General: Forums topic: Family Controls Forums tag: Family Controls Configuring Family Controls documentation Screen Time Technology Frameworks documentation FamilyControls documentation What's new in Screen Time API video Meet the Screen Time API video

Some of our users encounter an issue after updating their iPhone/iPad to iOS 17.5.1. The tokens passed in the Shield Configuration extension don't match the tokens they selected in my app using the FamilyPicker before updating to iOS 17.5.1. It seems the tokens changed for no reason. My app can't match the token from the ShieldConfigurationDataSource to any tokens stored on my end, causing my shield screens to turn blank. The same applies to tokens in the Device Activity Report extension. The only workaround I've found is to tell affected users to unselect and reselect apps and websites to block in my app. This gets them new tokens from the FamilyActivityPicker, which solves the issue. However, for some users, the bug reoccurs a few days later. Tokens seem to change again, causing the same issue in the Shield Configuration extension. I am not able to reproduce the issue on my test devices so I have no sysdiagnose to attach. However, this issue is affecting other screen time apps: https://developer.apple.com/forums/thread/732845 https://forums.developer.apple.com/forums/thread/756440 FB14082790 FB14111223 A change in iOS 17.5.1 must have triggered this behaviour. Could an Apple engineer give us any updates on this?

3.5 weeks ago I submitted form https://developer.apple.com/contact/request/family-controls-distribution to get Family Controls entitlement for my app. I still not received any feedback at all...   Contacting Support also doesn't help... Is there any time limits for this request or any average time of waiting for feedback?

We have developed a Parental/Self control app using Screen time API. We have used individual authentication to authorize the app, using the instructions here: https://developer.apple.com/documentation/familycontrols/authorizationcenter The problem is , that individual auth can be disabled easily , by the following steps: enter Settings app. in Settings app, click on the Parental/Self control app. click to disable screen time restriction. show the device owner's face/fingerprint. (or pin code) Why is that a problem: Parental control apps, or self-control apps, are about giving control to the software, To make it hard for the user to disable the restrictions. So using the flow I have introduced above, it's super-easy for a user to disable his Parental control restrictions, which misses the entire point of Parental/Self control idea. Furthermore, not only the user have the means to unlock his screen time restrictions, he also MUST have the means to unlock it. This makes Screen time (with individual auth) useless: I have a code ready to make a great parental control app for my clients, with amazing ideas, but I can't use the Screen time API unless this problem is fixed. Why child-parent auth is not enough: My clients are grownups people between ages of 15-40, that are interested in self-control, so they don't have iCloud child accounts. also, the child-parent auth solution forces my clients to give some control to other person, and my clients prefer their privacy. Some of them prefer self-control and not parental-control. What I suggest as a solution: 1: Give more options to users how to disable the Screen time restrictions. including: a second faceID / FingerPrint (that isn't the same as the one used to unlock the device) a second pin password. a string password 2: Give the users the option to choose to not have the device's owner Face/Finger/Pincode ID , as a method to disable the Screen time restrictions.

Hello! I am experiencing some strange bugs around DeviceActivityEvents: When creating a DeviceActivityEvent we can assign a threshold and applicationTokens. The idea is, that after the user has spent said threshold on said apps, eventDidReachThreshold is called. includesPastActivity is set to false. On iOS 26 however, it happens (quite reliably after updating to a new beta seed) quite often that eventDidReachThreshold is called immediately (after a couple of seconds) instead of waiting for the threshold to be met. Is anyone else seeing similar issues on iOS 26? Only workaround I have found is to ask users to re-grant Screen Time permissions. This only holds for about two weeks though or at most until the next iOS 26 beta update is installed. Feedback filed under: FB18061981 FB18927456

