You can now easily request access to managed capabilities for your App IDs directly from the new Capability Requests tab in Certificates, Identifiers & Profiles > Identifiers. With this update, view available capabilities in one convenient location, check the status of your requested capabilities, and see any notes from Apple related to your requests. Learn more about capability requests.

I am writing to follow up on my request for Family Control permission, which I submitted through the appropriate form over a week ago. Unfortunately, I have not yet received any response or access to the requested permissions. Could you kindly provide an update on the status of my request? If any further information or action is needed from my end, please let me know.

Hi, I am trying to make my app build on GitHub Action CI pipeline. App builds fine on xcode on my mac. For CI I am using command line xcode. I am getting following error: No profiles for 'com.snslocation.electricians-now' were found: Xcode couldn't find any iOS App Development provisioning profiles matching 'com.snslocation.electricians-now'. Automatic signing is disabled and unable to generate a profile. To enable automatic signing, pass -allowProvisioningUpdates to xcodebuild. (in target 'myapp' from project 'myapp') You can see full log of the build here: https://github.com/nbulatovi/ElectriciansNow/actions/runs/12603115423/job/35127512689 The provisioning profile is present, and verified in the previous steps in the pipeline, however xcode refuses to find it. If I add -allowProvisioningUpdates error stays. I tried manually mapping app id to profile name. Is there a way to get any debug log from xcode profile search, to see why is it not picking up the correct profile? Or can you maybe help in some other way? xcode version is 15.4, iOS SDK 17.5

Even if I recreate everything and register it, it does not register in xcode as shown below. No matter how many times I regenerate the certificate and profile, the same thing happens.

I'm trying to download a profile for a developer download for an app, but I get this error and can't install the profile. I've already registered the device and UDID and added it to the profile. Please let me know what I need to do.

Title: Apple's Outdated and Restrictive Certificate Signing Process: A Barrier to Innovation Introduction In the dynamic field of mobile app development, the agility and freedom offered to developers can significantly dictate the pace of innovation and user satisfaction. Apple's certificate signing process, a legacy from an earlier era of computing, starkly contrasts with more modern approaches, particularly Android's Keystore system. This article delves into the cumbersome nature of Apple's approach, arguing that its outdated and proprietary methods hinder the development process and stifle innovation. The Burdensome Nature of Apple's Certificate Signing Proprietary Restrictions: Apple's certificate signing is not just a process; it's a gatekeeper. By forcing developers to go through its own system to obtain certificates, Apple maintains a tight grip on what gets published and updated. This closed ecosystem approach reflects a dated philosophy in an age where flexibility and openness are key drivers of technological advancement. Complex and Time-Consuming: The process to acquire and maintain a valid certificate for app signing is notoriously intricate and bureaucratic. Developers must navigate a maze of procedures including certificate requests, renewals, and provisioning profiles. Each step is a potential roadblock, delaying urgent updates and bug fixes, which can be crucial for user retention and satisfaction. Lack of Autonomy: Apple's centralized control means every application must be signed under the stringent watch of its guidelines. This lack of autonomy not only slows down the release cycle but also curbs developers' creative processes, as they must often compromise on innovative features to meet Apple's strict approval standards. Comparing Android’s Keystore System Developer-Friendly: In stark contrast, Android’s Keystore system empowers developers by allowing them to manage their cryptographic keys independently. This system supports a more intuitive setup where keys can be generated and stored within the Android environment, bypassing the need for any external approval. Speed and Flexibility: Android developers can use the same key across multiple applications and decide their expiration terms, which can be set to never expire. This flexibility facilitates a quicker development process, enabling developers to push updates and new features with minimal delay. The Impact on the Developer Ecosystem Innovation Stifling: Apple's outdated certificate signing process does not just affect the technical side of app development but also impacts the broader ecosystem. It places unnecessary hurdles in front of developers, particularly small developers who may lack the resources to frequently manage certificate renewals and navigate Apple’s rigorous approval process. Market Response: The market has shown a preference for platforms that offer more freedom and less bureaucratic interference. Android's growing market share in many regions can be partially attributed to its more developer-friendly environment, which directly contrasts with Apple's tightly controlled ecosystem. Conclusion Apple’s certificate signing method, while ensuring a secure environment, is an archaic relic in today’s fast-paced tech world. It binds developers with outdated, proprietary chains that hinder rapid development and innovation. As the technological landscape evolves towards more open and flexible systems, Apple’s restrictive practices could potentially alienate developers and erode its competitive edge. For Apple to maintain its relevance and appeal among the developer community, a significant overhaul of its certificate signing process is not just beneficial—it's necessary.

