Our product uses the “Sign in with Apple” feature, and now we need to transfer it to Apple. After reading the documentation, I still have questions and would like to get answers. Q1:Transfer App: After the receiving team receives the App, is the unique identifier obtained by the client App program login the original one? Or is it newly generated? If it is newly generated, from what point in time will it be newly generated? Q2:Transfer App: Is there any validity period for the transfer identifier? About how long? What will happen after the transfer identifier is expired? Q3:When does the transfer identifier (transfer identifier) start to be generated, when the transfer request is initiated or when the transfer is completed, and when I get the transfer identifier, can I directly exchange it for the receiving team's unique identifier? Looking forward to a reply, thanks!

Hey, There are two apps, App A and App B. Both apps do not have Sign in with Apple configured currently, so there are no Sign in with Apple users to transfer. I want to configure this for both apps. App A is on developer team A. App B is on developer team B. They are not on the same developer accounts. It is my understanding that both accounts need to be on the same developer team/account to get the same unique identifiers (e.g. sub id and private relay email address) for privacy reasons. Desired Behavior: When a single user logs into either app A or app B with the newly exposed Sign in with Apple functionality, I need apple to return me the same unique identifiers (e.g. sub and email), so that I can uniquely identify the same user across app A and app B. How can I do this without ANY customer impact.

We are working with an iOS app where we have enabled the “Generate Debug Symbols” setting to true in Xcode. As a result, the .dSYM files are generated and utilized in Firebase Crashlytics for crash reporting. However, we received a note in our Vulnerability Assessment report indicating a potential security concern. The report mentions that the .ipa file could be reverse-engineered due to the presence of debug symbols, and that such symbols should not be included in a released app. We could not find any security-related information about this flag, “Generate Debug Symbols,” in Apple’s documentation. Could you please clarify if enabling the “Generate Debug Symbols” flag in Xcode for a production app creates any security vulnerabilities, such as the one described in the report? The report mentions the following vulnerability: TEST-0219: Testing for Debugging Symbols The concern raised is that debugging symbols, while useful for crash symbolication, may be leveraged to reverse-engineer the app and should not be present in a production release. Your prompt confirmation on this matter would be greatly appreciated. Thank you in advance for your assistance.

I'm working on a Password Manager app that integrates with the AutoFill Credential Provider to provide stored passwords and OTPs to the user within Safari and other apps. Password AutoFill works perfectly. I'm unable to get iOS to register that the app supports OTPs though. I've followed the Apple documentation here: https://developer.apple.com/documentation/authenticationservices/providing-one-time-passcodes-to-autofill and added "ProvidesOneTimeCodes" to the AutoFill extension's Info.plist, but iOS just doesn't seem to notice the OTP support. <key>ASCredentialProviderExtensionCapabilities</key> <dict> <key>ProvidesOneTimeCodes</key> <true/> <key>ProvidesPasswords</key> <true/> </dict> Any help would be greatly appreicated!

Hi, I develop a Mac application, initially on Catalina/Xcode12, but I recently upgrade to Monterey/Xcode13. I'm about to publish a new version: on Monterey all works as expected, but when I try the app on Sequoia, as a last step before uploading to the App Store, I encountered some weird security issues: The main symptom is that it's no longer possible to save any file from the app using the Save panel, although the User Select File entitlement is set to Read/Write. I've tried reinstalling different versions of the app, including the most recent downloaded from TestFlight. But, whatever the version, any try to save using the panel (e.g. on the desktop) results in a warning telling that I don't have authorization to record the file to that folder. Moreover, when I type spctl -a -t exec -v /Applications/***.app in the terminal, it returns rejected, even when the application has been installed by TestFlight. An EtreCheck report tells that my app is not signed, while codesign -dv /Applications/***.app returns a valid signature. I'm lost... It suspect a Gate Keeper problem, but I cannot found any info on the web about how this system could be reset. I tried sudo spctl --reset-default, but it returns This operation is no longer supported... I wonder if these symptoms depend on how the app is archived and could be propagated to my final users, or just related to a corrupted install of Sequoia on my local machine. My feeling is that a signature problem should have been detected by the archive validation, but how could we be sure? Any idea would be greatly appreciated, thanks!