When I tap on one of the buttons in the ShieldAction extension I want to close the shield and open the parent app instead of the shielded app. Is there any way of doing this using the Screen Time API? class ShieldActionExtension: ShieldActionDelegate {      override func handle(action: ShieldAction, for application: ApplicationToken, completionHandler: @escaping (ShieldActionResponse) -> Void) {     // Handle the action as needed.           let store = ManagedSettingsStore()               switch action {     case .primaryButtonPressed:       //TODO - open parent app       completionHandler(.defer)     case .secondaryButtonPressed:       //remove shield       store.shield.applications?.remove(application)       completionHandler(.defer)         @unknown default:       fatalError()     }   }   }

Our app uses a 24-hour DeviceActivityMonitor repeating schedule to send users notifications for every hour of screen time they spend on their phone per day. Notifications are sent from eventDidReachThreshold callbacks at 1, 2, 3, etc, hour thresholds to keep them aware of their screen time. We have recently received an influx of emails from our users that after updating to iOS 17.6.1 their DeviceActivityMonitor notifications are saying their screen time was much higher than what is shown in DeviceActivityReport and their device's Screen Time settings. These users have disabled "Share Across Devices" - but I suspect the DeviceActivityMonitor is still getting screen time from their other devices even though that setting is turned off. Has anybody else noticed this, understands what is causing this, or could recommend a fix that we can tell our users to do?

Issue with Universal Links and App Extension (ShieldAction Handler) I'm currently working on a POC app using the FamilyControls framework and facing an issue when trying to open a Universal Link from an app extension, specifically from a ShieldAction handler. When I try to open a Universal Link, I encounter the following error: Failed to open URL https://sixteen-server-c008110f8759.herokuapp.com/.well-known/apple-app-site-association: Error Domain=FBSOpenApplicationServiceErrorDomain Code=1 "The request to open 'com.apple.mobilesafari' failed." UserInfo={BSErrorCodeDescription=RequestDenied, NSUnderlyingError=0x14f2d90b0 {Error Domain=FBSOpenApplicationErrorDomain Code=3 "Application com.sixteen.life is neither visible nor entitled, so may not perform un-trusted user actions." UserInfo={BSErrorCodeDescription=Security, NSLocalizedFailureReason=Application com.sixteen.life is neither visible nor entitled, so may not perform un-trusted user actions.}} Context: I’m using a ShieldAction handler as part of an App Extension to trigger the action (e.g., "Break in Shield") in my app. The app extension (ShieldAction handler) is responsible for trying to open the Universal Link. I’m encountering the error because the app is not visible or entitled to perform this action, which seems to be related to security restrictions when using App Extensions. Questions: App Extension and Universal Link Interaction: Is it possible for an App Extension (like ShieldAction handler) to open a Universal Link or trigger an external app, such as Safari, even though it is not the foreground app? Entitlements for App Extensions: Are there any specific entitlements or permissions required to allow an app extension (ShieldAction handler) to open Universal Links or perform actions like opening Safari from the background? App Visibility and State: How can I ensure that my app is in the right state (visible/active) and has the necessary entitlements to trigger these actions when running in the context of an app extension? Workaround: If this behavior is restricted due to app extension limitations, what would be the recommended workaround to handle launching external apps (like Safari) or Universal Links from within an app extension?

We persist ApplicationTokens in a storage container that ShieldConfigurationExtension has access to. In rare, cases all the ApplicationTokens for a user seem to change. We know this because the Application parameter passed into configuration(shielding application: Application) -> ShieldConfiguration function has a Token that does not match (using == ) any of the ones we are persisting in storage. Interestingly, the persisted ones still work, so I don't believe storage has gotten corrupted or anything. We can use them to add or remove shields, we can use them to display labels of the apps they represent, etc. But they don’t match what’s passed into the ShieldConfiguration extension. If the user goes into the FamilyPicker at this point and selects an app of a token that we are already persisting, the FamilyPickerSelection will have a token matching the new one that is passed into ShieldConfigurationExtension, not the one we persisted when they last selected that app. This leads me to believe the tokens are updated/rotated in some cases. When and why does this happen, and how can we handle it gracefully?

