During Apple Pay in-app provisioning (EV_ECC_v2), our iOS app successfully obtains the issuer provisioning certificates and generates cryptographic material. The flow fails when Apple posts the card blob to Apple’s broker (card creation step), returning HTTP 500 from .../broker/v4/devices/{SEID}/cards. Steps: Call issuerProvisioningCertificates?encryptionVersion=EV_ECC_v2 → 200 OK; returns ECC leaf + Apple Root CA chain; nonce=2a831be4. 2. Build {encryptedCardData, activationData, ephemeralPublicKey} 3. POST /broker/v4/devices/{SEID}/cards Expected: 200 OK on /broker/v4/devices/{SEID}/cards, or 5xx with a descriptive error if payload/cryptography is invalid. Observed: 500 Internal Server Error from Apple broker on /cards (labeled “eligibility” in PassKit logs), causing a terminal failure in Wallet UI.

Apple's iCloud File Management documentation says to "avoid special punctuation or other special characters" in filenames, but doesn't specify which characters. I need a definitive list to implement filename sanitization in my shipping app. Confirmed issues Our iOS app (CyberTuner, App Store, 15 years shipping on App Store) manages .rcta files in the iCloud ubiquity container via NSFileManager APIs. We've confirmed two characters causing sync failures: Ampersand (&): A file named Yamaha CP70 & CP80.rcta caused repeated "couldn't be backed up" dialogs. ~12 users reported this independently. Replacing & resolved it immediately. No other files in the same directory were affected. Percent (%): A file with % in the filename was duplicated by iCloud sync (e.g., filename% 1.rcta, filename% 2.rcta), and the original was lost. Currently reproducing across multiple devices. Both characters have special meaning in URL encoding (% is the escape character, & is the query parameter separator), which suggests the issue may be in URL handling within the sync pipeline. What I'm looking for: A definitive list of characters that cause problems in the iCloud sync pipeline specifically — not APFS restrictions, but CloudDocs/FileProvider/server-side issues. Confirmation whether these characters are problematic: & % # ? + / : * " < > | Is there a system API for validating or sanitizing filenames for iCloud compatibility before writing to the ubiquity container? Our users are piano technicians who naturally name files "Steinway & Sons" — we need to know exactly what to sanitize rather than guessing. Environment: iOS 17–26, Xcode 26.1, APFS, NSFileManager ubiquity container APIs Bundle FEEDBACK ASSISTANT ID FB21900837

Hello! We've had reports of iOS devices 'waking up' and vibrating in response to the push notifications arriving but the notification itself is not being displayed to the user, despite having been granted the correct permissions. Is this a known issue?

Hello, In production, a large number of users experience outgoing call reporting fails with the following error: com.apple.CallKit.error.requesttransaction Code=2 The iOS version doesn't matter, errors are present in v15-26 Details My CXProvider held as a global singleton, so it’s unlikely to be deinited. There is no explicit call to CXProvider.invalidate() in the app. If I manually invalidate the CXProvider, I observe the expected failure when trying to create an outgoing call (com.apple.CallKit.error.requesttransaction error 2). However, If I recreate the CXProvider after the error, outgoing calls are reported correctly. Many users trigger the providerDidReset delegate method (CXProviderDelegate) before this error. According to the documentation, providerDidReset can be called by the system, and we are supposed to end all active calls, but the documentation doesn't suggest recreating the CXProvider. Question Should I recreate CXProvider after providerDidReset and forget about that, or could this error be caused by something else?

On and off I've been trying to figure out how to do hang detection in-application (at least from the user's point of view). Qualitatively what I'd like to do is have a process which runs sample(1) on the application after it's been unresponsive for more than a second or so. Basically, an in-app replacement for Spin Control. The problem I've been stuck on is: how do I tell? There used to be Core Graphics SPI (CGSRegisterNotifyProc with a value of kCGSEventNotificationAppIsUnresponsive) for doing this, but it doesn't work anymore (either due to sandboxing or system-wide security changes, I can't tell which but it doesn't matter). One thought I had was to have an XPC service which would expect to receive a checkin once per second from the host (via a timer set up by the host). If it didn't, it would start sample(1). This seems pretty heavyweight to me, since it means that once per second, I'm going to be consuming cycles to check in with the service. But I haven't been able to come up with a scheme that doesn't include some kind of check-in by the target process. Are there any APIs or strategies that I could use to accomplish this? Or is there some entitlement which would allow the application to request "application became unresponsive"/"application became responsive" notifications from the window server?

