We’re exploring the use of Apple’s Automatic Assessment Configuration entitlement for an iOS app currently in the proof-of-concept stage. We’re enrolled in the Apple Developer Program with an active subscription. Both the Account Holder and team members have accepted all relevant license agreements. However, when we try to access the entitlement request form at: 👉 https://developer.apple.com/contact/request/automatic-assessment-configuration/ We are immediately redirected to: 🚫 https://developer.apple.com/unauthorized/ This happens for all team members, including the Account Holder, so it doesn’t appear to be a role-specific permissions issue. The app is still in the proof-of-concept stage — there’s no App Store listing or App ID yet. We’re trying to confirm entitlement eligibility before proceeding further. Questions: Is an App Store listing or App ID required to access this request form? Are there any hidden prerequisites (account permissions, team roles, prior submissions, etc.) that need to be fulfilled? Has anyone here successfully submitted this form — and if so, what steps or conditions were required? Any guidance or shared experience would be greatly appreciated. Thanks in advance!

New devices coming to this year is named as iPhone 17 .... Why we care not going for iPhone 26. .... ? if it is named as iPhone 26... in line with new version policy, it will be easier to relate in all perspective.

Apple face app is used to fore video calling and chatting and voice calling AP same a what’s app tango etc…

As we know, we can't add restrictions payload in the mobileconfig when registing the device. We are developing MDM by ourselfs, met some trouble. Please help.

Hi We've had an Enterprise Developer a/c for years. But last year they asked a bunch a questions to confirm we were a company. I answered them all and then it said it would review the answers. Were a big company and answered these questions before so just expected it to go through. Then our Enterprise Program a/c was up for renewal in April. But the money was never taken from the company cc and every expiry date the renewal date keeps moving forward a month. Its now been moved to Sep 2025. Either were getting April-Sep free or were going to be landed with a CC bill for 12+5 months soon. Anyone else seeing this. Is there an email or webpage for Enterprise a/c support? We have the money :)

Our organization is deploying passwordless authentication. Instead of using a password, employees must use the Microsoft Authenticator app to complete the login process. Unfortunately, employees with passwordless authentication can't complete the login on the Wi-Fi Captive portal with SAML authentication. The reason is that when an employee switches to the Microsoft Authenticator app, the Apple CNA (Apple Network Captive Assistant) disappears. As a result, the authentication process breaks. According to the https://developer.apple.com/news/?id=q78sq5rv source, iOS 14+ devices support the RFC-8908 standard. Unfortunately, we couldn't find a reliable source on how this feature works on iOS devices. The question is: Is it possible to automatically forward Wi-Fi clients to the SAML authentication portal in the default browser app (for example, Safari) after connecting an employee to Wi-Fi?

I've account access level of developer. I want to create app specific password but go through the account but could not get any option to do so. Can somebody help me on this. Thanks in advance.

I'm using Apple's MDM protocol InstalledApplicationListCommand to get information about installed apps. From iOS/iPadOS 26, the app information obtained by InstalledApplicationListCommand includes information on all apps including system apps (apps that come standard with iOS/iPadOS). https://developer.apple.com/documentation/devicemanagement/installed-application-list-command I want iOS/iPadOS26 to get the same information as the app information I get from the previous iOS/iPadOS, and I want to exclude system apps from the app information I get with the InstalledApplicationListCommand. As a way to exclude system apps, you can use the app ID I'm thinking of a way to exclude anything that starts with "com.apple" (the Identifier key value of the InstalledApplicationListResponse.InstalledApplicationListItem object). As a way to exclude system apps, please tell us whether the above method is appropriate and whether there will be any problems in the future.

How can we receive the iPadOS 18.6.1 update on an iPad? We have configured the MDM update days policy to receive recent, but not the latest, iPadOS updates; however, we are only able to get versions 18.6.2 and 18.6. Is the availability of iPadOS updates dependent on the iPad's region? Thank you in advance for your assistance.

can you make a profit with the seed program

I am checking the response of DeviceInformation Command to collect network information from iPad. On iPad(iPad Pro 11, M4) devices that use WiFi without inserting Usim or Esim, network values ​​such as CurrentMCC and ICCID are received in response to the DeviceInformation command. cf.)Even though it may be garbage value, I blurred the unique information just in case. <key>ServiceSubscriptions</key> <array> <dict> <key>CarrierSettingsVersion</key> <string>61.0</string> <key>CurrentCarrierNetwork</key> <string></string> <key>CurrentMCC</key> <string>450</string> <key>CurrentMNC</key> <string>08</string> <key>EID</key> <string>blah blah</string> <key>ICCID</key> <string>blah balh</string> <key>IMEI</key> <string>blah blah</string> <key>IsDataPreferred</key> <true/> <key>IsRoaming</key> <true/> <key>IsVoicePreferred</key> <false/> <key>Label</key> <string>Provisioning</string> <key>LabelID</key> <string>00000000-0000-0000-0000-000000000000</string> <key>PhoneNumber</key> <string></string> <key>Slot</key> <string>CTSubscriptionSlotOne</string> <key>SubscriberCarrierNetwork</key> <string>iPad</string> </dict> </array> This is a bit weird. If I collect the same information from an iPhone(iPhone 15 Pro Max) that only uses wifi and does not use Usim or Esim, it does not respond with values ​​like ICCID, CurrentMCC, etc. <key>ServiceSubscriptions</key> <array> <dict> <key>IMEI</key> <string>blah blah</string> <key>Slot</key> <string>CTSubscriptionSlotOne</string> </dict> <dict> <key>EID</key> <string>blah blah</string> <key>IMEI</key> <string>blah blah</string> <key>Slot</key> <string>CTSubscriptionSlotTwo</string> </dict> </array> I'm confused by the network information collected. Is there a reason why the collected network information of iPad and iPhone are different?