I’m developing a self-management app using Family Controls, but I’ve encountered a FamilyActivityPciker's crash due to an XPC(or UIRemoteView) issue when there are too many tokens(maybe 200+ items) in a category. This makes bad UX, so I’m looking for a workaround. (I guess that the crash reason is cross process memory limitations, such as App Extension 50MB memory limitation.) A lot of web domains contribute to increase the number of tokens, However, even after clearing Safari’s browsing history, the tokens displayed in the FamilyActivityPicker remains unchanged. Is there any workaround that a 3rd party developer can implement to address this issue? prevent FamilyActivityPicker crashes or reduce the number of web domain tokens? For example, if there’s a way to reset the web domain tokens shown in FamilyActivityPicker from the Settings app, I could offer a help to users. Does anybody have ideas? Expanding SNS Category (29 items) It succeeded. Expanding Productivity & Finance (214 items) It failed. The screen froze, then appears blank. When the number of items is around 100, the crash rate is 50%, but when the items are over 200, the crash rate is 100%. Search Bar Problem The search bar also has same problem. If the number of search results are small, it works good without any blank, but if there are a lot of search results (200+), the XCP crashes and the screen appears blank. Code to Reproduce import SwiftUI import FamilyControls struct ContentView: View { @State private var selection = FamilyActivitySelection() @State private var isPickerPresented: Bool = false var body: some View { VStack { Button("Open Picker") { isPickerPresented = true } } .familyActivityPicker(isPresented: $isPickerPresented, selection: $selection) } } Steps to Reproduce Prepare a category that has 200+ items Try to open the category in the picker The screen will freeze, then appears blank. Errors in Console [u EDD60B83-5D2A-5446-B2C7-57D47C937916:m (null)] [com.apple.FamilyControls.ActivityPickerExtension(1204)] Connection to plugin interrupted while in use. AX Lookup problem - errorCode:1100 error:Permission denied portName:'com.apple.iphone.axserver' PID:2164 ( 0 AXRuntime 0x00000001d46c5f08 _AXGetPortFromCache + 796 1 AXRuntime 0x00000001d46ca23c AXUIElementPerformFencedActionWithValue + 700 2 UIKit 0x0000000256b75cec C01ACC79-A5BA-3017-91BD-A03759576BBF + 1527020 3 libdispatch.dylib 0x000000010546ca30 _dispatch_call_block_and_release + 32 4 libdispatch.dylib 0x000000010546e71c _dispatch_client_callout + 20 5 libdispatch.dylib 0x00000001054765e8 _dispatch_lane_serial_drain + 828 6 libdispatch.dylib 0x0000000105477360 _dispatch_lane_invoke + 408 7 libdispatch.dylib 0x00000001054845f0 _dispatch_root_queue_drain_deferred_wlh + 328 8 libdispatch.dylib 0x0000000105483c00 _dispatch_workloop_worker_thread + 580 9 libsystem_pthread.dylib 0x0000000224f77c7c _pthread_wqthread + 288 10 libsystem_pthread.dylib 0x0000000224f74488 start_wqthread + 8 ) Error acquiring assertion: <Error Domain=RBSAssertionErrorDomain Code=2 "Specified target process does not exist" UserInfo={NSLocalizedFailureReason=Specified target process does not exist}>

Hello, I think it is quite a common use-case to open the parent app that owns the ShieldActionDelegate when the user selects an action in the Shield. There are only three options available that we can do in response to an action: ShieldActionResponse.none ShieldActionResponse.close ShieldActionResponse.defer It would be great if this new one would be added as well: ShieldActionResponse.openParentApp While finding a workaround for now, the problem is that the ShieldActionDelegate is not a normal app extension. That means, normal tricks do not work to open the parent app from here. For example, UIApplication.shared.open(url) does not work because we can’t access UIApplication from the ShieldActionDelegate unfortunately. NSExtensionContext is also not available in the ShieldActionDelegate unfortunately, so that’s also not possible. There are apps however, that managed to find a workaround, in my research I stumbled across these two: https://apps.apple.com/de/app/applocker-passcode-lock-apps/id1132845904?l=en-GB https://apps.apple.com/us/app/app-lock/id6448239603 Please find a screen recording (gif) attached. Their workaround is 100% what I’m looking for, so there MUST be a way to do so that is compliant with the App Store guidelines (after all, the apps are available on the App Store!). I had documented my feature request more than 2 years ago in this radar as well: FB10393561