I am learning about endpoint security and other system extensions, while I was handling ES_EVENT_TYPE_AUTH_IOKIT_OPEN event I realized that I cannot auth deny any bluetooth events. I tried to deny any open or execute events related to com.apple.bluetoothd but it did not work. I searched google and found out that I can use CoreBluetooth to control bluetooth. But when I get connected to bluetooth keyboard or mouse, didConnectPeripheral dose not get called or when I call [central cancelPeripheralConnection:peripheral] disconnection never happens. Is there any recommendation for handling or controlling events related to bluetooth connection?

I submitted the form for the critical alert entitlement but have not received any response for already 2 weeks. How long does it normally take to review such requests? Is there any way I can contact a certain department directly?

Hello everyone, We are in the process of migrating a high-performance storage KEXT to DriverKit. During our initial validation phase, we noticed a performance gap between the DEXT and the KEXT, which prompted us to try and optimize our I/O handling process. Background and Motivation: Our test hardware is a RAID 0 array of two HDDs. According to AJA System Test, our legacy KEXT achieves a write speed of about 645 MB/s on this hardware, whereas the new DEXT reaches about 565 MB/s. We suspect the primary reason for this performance gap might be that the DEXT, by default, uses a serial work-loop to submit I/O commands, which fails to fully leverage the parallelism of the hardware array. Therefore, to eliminate this bottleneck and improve performance, we configured a dedicated parallel dispatch queue (MyParallelIOQueue) for the UserProcessParallelTask method. However, during our implementation attempt, we encountered a critical issue that caused a system-wide crash. The Operation Causing the Panic: We configured MyParallelIOQueue using the following combination of methods: In the .iig file: We appended the QUEUENAME(MyParallelIOQueue) macro after the override keyword of the UserProcessParallelTask method declaration. In the .cpp file: We manually created a queue with the same name by calling the IODispatchQueue::Create() function within our UserInitializeController method. The Result: This results in a macOS kernel panic during the DEXT loading process, forcing the user to perform a hard reboot. After the reboot, checking with the systemextensionsctl list command reveals the DEXT's status as [activated waiting for user], which indicates that it encountered an unrecoverable, fatal error during its initialization. Key Code Snippets to Reproduce the Panic: In .iig file - this was our exact implementation: class DRV_MAIN_CLASS_NAME: public IOUserSCSIParallelInterfaceController { public: virtual kern_return_t UserProcessParallelTask(...) override QUEUENAME(MyParallelIOQueue); }; In .h file: struct DRV_MAIN_CLASS_NAME_IVars { // ... IODispatchQueue* MyParallelIOQueue; }; In UserInitializeController implementation: kern_return_t IMPL(DRV_MAIN_CLASS_NAME, UserInitializeController) { // ... // We also included code to manually create the queue. kern_return_t ret = IODispatchQueue::Create("MyParallelIOQueue", kIODispatchQueueReentrant, 0, &ivars->MyParallelIOQueue); if (ret != kIOReturnSuccess) { // ... error handling ... } // ... return kIOReturnSuccess; } Our Question: What is the officially recommended and most stable method for configuring UserProcessParallelTask_Impl() to use a parallel I/O queue? Clarifying this is crucial for all developers pursuing high-performance storage solutions with DriverKit. Any explanation or guidance would be greatly appreciated. Best Regards, Charles

