Provider Communication with Apple Push Notification Service
This chapter describes the interfaces that providers use for communication with Apple Push Notification service (APNs) and discusses some of the functions that providers are expected to fulfill.
General Provider Requirements
As a provider you communicate with Apple Push Notification service over a binary interface. This interface is a high-speed, high-capacity interface for providers; it uses a streaming TCP socket design in conjunction with binary content. The binary interface is asynchronous.
The binary interface of the production environment is available through
gateway.push.apple.com, port 2195; the binary interface of the development environment is available through
gateway.sandbox.push.apple.com, port 2195.
For each interface, use TLS (or SSL) to establish a secured communications channel. The SSL certificate required for these connections is obtained from Member Center. (See Provisioning and Development for details.) To establish a trusted provider identity, present this certificate to APNs at connection time using peer-to-peer authentication.
As a provider, you are responsible for the following aspects of remote notifications:
You must compose the notification payload (see The Notification Payload).
You are responsible for supplying the badge number to be displayed on the app icon.
Connect regularly with the feedback service and fetch the current list of those devices that have repeatedly reported failed-delivery attempts. Then stop sending notifications to the devices associated with those apps. See The Feedback Service for more information.
If you intend to support notification messages in multiple languages, but do not use the
loc-args properties of the
aps payload dictionary for client-side fetching of localized alert strings, you need to localize the text of alert messages on the server side. To do this, you need to find out the current language preference from the client app. Registering, Scheduling, and Handling User Notifications suggests an approach for obtaining this information. See The Notification Payload for information about the
Best Practices for Managing Connections
You may establish multiple connections to the same gateway or to multiple gateway instances. If you need to send a large number of remote notifications, spread them out over connections to several different gateways. This improves performance compared to using a single connection: it lets you send the remote notifications faster, and it lets APNs deliver them faster.
Keep your connections with APNs open across multiple notifications; don’t repeatedly open and close connections. APNs treats rapid connection and disconnection as a denial-of-service attack. You should leave a connection open unless you know it will be idle for an extended period of time—for example, if you only send notifications to your users once a day it is ok to use a new connection each day.
The Binary Interface and Notification Format
The binary interface employs a plain TCP socket for binary content that is streaming in nature. For optimum performance, batch multiple notifications in a single transmission over the interface, either explicitly or using a TCP/IP Nagle algorithm. The format of notifications is shown in Figure 5-1.
The top level of the notification format is made up of the following, in order:
Populate with the number
The size of the frame data.
The frame contains the body, structured as a series of items.
The frame data is made up of a series of items. Each item is made up of the following, in order:
The item identifier. For example, the item number of the payload is
Item data length
The size of the item data.
The value for the item.
The items and their identifiers are as follows:
The device token in binary form, as was registered by the device.
variable length, less than or equal to 2 kilobytes
The JSON-formatted payload.
The payload must not be null-terminated.
An arbitrary, opaque value that identifies this notification. This identifier is used for reporting errors to your server.
A UNIX epoch date expressed in seconds (UTC) that identifies when the notification is no longer valid and can be discarded.
If this value is non-zero, APNs stores the notification tries to deliver the notification at least once. Specify zero to indicate that the notification expires immediately and that APNs should not store the notification at all.
The notification’s priority. Provide one of the following values:
If you send a notification that is accepted by APNs, nothing is returned.
If you send a notification that is malformed or otherwise unintelligible, APNs returns an error-response packet and closes the connection. Any notifications that you sent after the malformed notification using the same connection are discarded, and must be resent. Figure 5-2 shows the format of the error-response packet.
The packet has a command value of 8 followed by a one-byte status code and the notification identifier of the malformed notification. Table 5-1 lists the possible status codes and their meanings.
No errors encountered
Missing device token
Invalid token size
Invalid topic size
Invalid payload size
A status code of 10 indicates that the APNs server closed the connection (for example, to perform maintenance). The notification identifier in the error response indicates the last notification that was successfully sent. Any notifications you sent after it have been discarded and must be resent. When you receive this status code, stop using this connection and open a new connection.
Take note that the device token in the production environment and the device token in the development environment are not the same value.
The Feedback Service
The Apple Push Notification service includes a feedback service to give you information about failed remote notifications. When a remote notification cannot be delivered because the intended app does not exist on the device, the feedback service adds that device’s token to its list. Remote notifications that expire before being delivered are not considered a failed delivery and don’t impact the feedback service. By using this information to stop sending remote notifications that will fail to be delivered, you reduce unnecessary message overhead and improve overall system performance.
Query the feedback service daily to get the list of device tokens. Use the timestamp to verify that the device tokens haven’t been reregistered since the feedback entry was generated. For each device that has not been reregistered, stop sending notifications. APNs monitors providers for their diligence in checking the feedback service and refraining from sending remote notifications to nonexistent apps on devices.
The feedback service has a binary interface similar to the interface used for sending remote notifications. You access the production feedback service via
feedback.push.apple.com on port 2196 and the development feedback service via
feedback.sandbox.push.apple.com on port 2196. As with the binary interface for remote notifications, use TLS (or SSL) to establish a secured communications channel. You use the same SSL certificate for connecting to the feedback service as you use for sending notifications. To establish a trusted provider identity, present this certificate to APNs at connection time using peer-to-peer authentication.
Once you are connected, transmission begins immediately; you do not need to send any command to APNs. Read the stream from the feedback service until there is no more data to read. The received data is in tuples with the following format:
A timestamp (as a four-byte
The length of the device token as a two-byte integer value in network order.
The device token in binary format.
The feedback service’s list is cleared after you read it. Each time you connect to the feedback service, the information it returns lists only the failures that have happened since you last connected.