Hello, The purpose of "Screen Time Passcode" under Settings/Screen Time is to protect Screen Time preferences and it is asked every time the user updates Downtime, App Limits, Content & Privacy Restrictions and so on. But the private passcode is not requested if the user disables Screen Time for a particular app (only Face ID or phone passcode is requested, but not the private Screen Time passcode). I think this is a mistake, I think the purpose of a private Screen Time passcode is to protect all settings, including apps that use this API, right? Is there any solution to this? Thank you.

Hi, I'm trying to make use of the Device Activity Labels where you supply an ApplicationToken. I can successfully get it to show the icon + title of the Application (twitter in my case) but I cannot get the styling to work. // Works .labelStyle(.iconOnly) .labelStyle(.titleOnly) .border(...) ![]("https://developer.apple.com/forums/content/attachment/9660b578-a36f-4d5a-ae18-653a207aa5ab" "title=Screenshot 2023-03-12 at 12.57.34 PM.png;width=1218;height=844") // Does NOT work .font(.largeTitle) .foregroundColor(.blue) I have checked the same style (or just modifiers) against a standard Label and they actually do work in the code below. // This is an application token. Some style not applied. Label(targetApp) .labelStyle(MyStyle()) // Showing the same style using a simple label. All styles correctly applied. Label("Twitter", systemImage: "video.square.fill") .labelStyle(MyStyle()) Is changing the font + color of the title for this Label(_ applicationToken:) supported?

I am currently building a screen time app and I am trying to figure out how to persist the family activity picker so that when my app closes and re-opens, the app selections in it are saved. I've successfully implemented core data and figured out how to store names of the selected apps in a list like this - Core Data addApp Function - func addApp(name: String, context: NSManagedObjectContext){ let newApp = AppToken(context: context) newApp.bundleIdentifier = name saveData(context: context) } Adding app selections to Core Data (after the family activity picker has updated the selection) - .onChange(of: model.selectionToDiscourage) { for i in model.selectionToDiscourage.applications { print(i) dataController.addApp(name:i.localizedDisplayName ?? "Temp", context: moc) } Printing saved selections in a list (bundleIdentifier is my attribute for my appToken entity, but I am just pulling the names here. For whatever reason all of them end up being Temp" as shown above anyway. In other words name:i.localizedDisplayName is not working and Temp is shown in the list for every app chosen) - if dataController.savedSelection.isEmpty { Text("No Apps Selected") .foregroundColor(.gray) } else { List(dataController.savedSelection, id: \.self) { app in Text(app.bundleIdentifier ?? "Unknown App") } .scrollContentBackground(.hidden) } So, when my app closes and reopens, the list of app names persists. Now, my issue is figuring out how to write back to selectionToDiscourage and loading the family activity picker with those saved apps. I have no idea if I should be doing this a different way and if using Core Data is overkill, but I cannot figure out how it's syntactically possible to write back to this family activity picker when the app reopens - .familyActivityPicker(isPresented: $isPresented, selection:$model.selectionToDiscourage) Thank you to whoever takes a look at this!!

If I present "SFSafariViewController" when a "FamilyActivityPicker" is visible, it will automatically dismiss the "SFSafariViewController" and crash the "FamilyActivityPicker." I'm assuming the cause of the bug is that each is in a separate process (aside from the app), and there's some hacks to try to stop "FamilyActivityPicker" from crashing, and this is causing the new bug because "SFSafariViewController" is also in a separate process. (I'm not 100% if its just in 18.4 or iOS 18 overall...) (I'll try to file a feedback soon, but its 100% reproducible for me across multiple devices on iOS 18.4)