I'm testing CloudKit Sharing (CKShare) in my app. My app uses CloudKit Sharing to share private data between users (this is not App Store Family Sharing or purchase sharing, it's app-level sharing via CKShare). To properly test this, I need three or four Apple Accounts with distinct roles in my app. This means I need three/four separate iCloud accounts signed in on test devices. Simulators are probably ok: two acting as "parents" (share owner and participant): parent1.sandbox@example.com parent2.sandbox@example.com, one or two as a "child" (participant) child1.sandbox@example.com child2.sandbox@example.com except obviously using my domain name. I attempted to create Sandbox Apple Accounts in App Store Connect, but these don't appear to work with CloudKit Sharing. I then created several standard Apple Accounts, but I've now hit a limit — I believe my mobile number (used for two-factor authentication on the test accounts) has been flagged or rate-limited for account creation, and I can no longer create or verify new accounts with it. It's also blocked the email addresses associated with those accounts from being used for new account creation. Can Apple or anyone advise on the recommended approach for testing CloudKit Sharing with multiple participants? are Sandbox accounts supposed to work for CKShare, or do I need full Apple Accounts? How do i create and verify these in the correct way to avoid hitting these limits or breaking terms of service?

Approx Dec 13th 2025 til now (Dec 29th) I noticed my APNS dropped off to nothing daily. When I try to send APNS alerts on the developer site tool it always returns "discarded as device was offline" for multiple devices which I know are online. When I try pushing through my VPS (as I always have without any code changes for months) I get status codes of 400 and 403 mostly and a few 200's without it delivering also. I created a new sandbox certificate just in case it was that but still no luck, I get the same results. Ive checked for any firewall issues and I see the following on my VPS: nslookup gateway.push.apple.com Server: 1.1.1.1 Address: 1.1.1.1#53 ** server can't find gateway.push.apple.com: NXDOMAIN This seems like a second issue but not the primary issue that the portal is reporting. Any ideas what to check? Im at a loss as to why its not working at all through apples test notification portal on my developer account. It seems thats the initial issue I need to solve. Thank you for any ideas/help

iOS BLE Background Scanning Stops After Few Minutes to Hours Hi everyone, I'm developing a Flutter app using flutter_blue_plus that needs continuous BLE scanning in both foreground and background. Foreground scanning works perfectly, but background scanning stops after a few minutes (sometimes 1-2 hours). Current Implementation (iOS) Foreground Mode: Scans for 10 seconds with all target service UUIDs Batches and submits results every 10 seconds Works reliably ✅ Background Mode: Rotates through service UUIDs in batches of 7 Uses 1-minute batch intervals Maintains active location streaming (Geolocator.getPositionStream) Switches modes via AppLifecycleState observer // Background scanning setup await FlutterBluePlus.startScan( withServices: serviceUuids, // Batch of 7 UUIDs continuousUpdates: true, ); // Location streaming (attempt to keep app alive) LocationSettings( accuracy: LocationAccuracy.bestForNavigation, distanceFilter: 0, ); Lifecycle Management: AppLifecycleState.paused -> Start background mode AppLifecycleState.resumed -> Start foreground mode Questions: Is there a documented maximum duration for iOS background BLE scanning? My scanning stops inconsistently (few minutes to 2 hours). Does iOS require specific Background Modes beyond location updates to maintain BLE scanning? I have location streaming active but scanning still stops. Are there undocumented limitations when scanning with service UUIDs in background that might cause termination? Should I be using CoreBluetooth's state preservation/restoration instead of continuous scanning? Info.plist Configuration: <key>UIBackgroundModes</key> <array> <string>bluetooth-central</string> <string>location</string> </array> Additional Context: Total service UUIDs: ~20-50 (varies by company) Scanning in batches of 7 to work around potential limitations Android version works fine with foreground service Location permission: Always iOS 14+ target Any insights on iOS BLE background limitations or best practices would be greatly appreciated. Thanks!

Hi Everyone, Need help 🙌 Could someone help how to test pending purchases in Sandbox accounts ? Can test ask to buy flow ? if yes how, could not find any information about that.

Hi, As a company, we have several apps in the AppStore that contain AppClips. With the latest iOS18 it works without any problems. With all iOS26 betas so far, however, there is always the problem “ASDErrorDomain- Error 507” and the AppClip cannot be opened. You can easily test this by scanning the following QR code with the system camera: You only ever get this error instead of the option to open the AppClip. As the iOS26 beta phase is already at an advanced stage, we are naturally concerned as to whether the problem will be solved.