In our App, we store identity in keychain in a specific path var keychain: SecKeychain? let status = SecKeychainCreate(path, UInt32(password.count), password, false, nil, &keychain) guard status == errSecSuccess else { logger.error("Error in creating keychain: \(String(describing: SecCopyErrorMessageString(status, nil)))") throw KeychainError.keychainCreationError } Then later whenever process needs it. it open keychain, import it and uses it. status = SecPKCS12Import(identityData as CFData, [kSecImportExportPassphrase : password, kSecImportExportKeychain: keychain] as CFDictionary, &identityItems) authlog.info("Import status: \(status)") guard status == errSecSuccess else { authlog.error("Error in exporting identity : \(status) \(String(describing:SecCopyErrorMessageString(status, nil)))") throw ClientAuthError.identityFormationError } This worked well till sequoia beta 2. In Sequoia beta 3 and 4, this fails to import with error -25300 : The specified item could not be found in the keychain. one thing I noticed is import succeeds if the keychain is freshly created. when tried to reuse existing keychain it fails in import error. Is this a bug in beta or it any changes made in keychain level by Apple itself. Please help with the solution Log trace: [ 24-07-2024 12:39:15:192 ] [INFO] Challenge delegate received [ 24-07-2024 12:39:15:192 ] [INFO] Client authentication challenge [ 2024-07-24 12:39:15 ] [INFO] retcode of "/bin/chmod -R 777 "/Library/<path>/data/agent-resource"" ::: 0 [ 24-07-2024 12:39:15:237 ] [INFO] Opening keychain... [ 24-07-2024 12:39:15:240 ] [NOTICE] Keychain open status: -25294 [ 24-07-2024 12:39:15:241 ] [ERROR] Keychain error: Optional(The specified keychain could not be found.) [ 24-07-2024 12:39:15:241 ] [INFO] Creating keychain.. [ 24-07-2024 12:39:15:448 ] [INFO] Import status: 0 [ 24-07-2024 12:39:15:448 ] [INFO] Identity: <SecIdentity 0x7ff3ec1f7df0 [0x7ff85540e9a0]> [ 24-07-2024 12:39:15:448 ] [INFO] Credential sent [ 24-07-2024 12:39:15:581 ] [INFO] Upload request completed.. [ 24-07-2024 12:39:15:583 ] [INFO] Status code: 200 [ 25-07-2024 12:24:55:300 ] [INFO] Client authentication challenge [ 25-07-2024 12:24:55:300 ] [INFO] Opening keychain... [ 25-07-2024 12:24:55:305 ] [NOTICE] Keychain open status: 0 [ 25-07-2024 12:24:55:439 ] [INFO] Import status: -25300 [ 25-07-2024 12:24:55:440 ] [ERROR] Error in exporting identity : -25300 Optional(The specified item could not be found in the keychain.) [ 25-07-2024 12:24:55:440 ] [CRITICAL] Error in getting identity: identityFormationError [ 25-07-2024 12:24:55:441 ] [ERROR] Error in obtaining identity [ 25-07-2024 12:24:55:513 ] [INFO] Download request complete... [ 25-07-2024 12:24:55:515 ] [INFO] Status code: 200

I am developing a authorization plugin for mac. i am using SFAuthorizationPluginView as i need a webView(WKWebKit) which will perform webAuthn. But the webview is not rendering the requested webpage( i have stable internet connectio). Is it an expected behaviour for a webview in an authorization plugin?

When we transfer app A to app B, if we transfer the app but don't migrate the user to app B, will the user's previous tokens from app A be invalid? Is this failure real-time or will there be a buffer period to transfer users? If it is a live failure, we want to transfer some users during the transferation process to prevent accidents, and then test them. Is there a way to test it?

I requested permission to use the Family Controls entitlement two weeks ago, and I have not received a response or status update. I have been to that page where it says "Thank you! We'll get back to you soon!" so many times.

Hi, I am working on Authorisation Plugin for Mac OS X and able to get going for most of the parts and taking inspiration from Jamf Authorisation Plugin repo https://github.com/jamf/NoMADLogin-AD. I have seen in project they are implementing logic for following. Connecting to Wifi Power management (Sleep, Restart, Power Off) Question: I was wondering these things need to be implemented or is there a way some components from Mac OS X could be integrated calling some API and I don't have to implement them and I see say a top bar where these items are viable as we see in default login screen. I have developed my own login screen and I do see it is all blank everything I have to implement from scratch. Trying luck here if any API is out there to reduce work, else no option but to implement all logic. I'll really appreciate if someone just could help me know such API's are present or not. In case there are will save lot of effort. Thanks,

I have a small command-line app I've been using for years to process files. I have it run by an Automator script, so that I can drop files onto it. It stopped working this morning. At first, I could still run the app from the command line, without Automator. But then after I recompiled the app, now I cannot even do that. When I run it, it's saying 'zsh: killed' followed by my app's path. What is that? The app does run if I run it from Xcode. How do I fix this?