I am developing and distributing an XCFramework, and I want to ensure that it remains valid for as long as possible. I have some questions regarding certificate expiration and revocation: I understand that if an XCFramework is signed with a timestamp, it remains valid even after the signing certificate expires. However, if the signing certificate is revoked, the XCFramework immediately becomes unusable. As far as I know, Apple allows a maximum of two active distribution certificates at the same time. I assume that once a certificate expires, it will eventually need to be revoked in order to issue a third certificate. Is this correct? If an expired certificate is later revoked, will the XCFrameworks signed with that certificate also become invalid, even though they were timestamped? I want to ensure that released XCFrameworks remain valid for as long as possible. What is the best approach to achieve this? If anyone has insights or official documentation references on how to manage signing certificates for long-term XCFramework validity, I would appreciate your guidance. Thank you!

i was complete my program, and export a mac app already it work ok in my macmini, but if i want send it to app store, that i have no way now i still do not know how to make this app perfect like, when i use pyinstaller to build this app, is there any info or elements need make with? i can sign my app now, even i use codesign -dvvv my.app to check the sign, it is also ok, there no any feedback said it anything wrong. so, any master know fix app sign or any infoplist please tech me... help

The mentioned way of setting up complications does not work. We can't create the identifier according to the guideline mentioned in the WWDC session. https://developer.apple.com/videos/play/wwdc2020/10049/?time=1021 Timestamp: 17:04 Error: An attribute in the provided entity has invalid value An App ID with Identifier '.watchkitapp.complication' is not available. Please enter a different string. To clarify - the non masked identifier is not used on another property inside our dev program. Without creating the identifier our tests result in not working push notifications. Error message while testing: discarded as application was not registered. Is the way mentioned in the WWDC session still valid? BR

Hey everyone, I was granted access to Family Controls (Distribution) for my main App ID The entitlement is visible and enabled in the App ID configuration. I’ve successfully created and used a provisioning profile that injects com.apple.developer.family-controls for the main app. ✅ However, the issue is with an extension target under the same parent App ID and all others Despite enabling the Family Controls (Development) capability in this extension’s App ID config, every new provisioning profile I generate for the extension fails to include the entitlement. I’ve confirmed this by: • Dumping the .mobileprovision with security cms -D → no sign of com.apple.developer.family-controls • Recreating the profile multiple times (Development and Distribution) • Ensuring the entitlement is toggled on in the portal • Validating the parent app profile does include it ⸻ ❗Question: Is there a known issue where Family Controls doesn’t get injected into extension App IDs even after team approval? Or is there an extra step I need to take to get this entitlement injected properly into provisioning profiles for app extensions?

I am distributing a macOS application outside the App Store using Developer ID and need to provide provisioning profiles to customers for installation during the package installation process. I have two questions: How can I package and provide the provisioning profile(s) so that the customer can install them easily during the application installation process? Are there any best practices or tools that could simplify this step? In my case, there are multiple provisioning profiles. Should I instruct the customer to install each profile individually, or is there a way to combine them and have them installed all at once? Any guidance on the best practices for this process would be greatly appreciated.

I have 14 total devices, from way back. I am currently in a financial bind and can't renew just yet. BUT I am at past my time to reset the device list back to zero. But the screen to do that is behind the paid account. Catch 22 Can we fix it? As it stands I must email tech support, but this is a bug so I posted

I tried to create a new IOS provisioning profile and re-apply it to the app using Xcode to build it, but I got into trouble. The build is good, but it bounces when running the app. I would appreciate it if you could let me know what to do.

Since around September (iOS 26 release), i'm unable to test my app normally. It says "internet connection is required to verify [my certificate id]", or just crashing. All terms and conditions accepted, everything is valid, certificates are OK. Reinstallation via xcode does not help. Removal of provisioning profile, generating new does not help. Revoking of certificate and generating new does for around week, then it happens again, but do i need to do it every week now? In logs i see the following: default amfid validation failed because of missing trust and/or authorization (0xe8008026) error amfid not valid: 0xe8008026: The provisioning profile requires online authorization. error amfid Unexpected MISError (0xe8008026): The provisioning profile requires online authorization. default +0300 amfid /private/var/containers/Bundle/Application/5B8E560E-75B2-46EF-8606-02072D99E9CF//Frameworks/oss.dylib not valid: Error Domain=AppleMobileFileIntegrityError Code=-400 "An unknown error was encountered" UserInfo={NSURL=file:///private/var/containers/Bundle/Application/5B8E560E-75B2-46EF-8606-02072D99E9CF//Frameworks/oss.dylib, NSLocalizedDescription=An unknown error was encountered} default kernel AMFI: code signature validation failed. It looks like apple validation servers are not working, or is it iOS bug? All provisioning profiles are showing like "valid" in apple developer center. My network is not behind a proxy, connection is direct. If use EXACTLY the same app, signed with the same provisioning, same signature, on another test device, it works! When i reset current device to default settings and installing the EXACTLY same app after it, it works as well. Looking for a help from apple developer support