Hello, I am an individual developer working on a macOS application using SwiftUI and RealityKit. I would like to understand the feasibility of face-related tracking on macOS when using an external USB camera, compared to iOS/iPadOS. Specifically: • Does macOS provide an ARKit Face Tracking–equivalent API (e.g., real-time facial expressions, gaze direction, depth)? • If not, is it common to rely on Vision / AVFoundation as alternatives for: • Facial expression coefficients • Gaze estimation • Depth approximation • In an environment without dedicated sensors such as TrueDepth, is it correct to assume that accurate depth data and high-fidelity blend shape extraction are realistically difficult? Any clarification on official limitations, recommended alternatives, or relevant documentation would be greatly appreciated. Thank you.

Dears, Please take a look at case: FB21940123 (Wallet Extension unable to add card) Thanks

In iOS 18, when a contact with multiple phone numbers called, the system clearly indicated which specific number was used—often by highlighting it in red for missed calls or tagging it as 'recent.' However, in iOS 26, this distinction is missing, and there is no way to determine which of the contact's numbers the call originated from.

Dears, Please review: FB21940123 (Wallet Extension unable to add card) Thanks,

I've recently updated one of our CI mac mini's to Sequoia in preparation for the transition to Tahoe later this year. Most things seemed to work just fine, however I see this dialog whenever the UI Tests try to run. This application BoostBrowerUITest-Runner is auto-generated by Xcode to launch your application and then run your UI Tests. We do not have any control over it, which is why this is most surprising. I've checked the codesigning identity with codesign -d -vvvv as well as looked at it's Info.plist and indeed the usage descriptions for everything are present (again, this is autogenerated, so I'm not surprised, but just wanted to confirm the string from the dialog was coming from this app) &lt;?xml version="1.0" encoding="UTF-8"?&gt; &lt;!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd"&gt; &lt;plist version="1.0"&gt; &lt;dict&gt; &lt;key&gt;BuildMachineOSBuild&lt;/key&gt; &lt;string&gt;22A380021&lt;/string&gt; &lt;key&gt;CFBundleAllowMixedLocalizations&lt;/key&gt; &lt;true/&gt; &lt;key&gt;CFBundleDevelopmentRegion&lt;/key&gt; &lt;string&gt;en&lt;/string&gt; &lt;key&gt;CFBundleExecutable&lt;/key&gt; &lt;string&gt;BoostBrowserUITests-Runner&lt;/string&gt; &lt;key&gt;CFBundleIdentifier&lt;/key&gt; &lt;string&gt;company.thebrowser.Browser2UITests.xctrunner&lt;/string&gt; &lt;key&gt;CFBundleInfoDictionaryVersion&lt;/key&gt; &lt;string&gt;6.0&lt;/string&gt; &lt;key&gt;CFBundleName&lt;/key&gt; &lt;string&gt;BoostBrowserUITests-Runner&lt;/string&gt; &lt;key&gt;CFBundlePackageType&lt;/key&gt; &lt;string&gt;APPL&lt;/string&gt; &lt;key&gt;CFBundleShortVersionString&lt;/key&gt; &lt;string&gt;1.0&lt;/string&gt; &lt;key&gt;CFBundleSignature&lt;/key&gt; &lt;string&gt;????&lt;/string&gt; &lt;key&gt;CFBundleSupportedPlatforms&lt;/key&gt; &lt;array&gt; &lt;string&gt;MacOSX&lt;/string&gt; &lt;/array&gt; &lt;key&gt;CFBundleVersion&lt;/key&gt; &lt;string&gt;1&lt;/string&gt; &lt;key&gt;DTCompiler&lt;/key&gt; &lt;string&gt;com.apple.compilers.llvm.clang.1_0&lt;/string&gt; &lt;key&gt;DTPlatformBuild&lt;/key&gt; &lt;string&gt;24A324&lt;/string&gt; &lt;key&gt;DTPlatformName&lt;/key&gt; &lt;string&gt;macosx&lt;/string&gt; &lt;key&gt;DTPlatformVersion&lt;/key&gt; &lt;string&gt;15.0&lt;/string&gt; &lt;key&gt;DTSDKBuild&lt;/key&gt; &lt;string&gt;24A324&lt;/string&gt; &lt;key&gt;DTSDKName&lt;/key&gt; &lt;string&gt;macosx15.0.internal&lt;/string&gt; &lt;key&gt;DTXcode&lt;/key&gt; &lt;string&gt;1620&lt;/string&gt; &lt;key&gt;DTXcodeBuild&lt;/key&gt; &lt;string&gt;16C5031c&lt;/string&gt; &lt;key&gt;LSBackgroundOnly&lt;/key&gt; &lt;true/&gt; &lt;key&gt;LSMinimumSystemVersion&lt;/key&gt; &lt;string&gt;13.0&lt;/string&gt; &lt;key&gt;NSAppTransportSecurity&lt;/key&gt; &lt;dict&gt; &lt;key&gt;NSAllowsArbitraryLoads&lt;/key&gt; &lt;true/&gt; &lt;/dict&gt; &lt;key&gt;NSAppleEventsUsageDescription&lt;/key&gt; &lt;string&gt;Access is necessary for automated testing.