launch. 2. Affected Product Product: do.i.iapc.vip.week Transaction chain characteristics: All transactions belong to the same auto-renewable subscription chain originalTransactionID = 2000001143446796 The transaction that appears in unfinished is usually the latest or last renewal in the chain 3. Current Code Path During app startup: loadProducts() Debug snapshot for Transaction.latest(for:) Debug snapshot for Transaction.all Scan Transaction.unfinished refreshEntitlements() During restore purchases: Call AppStore.sync() Scan Transaction.unfinished refreshEntitlements() 4. Preconditions A Sandbox test account is used The weekly subscription do.i.iapc.vip.week already has multiple historical renewal transactions The subscription is already expired, so entitlements = 0 during a normal launch The issue is easier to reproduce on an iOS 26.4 device The issue was not consistently reproduced on another iOS 18.2 device 5. Reproduction Steps Path A: Normal cold launch Launch the app Observe the logs: LatestTransaction snapshot AllTransaction snapshot summary unfinished processing result Observed result: latest has a value all contains the full history chain unfinishedHandledCount = 0 Path B: Tap Restore Purchases Launch the app Tap Restore Purchases Trigger AppStore.sync() Observe the logs: restore started unfinished processing started unfinished transaction received Observed result: After restore, one "latest renewal" transaction appears in unfinished That same transaction does not necessarily appear during a normal cold launch 6. Expected Result If a transaction has already been successfully finished in the past, it should not appear again as unfinished after Restore Purchases. A stricter expectation is: During a normal cold launch, unfinished = 0 After tapping Restore Purchases, unfinished should still remain 0 7. Actual Result Actual behavior: Normal cold launch: unfinished = 0 After Restore Purchases: one "latest renewal" transaction appears again in unfinished This suggests that AppStore.sync() may replay the most recent historical subscription transaction. 8. Current Assessment Based on the current logs, the issue is more likely to be: Related to AppStore.sync() / StoreKit / Sandbox replay behavior on the system side Easier to reproduce on iOS 26.4 Less likely to be caused by a persistent app-side bug where finish() is missed during a normal startup flow Reasons: During a normal launch, unfinished = 0 The behavior is inconsistent across devices and OS versions, even with the same Sandbox account latest, all, and unfinished can be clearly separated during a normal cold launch 9. Suggested Engineering Position Suggested wording for internal or external communication: In the iOS 26.4 + Sandbox environment, calling AppStore.sync() may cause StoreKit to replay the latest historical subscription transaction into Transaction.unfinished. Since the same transaction does not necessarily appear during a normal cold launch, the issue currently looks more like a system/environment-specific behavior difference than an app-side bug where finish() is consistently missed during the regular startup path. 10. Additional Evidence That Can Be Collected If this needs to be escalated to the team or to Apple, the following would strengthen the report: Full log comparison before and after tapping Restore Purchases The same transactionId compared between normal launch and post-restore behavior Cross-device comparison on different iOS versions A minimal reproducible sample project and Sandbox test record

The most recent KDK for MacOS Sequoia that appears in the Downloads is for MacOS 15.5 (24F74), but the current version of MacOS Sequoia is 15.6 (24G84) and 15.7 (24G207) is in RC. Is there an ETA for the KDKs for 15.6 (24G84) and 15.7 (24G207) to be made available to download? Many thanks for any help.

Hi everyone! I’m building Delta — an app designed to rethink time, because time is literally our most valuable currency. So the core mechanic involves earning time in useful apps and then spending it on apps that are a distraction. I already have a prototype that’s being actively tested in a closed beta, but I’ve started noticing that more and more testers are reporting the same bug. “Time is being counted even when I'm not in the app I marked as useful.” I suspect that Screen Time is also tracking background time, although this behavior isn't correct for my app. Does anyone know how to track specifically those moments when an app marked as useful and used for “time-earning” is in the foreground? Additionally, I hit a wall with Screen Time and had to accept that I can’t force a user away from another app if they’re active there, nor redirect them to my app to trigger the lock screen. Because of this, I had to resort to a penalty system, which is equal to the time the user spent additionally after their time ran out. And here, I run into the same problem I described at the beginning of the post. I can’t track the background status of another app, even though I’m trying really hard... Can anyone suggest any ways I can get out of this situation, or should I keep looking for a solution, or shift toward explaining this to the user?.. (However, I’m holding out until the very end before giving up on finding a solution)

Hi all, I’m trying to determine whether the loudness gap I’m seeing between AlarmKit alert playback and normal app-managed playback is expected behavior, a sound-asset issue, or something that should be reported as a bug. Observed behavior When an alarm fires through AlarmKit while the device is locked, the alarm sound is significantly quieter than playback of the same or very similar audio once the app is active and using its own audio session. The difference is large enough that it does not feel like a small mastering difference. It feels like the AlarmKit / system alerting path is using a meaningfully lower effective output level than normal app playback. Test scenario My repro is roughly: Schedule an alarm with AlarmKit. Lock the device. Let the alarm fire and listen during the system alerting phase. Enter the app / continue into the app-driven alarm experience. Play the same or equivalent alarm asset via app-managed playback. Result: AlarmKit / lock-screen alerting phase sounds much quieter. In-app playback sounds noticeably louder and fuller on the same device. Current implementation Alarm flow is currently split into two paths: 1) System alarm path Alarm scheduling and alert surfacing via AlarmKit Device may be locked No attempt to manipulate system volume No private APIs 2) In-app playback path After app activation, playback uses: AVAudioSession category .playback AVAudioPlayer Audio is routed as normal app playback This path sounds substantially louder than the AlarmKit path Important detail I am not asking how to override system volume. I understand that AlarmKit appears to follow the system ringer / alert volume model and does not expose a public API for custom alarm loudness. My question is narrower: Is it expected that the same asset or an equivalent asset will sound materially quieter during the AlarmKit alerting phase than during ordinary app playback with AVAudioSession(category: .playback)? Questions Is the lower perceived loudness during AlarmKit alerting an expected property of the framework / system alarm path? Does AlarmKit playback use a different output path, gain policy, processing chain, or speaker treatment than normal app playback with .playback? Are there recommended authoring constraints for AlarmKit alarm sounds to maximize perceived loudness on iPhone speakers? transient-heavy mix stronger mids reduced low-end different LUFS / peak strategy shorter attack, etc. Has anyone measured this directly with: the same WAV / CAF file same device same system volume locked AlarmKit playback vs unlocked in-app playback If this is not expected, would Apple want this reported as a bug with: sample project exact iOS version device model screen recording / audio recording What I’m trying to figure out For alarm-app UX, this matters a lot because: AlarmKit is the most reliable lock-screen/system path. But if AlarmKit playback is substantially quieter than normal app playback, the alarm experience is inconsistent depending on device/app state. That makes it hard to know whether to treat this as: expected system behavior, a framework limitation, an asset/mastering problem, or a bug. If anyone has tested this in a controlled way or received guidance from Apple/DTS, I’d appreciate any technical detail. Thanks.