Hello, I’m building an app that helps people spend less time on social media apps. For that, I make heavy use of Apple’s Screen Time APIs, such as ManagedSettings and FamilyControls. When an app is locked using a ShieldConfiguration, the user has to open my app in order to unlock it (e.g. enter a code). This is very cumbersome because no documented API exists to open the parent app (=my app) from the ShieldActionDelegate (also part of my app) when the user presses a button of the ShieldConfiguration. The ShieldActionDelegate callback just offers three options in its ShieldActionResponse: .none .defer .close .openParentApp is missing. We are working around this limitation by sending a local push notification that the user has to tap on. This has multiple drawbacks: It has to be ensured that notification permission has been granted. It has to be ensured that notifications can be delivered even while focus is enabled. Features such as Apple Intelligence notification summaries and notification prioritization can heavily delay delivering notifications and thus frustrate the user. Neither my users nor myself do understand why this is not possible in a smoother way, at least according to the documentation. There are 3rd party apps that have such functionality, they can directly open their own app from a button press in the Shield, see here: https://apps.apple.com/us/app/applocker-passcode-lock-apps/id1132845904 It would be great if Apple could level the playfield for all developers and document how this is achievable, because technically it clearly is. Thanks a lot and have a great day!

I created a ShieldConfigurationExtension in Xcode 14.3 with File > New > Target > ShieldConfigurationExtension. This created the extension with all the necessary Info.plist values (correct NSExtensionPrincipalClass, etc.), with the extension included in embedded content in the host app target. No matter what I try, the extension is not getting invoked when I shield applications from my host app. The custom UI does not show as the shield, and looking at the debugger, an extension process is never invoked. I am shielding categories like this: let managedSettings = ManagedSettingsStore() ... managedSettings.shield.applicationCategories = .all() And my extension code overrides all the ShieldConfigurationDataSource functions. class ShieldConfigurationExtension: ShieldConfigurationDataSource { override func configuration(shielding application: Application) -> ShieldConfiguration { return ShieldConfiguration( backgroundBlurStyle: UIBlurEffect.Style.systemThickMaterial, backgroundColor: UIColor.white, icon: UIImage(systemName: "stopwatch"), title: ShieldConfiguration.Label(text: "You are in a Present Session", color: .yellow) ) } override func configuration(shielding application: Application, in category: ActivityCategory) -> ShieldConfiguration { return ShieldConfiguration( backgroundBlurStyle: UIBlurEffect.Style.systemThickMaterial, backgroundColor: UIColor.white, icon: UIImage(systemName: "stopwatch"), title: ShieldConfiguration.Label(text: "You are in a Present Session", color: .yellow) ) } override func configuration(shielding webDomain: WebDomain) -> ShieldConfiguration { return ShieldConfiguration( backgroundBlurStyle: UIBlurEffect.Style.systemThickMaterial, backgroundColor: UIColor.white, icon: UIImage(systemName: "stopwatch"), title: ShieldConfiguration.Label(text: "You are in a Present Session", color: .yellow) ) } override func configuration(shielding webDomain: WebDomain, in category: ActivityCategory) -> ShieldConfiguration { return ShieldConfiguration( backgroundBlurStyle: UIBlurEffect.Style.systemThickMaterial, backgroundColor: UIColor.white, icon: UIImage(systemName: "stopwatch"), title: ShieldConfiguration.Label(text: "You are in a Present Session", color: .yellow) ) } } What am I missing?