&lt;/string&gt; &lt;key&gt;NSBluetoothAlwaysUsageDescription&lt;/key&gt; &lt;string&gt;Access is necessary for automated testing.&lt;/string&gt; &lt;key&gt;NSCalendarsUsageDescription&lt;/key&gt; &lt;string&gt;Access is necessary for automated testing.&lt;/string&gt; &lt;key&gt;NSCameraUsageDescription&lt;/key&gt; &lt;string&gt;Access is necessary for automated testing.&lt;/string&gt; &lt;key&gt;NSContactsUsageDescription&lt;/key&gt; &lt;string&gt;Access is necessary for automated testing.&lt;/string&gt; &lt;key&gt;NSDesktopFolderUsageDescription&lt;/key&gt; &lt;string&gt;Access is necessary for automated testing.&lt;/string&gt; &lt;key&gt;NSDocumentsFolderUsageDescription&lt;/key&gt; &lt;string&gt;Access is necessary for automated testing.&lt;/string&gt; &lt;key&gt;NSDownloadsFolderUsageDescription&lt;/key&gt; &lt;string&gt;Access is necessary for automated testing.&lt;/string&gt; &lt;key&gt;NSFileProviderDomainUsageDescription&lt;/key&gt; &lt;string&gt;Access is necessary for automated testing.&lt;/string&gt; &lt;key&gt;NSFileProviderPresenceUsageDescription&lt;/key&gt; &lt;string&gt;Access is necessary for automated testing.&lt;/string&gt; &lt;key&gt;NSLocalNetworkUsageDescription&lt;/key&gt; &lt;string&gt;Access is necessary for automated testing.&lt;/string&gt; &lt;key&gt;NSLocationUsageDescription&lt;/key&gt; &lt;string&gt;Access is necessary for automated testing.&lt;/string&gt; &lt;key&gt;NSMicrophoneUsageDescription&lt;/key&gt; &lt;string&gt;Access is necessary for automated testing.&lt;/string&gt; &lt;key&gt;NSMotionUsageDescription&lt;/key&gt; &lt;string&gt;Access is necessary for automated testing.&lt;/string&gt; &lt;key&gt;NSNetworkVolumesUsageDescription&lt;/key&gt; &lt;string&gt;Access is necessary for automated testing.&lt;/string&gt; &lt;key&gt;NSPhotoLibraryUsageDescription&lt;/key&gt; &lt;string&gt;Access is necessary for automated testing.&lt;/string&gt; &lt;key&gt;NSRemindersUsageDescription&lt;/key&gt; &lt;string&gt;Access is necessary for automated testing.&lt;/string&gt; &lt;key&gt;NSRemovableVolumesUsageDescription&lt;/key&gt; &lt;string&gt;Access is necessary for automated testing.&lt;/string&gt; &lt;key&gt;NSSpeechRecognitionUsageDescription&lt;/key&gt; &lt;string&gt;Access is necessary for automated testing.&lt;/string&gt; &lt;key&gt;NSSystemAdministrationUsageDescription&lt;/key&gt; &lt;string&gt;Access is necessary for automated testing.&lt;/string&gt; &lt;key&gt;NSSystemExtensionUsageDescription&lt;/key&gt; &lt;string&gt;Access is necessary for automated testing.&lt;/string&gt; &lt;key&gt;OSBundleUsageDescription&lt;/key&gt; &lt;string&gt;Access is necessary for automated testing.&lt;/string&gt; &lt;/dict&gt; &lt;/plist&gt; Additionally, spctl --assess --type execute BoostBrowserUITests-Runner.app return an exit code of 0 so I assume that means it can launch just fine, and applications are allowed to be run from "anywhere" in System Settings. I've found the XCUIProtectedResource.localNetwork value, but it seems to only be accessible on iOS for some reason (FB17829325). I'm trying to figure out why this is happening on this machine so I can either fix our code or fix the machine. I have an Apple script that will allow it, but it's fiddly and I'd prefer to fix this the correct way either with the machine or with fixing our testing code.