Hi, I am currently trying to develop an authorization plugin using SFAuthorizationPluginView. My objective is to display a webView to the user for authentication purposes. I have based my work on the updated NameandPassword example : https://github.com/antoinebell/NameAndPassword. I have seen that the header for the SFAuthorizationPluginView class exists in Swift. However, I have not found any implementation examples of an authorization plugin in Swift. I have attempted to implement this on my own but am encountering difficulties displaying my embedded view within a ViewController. Is it possible to create an authorization plug-in in Swift ?

Hi, I use AudioQueueNewInput() with my very own run loop and dedicated thread. But now it doesn't show the mic alert window. Howto fix this? AudioQueueNewInput(&(core_audio_port->record_format), ags_core_audio_port_handle_input_buffer, core_audio_port, ags_core_audio_port_input_run_loop, kCFRunLoopDefaultMode, 0, &(core_audio_port->record_aq_ref));

We run simple iOS Swift code triggered by a remote notification: UserDefaults.standard.set("key", forKey: "value") It runs fine when the app is active or inactive, but when the device is closed/locked and the code is triggered, we see a warning in Xcode: Couldn't write values for keys ( key ) in CFPrefsPlistSource&lt;0x3018802d0&gt; (Domain: com.example, User: kCFPreferencesCurrentUser, ByHost: No, Container: (null), Contents Need Refresh: No): Path not accessible Not updating lastKnownShmemState in CFPrefsPlistSource&lt;0x3018802d0&gt; (Domain: com.example, User: kCFPreferencesCurrentUser, ByHost: No, Container: (null), Contents Need Refresh: No): 767 -&gt; 767 The issue is that there seems to be no way to catch that warning. The value is set, when it's re-read the value is correct. But the value is never written to disk, so after an app restart/update the value is gone, potentially has an old wrong value. This code runs without any interruption, it's just showing the warning on iOS 17.7.1 on iPad: UserDefaults.standard.set("key", forKey: "value") UserDefaults.standard.synchronize() print("value: \(UserDefaults.standard.string(forKey: "key"))") Should there not be a way to catch this, so the code can act accordingly to the circumstances? It would be good to know inside the code that the value is not persisted. I would expect that an exception is generated somewhere which can be caught. It seems .completeFileProtectionUntilFirstUserAuthentication enables files to be written to disk while the device is closed/locked, can something similar be used for UserDefaults.standard?

I am working on improving Keychain item storage secured with Face ID using SecAccessControlCreateWithFlags. The implementation uses the .biometryAny flag as shown below: SecAccessControlCreateWithFlags( kCFAllocatorDefault, kSecAttrAccessibleWhenUnlockedThisDeviceOnly, .biometryAny, &amp;error ) While this approach generally works as expected, I encountered a specific edge case during testing. On iOS 18.3.1 with Xcode 15.4, the following sequence causes the Keychain item to become inaccessible: Navigate to Settings &gt; Face ID &amp; Passcode and select Reset Face ID. Before setting up a new Face ID, tap the Back button to exit the setup process. Reopen the Face ID setup and complete the enrollment. Return to the app—previously stored Keychain items protected by .biometryAny are no longer available. This behavior appears to be a change introduced in recent iOS versions. In versions prior to iOS 15, resetting or deleting Face ID entries did not invalidate existing Keychain items protected by .biometryAny. This difference in behavior between iOS versions raises questions about the changes to biometric protection handling. Any suggestions are welcomed that might shine a light on what the best practice to use keychain access control and prevent the data to become unavailable.

We recently transferred two applications to a different account, both of which utilize Keychain and shared app containers. Before transferring the first application, we anticipated losing access to the Keychain and took proactive measures by backing up data to the app’s private container in the final release prior to the transfer. During the app transfer process, we removed the shared container group ID from the old account and recreated it under the new account. In our testing, Keychain restoration from the local backup was successful, and users experienced no disruptions. However, after releasing the application, we observed that approximately 25% of our users not only lost their Keychain data as expected but also their shared app container data. As we have been unable to reproduce this issue internally, we are seeking your guidance on how to prevent a similar situation when transferring our second application. At this stage, we have not yet released any updates from the new account, and the Keychain data remains backed up in the app’s private container. We would appreciate any insights or recommendations you can provide to ensure a smooth transition for our users and make sure we can keep the data in shared container.