急需一个企业开发者证书，有意者可联系tg:@moonkf2025

Hi, I'm trying to create a FairPlay Streaming Certificate for the SDK 26.x version. Worth to mention that we already have 2 (1024 and 2048) and we only have the possibility to use our previous 1024-bit certificate (which we do not want because we want a 2048 cert) Our main issue is that when I upload a new "CSR" file, the "Continue" button is still on "gray" and cannot move forward on the process. The CSR file has been created with this command: openssl req -out csr_2048.csr -new -newkey rsa:2048 -keyout priv_key_2048.pem -subj /CN=SubjectName/OU=OrganizationalUnit/O=Organization/C=US Some help will be appreciated. Thanks in advance Best,

I'm starting a new project in Xcode, but the Team ID in the "Signing and Capabilities" section for iOS is different from the one on the website. Is this a problem? Why does Xcode automatically send a different ID when signing?

Hello, We're developing endpoint security software using the Endpoint Security framework, and we've encountered challenges with the behavior change in macOS 15 regarding provisioning UDIDs in cloned VMs. The Change Prior to macOS 15, cloning a VM preserved its UDID (format: 0000FE00-9C4ED9F68BBDC72D). Starting with macOS 15, cloned VMs receive a new UDID generated from the host's Secure Enclave (format: b043d27202c7ac37ca3c6b82673302225485cae9), making each clone effectively a new device. Our Workflow We maintain a clean base VM image and clone it for each test run. We add the base VM's UDID to our provisioning profile once, then create clones which (previously) retained that same UDID, allowing us to start new testing cycles without re-registering devices. This is essential because our product involves low-level system integration through the Endpoint Security framework, and if something goes wrong during development, it has the potential to affect system stability. To prevent any cascading issues between test runs or different product versions, we need each test to start from a known clean state rather than reusing the same VM. The Challenge With each VM clone generating a new UDID, we're hitting Apple's device registration limits quickly. This particularly impacts: New team members who spin up VMs for the first time and can't run signed builds Our CI/CD pipeline where multiple test environments need provisioning profiles Developers testing different branches who need separate clean environments Current Workaround We've found that VMs created on macOS 14 and upgraded to macOS 15+ retain their original UDID format. However, we're concerned this workaround may stop working in future macOS versions, which would leave us without a viable path forward. If the workaround stops working, our fallback would be signing each CI build with a Developer ID signature to allow running on any device. However, we'd prefer to avoid this as it would significantly increase load on Apple's signing infrastructure for what are essentially internal test builds. We completely understand the security reasoning behind tying UDIDs to the host's Secure Enclave for Apple Account support. However, for development workflows that don't require Apple Account features in VMs but do require clean, isolated test environments, the previous behavior was quite valuable. Question Is there a recommended approach for teams in our situation? We're happy to explore alternative workflows if there's a pattern we're missing, or we'd be glad to provide more context if this is a use case Apple is considering for future updates. Thanks for any guidance you can provide! Feedback case: FB21389730

As mentioned in the linked post, I can archive the project locally but not via Xcode Cloud. I have also created a new project, but the same thing happens here. https://developer.apple.com/forums/thread/746210 Error Code: ITMS-90035: Invalid Signature. Code failed to satisfy specified code requirement(s). The file at path “{AppName}.app/{AppName}” is not properly signed. Make sure you have signed your application with a distribution certificate, not an ad hoc certificate or a development certificate. Verify that the code signing settings in Xcode are correct at the target level (which override any values at the project level). Additionally, make sure the bundle you are uploading was built using a Release target in Xcode, not a Simulator target. If you are certain your code signing settings are correct, choose “Clean All” in Xcode, delete the “build” directory in the Finder, and rebuild your release target. For more information, please consult https://developer.apple.com/support/code-signing.

The entire 'Certificates, IDs & Profiles' section is missing from developer.apple.com portal for one of the accounts I am a developer for. The Team is also missing from the dropdowns in Xcode in Code Signing. The organization account membership is paid through July 2026, and I do not see that the Account Holder needs to sign any agreements. I am a user on other accounts, and none of them have this issue. Does anyone know what's going on?