I have a network extension that hosts a NEFilterDataProvider & NETransparentProxyProvider. One of the use case that this caters to is : Proxy some flows (depending on originating app) while Content filter is also filtering flows based on business logic. The issue I am running into happens when FilterDataProvider sees a flow & responds with filterDataVerdict(withFilterInbound: false, peekInboundBytes: 0, filterOutbound: true, peekOutboundBytes:1024 to handleNewFlow(_ flow: NEFilterFlow) [wants to peek more bytes on outbound connection before making a decision] TransparentProxyProvider sees the flow & responds with NO to handleNewFlow(_ flow: NEAppProxyFlow) as it is not interested in in proxying that flow. When this occurs, we see connection being dropped by kernel. I wanted to know if this is expected behavior. Logs when this occurs: 2026-02-06 14:57:09.725854-0600 0x17c918f Default 0x0 569 0 com.test.networkextension: (NetworkExtension) [com.apple.networkextension:] [Extension com.test.network]: provider rejected new flow TCP headless_shell[{length = 20, bytes = 0xe69023e655b6065e1a2f94fa508807fa43f6ac8a}] remote: 100.72.0.3:443 interface utun9 2026-02-06 14:57:09.725874-0600 0x17ca166 Debug 0x0 569 0 com.test.networkextension: (NetworkExtension) [com.apple.networkextension:] New flow verdict for D89B5B5D-793C-4940-D955-37BE33F18005: drop = NO remediate = NO needRules = NO shouldReport = YES pause = NO urlAppendString = NO filterInbound = NO peekInboundBytes = 0 filterOutbound = YES peekOutboundBytes = 1024 statisticsReportFrequency = low 2026-02-06 14:57:09.726009-0600 0x17ca24a Default 0x0 569 0 com.test.networkextension: (libnetworkextension.dylib) [com.apple.networkextension:] (410011084): Closing reads (sending SHUT_WR), closed by plugin (flow error: 0) 2026-02-06 14:57:09.726028-0600 0x17ca24a Default 0x0 569 0 com.test.networkextension: (libnetworkextension.dylib) [com.apple.networkextension:] (410011084): Closing writes, sending SHUT_RD 2026-02-06 14:57:09.726040-0600 0x17ca24a Debug 0x0 569 0 com.test.networkextension: (libnetworkextension.dylib) [com.apple.networkextension:] (410011084): Dropping the director 2026-02-06 14:57:09.726047-0600 0x17ca24a Default 0x0 569 0 com.test.networkextension: (libnetworkextension.dylib) [com.apple.networkextension:] (410011084): Destroying, client tx 0, client rx 0, kernel rx 0, kernel tx 0 I wanted to know how neagent is handling this when for a flow, filterDataProvider wants to look at the traffic while transparentProxy is not interested in handling that flow

Hey, I am just about to prepare my app for Swift 6, and facing the issue that UserDefaults is not Sendable. The documentation states that its thread safe, so I am wondering, why is it not marked as Sendable? Was it just forgotten? Is it safe to mark it as nonisolated(unsafe) or @unchecked Sendable?