Hello -- I am developing an Authentication Plug-in for the purpose of invoking login with no user interaction (headless). There seems to be sufficient documentation and sample code on how to implement a plug-in and mechanism, and debug the same, which is great. What I am trying to understand is exactly how to modify the login right (system.login.console) in order to accomplish my goal. Question 1: I had the idea of installing my mechanism as the first mechanism of the login right, and when invoked to set the username and password into the engine’s context, in the belief that this would negate the system from needing to display the login screen. I didn’t modify or remove any other mechanisms. This did not work, in the sense that the login screen was still shown. Should this work in theory? Question 2: I then tried modifying the login right to remove anything that interacted with the user, leaving only the following: <array> <string>builtin:prelogin</string> <string>builtin:login-begin</string> <string>builtin:forward-login,privileged</string> <string>builtin:auto-login,privileged</string> <string>MyAuthPlugin:customauth,privileged</string> <string>PKINITMechanism:auth,privileged</string> <string>builtin:login-success</string> <string>HomeDirMechanism:login,privileged</string> <string>HomeDirMechanism:status</string> <string>MCXMechanism:login</string> <string>CryptoTokenKit:login</string> </array> The mechanisms I removed were: <string>builtin:policy-banner</string> <string>loginwindow:login</string> <string>builtin:reset-password,privileged</string> <string>loginwindow:FDESupport,privileged</string> <string>builtin:authenticate,privileged</string> <string>loginwindow:success</string> <string>loginwindow:done</string> In place of builtin:authenticate I supplied my own mechanism to verify the user’s password using OD and then set the username and password in the context. This attempt appears to have failed quite badly, as authd reported an error almost immediately (I believe it was related to the AuthEngine failing to init). There’s very little information to go on as to what each of these mechanisms do, and which are required, etc. Am I on the wrong track in attempting this? What would be the correct approach?

Hi everyone, I'm working on a macOS authorization plugin (NameAndPassword) to enable users to log into their system using only MFA, effectively making it passwordless. To achieve this, I'm attempting to store the user's password securely in the Keychain so it can be used when necessary without user input. However, when I attempt to store the password, I encounter error code -25308. Below is the code I'm using to save the password to the Keychain: objc code (void)storePasswordInKeychain:(NSString *)password forAccount:(NSString *)accountName { NSData *passwordData = [password dataUsingEncoding:NSUTF8StringEncoding]; NSDictionary *query = @{ (__bridge id)kSecClass: (__bridge id)kSecClassGenericPassword, (__bridge id)kSecAttrService: @"com.miniOrange.nameandpassword", (__bridge id)kSecAttrAccount: accountName, (__bridge id)kSecValueData: passwordData, (__bridge id)kSecAttrAccessible: (__bridge id)kSecAttrAccessibleAfterFirstUnlock }; // Delete any existing password for the account OSStatus deleteStatus = SecItemDelete((__bridge CFDictionaryRef)query); if (deleteStatus == errSecSuccess || deleteStatus == errSecItemNotFound) { [Logger debug:@"Old password entry deleted or not found."]; } else { [Logger error:@"Failed to delete existing password: %d", (int)deleteStatus]; } // Add the new password OSStatus addStatus = SecItemAdd((__bridge CFDictionaryRef)query, NULL); if (addStatus == errSecSuccess) { [Logger debug:@"Password successfully saved to the Keychain."]; } else { [Logger error:@"Failed to save password: %d", (int)addStatus]; } } Any insights or suggestions would be greatly appreciated!

I have my custom Authplugin implemented at login (system.login.console), and I want to remove password requirement validation/authentication from system.login.console authorization right. Do you see any functionality loss in completely removing password need at login. And is there any reference which can help me here to acheive this?

Hello, I have created an app for both iOs and Android where upon speaking two trigger words, the listening app sends a text and then calls to an inputted designated phone contact. The Android version works perfectly. The iOs version also works perfectly but the iOs app emiits a PopUp for each, the text and then the call asking "Do you really want to send the text -or- make the call". Basically, I input the contact info and I spoke the trigger words. So, yes I want to send the text and make the call. So, I have to click the two PopUps then the device sends and calls. Is there a way to suppress the PopUps in any way? The app is designed for emergencies. So, a dely to anser a popup is not at all good. Maybe by telling the device to allow auto calls and texts from my app? Any and all help on this issue will be very welcomed... Thanks :)