Hello, I am currently attempting to use declarative management to install enterprise application, however I am running into errors. Initially the device was failing to unpac the initial manifest it downloaded. After pulling logs from the device it was revealed that the manifest must include the bundle-version for it to parse as valid. Adding this has allowed for the ipa to be fetched from the server however there is a secondary issue. The application is on the device but is unable to be opened due to the device being unable to validate its integreti. Any additional information would be useful. For completion the working manifest will be pasted below. It should be noted that the manifest below does work when requesting application installs through MDM commands. <***> <items type="array"> <dict> <assets type="array"> <dict> <kind type="string">software-package</kind> <url type="string">https://domain/web/mdm/ios/enterpriseipa/bundle.id</url> </dict> </assets> <key type="dict" name="metadata"> <bundle-identifier type="string">bundle.id</bundle-identifier> <kind type="string">software</kind> <subtitle type="string">app</subtitle> <title type="string">app</title> <bundle-version type="string">x.x.x</bundle-version> </key> </dict> </items> </***> </plist>

During MDM Automated Device Enrollment of Apple TV, the web view defined by configuration_web_url is not working. We are using the web view to display the usage policy for all devices. While the web view functions correctly for other devices, it is resulting in an error specifically for Apple TV. Could you please clarify whether Apple plans to implement support for this feature on Apple TV in the future or if it will not be supported? Referring to configuration_web_url in: https://developer.apple.com/documentation/devicemanagement/profile

I'm writing to point out a potential structural error in an example of the DeclarativeManagement command. This could cause significant confusion for developers implementing the MDM protocol. The standard structure for a server-to-device MDM command requires CommandUUID and the Command dictionary to be siblings under the top-level dictionary. The CommandUUID serves as a top-level identifier for the entire command envelope. This is the correct, expected structure: <?xml version="1.0" encoding="UTF-8"?> <!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd"> <plist version="1.0"> <dict> <key>Command</key> <dict> <key>Command</key> <dict> <key>RequestType</key> <string>DeclarativeManagement</string> </dict> </dict> <key>CommandUUID</key> <string>0001_DeclarativeManagement</string> </dict> </plist> This is an example of the incorrect structure I've seen: <?xml version="1.0" encoding="UTF-8"?> <!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd"> <plist version="1.0"> <dict> <key>Command</key> <dict> <key>CommandUUID</key> <string>0001_DeclarativeManagement</string> <key>Command</key> <dict> <key>RequestType</key> <string>DeclarativeManagement</string> </dict> </dict> </dict> </plist>

We are expering frequent delays recently when associating a device serial with the adamid of an app in our business manager account. I get an event id back when calling the /associate api but when i check the status of that event id is can be sat in a pending state for sometimes several hours. Need to understand why and if its a configuration issue

Im trying to make my own iOS MDM Server with SCEP. I cant send a response to the PKIOperation without the iPad rejecting it. Can someone post the PKIOperation response structure

We are experiencing a lot of problems deploying an enterprise app for in-house use since late January. All our iPads are managed by an MDM solution. It can take 10 or more attempts to successfully deploy the app. The deployment usually fails with the message "ASDErrorDomain error 854" among other messages. The company providing the MDM solution has no idea what causes this message or what it means. I suspect the error message is not generated by the MDM solutiion but rather gets passed through from iOS. After many attempts the installation may succeed suddenly, though, and the apps works as expected, but this may take weeks. I have not done any changes to my development system. 'I am running XCode 15.3 with SDK version 17.4, the iPads are on iOS 18.3

Hello, I am building a Content Filter app for iOS and would like to get access to some information about network connections that are happening on the device. I managed to have the handle(_ report: NEFilterReport) method of my NEFilterControlProvider called, but the bytesOutboundCount and bytesInboundCount properties of the report are always 0. How can I have the real byte count of the connection ?

I am having an issue with duplicated SCEP client certificates on an iOS device. We deployed an SCEP profile via MDM, then deleted and redeployed it via MDM. In Settings > General > VPN & Device Management, only one SCEP profile is visible. However, Safari shows duplicated certificates when a server requests a client certificate. We have tried removing the cert profile on MDM and unenrolling the device from MDM, but only the latest certificate got removed, leaving previous ones stuck on the device or in the Safari app. We have found no way to remove these duplicated certificates other than factory reset the devices. This appears to be a potential iOS bug affecting certificate cleanup. We need assistance to resolve this issue. Also, the issue is difficult to reproduce but has happened to a number of our managed devices.

Hi, I’m testing the ClearPasscode MDM command: https://developer.apple.com/documentation/devicemanagement/clear-passcode-command Question: If a user enters the passcode incorrectly multiple times and the device becomes temporarily locked (e.g., “Try again in X minutes”) or reaches “Security Lockout”, can ClearPasscode still be executed successfully while the device is in that state? {'ErrorCode': 5013, 35708 'ErrorDomain': 'MCPasscodeErrorDomain', 35709 'LocalizedDescription': '\xe3\x81\x93...x89', 35710 'USEnglishDescription': 'The passcode cannot be cleared (-1)'} If it depends on conditions (e.g., supervised vs. user enrollment, availability of UnlockToken, network/check-in state), could you clarify which conditions are required? Thank you.