The functionality of authorizationStatus and requestAuthorization is completely broken. I'm using Xcode 15.3 and iOS 17.4. Does anyone have a solution? authorizationStatus doesn't behave as promised Revoking authorization in the system-wide settings does not change the authorizationStatus while the app is not closed. Calls to center.authorizationStatus will still return .approved instead of .denied. Even closing and relaunching the app after revoking authorization does not work: authorizationStatus is then .notDetermined when it should be .denied. Tapping "Don't Allow" in the alert shown after an initial call to requestAuthorization leaves the authorizationStatus unchanged, i.e. at .notDetermined. This is contrary to the promised outcome .denied (defined as: "The user, parent, or guardian denied the request for authorization") and contrary to the definition of .notDetermined (defined as: "The app hasn’t requested authorization", when it just did). Same issue when first tapping "Continue" followed by "Don't Allow" on the next screen. As a consequence of authorizationStatus being broken, its publisher $authorizationStatus is worthless too. requestAuthorization doesn't behave as promised This is most likely a consequence of the corrupted authorizationStatus: when revoking authorization in the system-wide settings, a call to requestAuthorization opens the authorization dialogue instead of doing nothing. It is thus possible to repeatedly ask a user to authorize Family Controls. Code sample To reproduce, create a new SwiftUI app, add the "Family Controls" capability and a button executing the following task when tapped: let center = AuthorizationCenter.shared var status = center.authorizationStatus print(status) do { try await center.requestAuthorization(for: .individual) print("approved") } catch { print("denied") } status = center.authorizationStatus print(status)

Both view and modifier versions of the FamilyActivityPicker crash randomly when selecting some items (usually the other option) throwing these in the console: [com.apple.FamilyControls.ActivityPickerExtension(1150.1)] Connection to plugin invalidated while in use AX Lookup problem - errorCode:1100 error:Permission denied portName:'com.apple.iphone.axserver' PID:22091 ( 0 AXRuntime 0x00000001c603b0fc _AXGetPortFromCache + 800 1 AXRuntime 0x00000001c603cce0 AXUIElementPerformFencedActionWithValue + 700 2 UIKit 0x0000000230de3ec8 DDE6E0C5-2AC3-3C73-8CFE-BC88DE35BB5F + 1453768 3 libdispatch.dylib 0x0000000103ef0b98 _dispatch_call_block_and_release + 32 4 libdispatch.dylib 0x0000000103ef27bc _dispatch_client_callout + 20 5 libdispatch.dylib 0x0000000103efa66c _dispatch_lane_serial_drain + 832 6 libdispatch.dylib 0x0000000103efb408 _dispatch_lane_invoke + 408 7 libdispatch.dylib 0x0000000103f08404 _dispatch_root_queue_drain_deferred_wlh + 328 8 libdispatch.dylib 0x0000000103f07a38 _dispatch_workloop_worker_thread + 444 9 libsystem_pthread.dylib 0x00000001f0824f20 _pthread_wqthread + 288 10 libsystem_pthread.dylib 0x00000001f0824fc0 start_wqthread + 8 ) This also happens in production apps like the Opal. The questions are: At least how to detect it to be able to manually reload the sheet (like what Opal does and shows an alert when this happens) How to prevent it in the first place? I really appreciate any help you can provide.

I was granted permissions for family controls distribution for the main target of my app. Do I also need to request permission for the other targets like ShieldConfiguration, ShieldActionExtension, etc.? If no, how can i add the distribution capabilities to those targets?

Hi team. I am working on an app that uses the Screen Time API. I got access to the family controls (distribution) capability through the request process for my main app. I added a DeviceActivityReport extension in XCode, but haven't been able to get the extension to show up on the screen. I noticed that the extension only has the development version of the family controls capability available. Is this the source of my errors? I was able to get the screen time displayed in a test app I built where both the main app and extension used the development version of the capability, which led me to believe that discrepancy could be the issue. Let me know if there is anything I can provide to help in the debugging process. I didn't send a minimal example in this request due to the fact that I would have to remove most of my functionality to create a "minimal" example (since the signing is only for my main app), but I can do that if needed. Thanks! I looked through the logs in the console for the phone (I'm testing on a real iPhone 13 Pro Max), but didn't see anything that popped out after looking (not exactly sure what to look for though). STEPS TO REPRODUCE: Create an app with the Family Controls, Distribution capability. Then create the DeviceActivityReport with the Family Control, Development capability. Attempt to see the DeviceActivityReport in the main app. NOTE: I was successfully able to create a minimal test app completely separately that used the Development versions of the capabilities for both with the exact same extension code. That's why I think the issue could be due to the capability version discrepancy.