Hello, I'm experiencing a critical issue with PassKit's shareable pass functionality. Despite having the necessary entitlements configured, I'm getting an entitlement error when calling PKAddShareablePassConfiguration.forPassMetaData. Failed to create PKAddShareablePassConfiguration: Error Domain=PKPassKitErrorDomain Code=4 "client is not entitled" UserInfo={NSDebugDescription=client is not entitled} private func createPassViewController(from response: PreparePushProvisioningResponse) { guard let passMetadata = PKShareablePassMetadata( provisioningCredentialIdentifier: response.provisioningCredentialIdentifier, cardConfigurationIdentifier: response.cardConfigurationIdentifier, sharingInstanceIdentifier: response.sharingInstanceIdentifier, passThumbnailImage: response.passThumbnailImage, ownerDisplayName: response.ownerDisplayName, localizedDescription: response.localizedDescription ) else { print("Failed to create PKShareablePassMetadata") return } print("PKShareablePassMetadata created successfully") // This is where the error occurs PKAddShareablePassConfiguration.forPassMetaData( [passMetadata], provisioningPolicyIdentifier: "", // Empty as per documentation action: .add ) { (configuration, error) in if let error = error { print("Failed to create PKAddShareablePassConfiguration: \(error)") // Error Domain=PKPassKitErrorDomain Code=4 "client is not entitled" return } guard let config = configuration else { print("PKAddShareablePassConfiguration is nil") return } // other code... } } The push provisioning preparation succeeds completely: Prepare push provisioning succeeded Credential ID: "XXXX-XXXX....." Owner: Teodora Description: Interflex NFC development PKShareablePassMetadata created successfully Then immediately fails at PKAddShareablePassConfiguration.forPassMetaData() with the entitlement error. Xcode Configuration Issues: When manually entering capabilities in Xcode's Signing & Capabilities tab, I receive this error: Provisioning profile "20250929 VIDC QA DEV" doesn't match the entitlements file's value for the com.apple.developer.contactless-payment-pass-provisioning entitlement. Profile qualification is using entitlement definitions that may be out of date. Connect to network to update. When I don't manually enter the capabilities in the Runner.entitlements file, the provisioning profile error disappears in Xcode, but the runtime entitlement error persists.

We have developed an app that communicates with an external reader using BLE, and the reader also supports NFC. We are implementing a feature that uses PKPassLibrary.requestAutomaticPassPresentationSuppression to prevent the Wallet from appearing when unlocking a lock. We have already completed the approval process for the entitlement required to enable Pass Presentation Suppression, referencing Apple’s documentation: https://developer.apple.com/documentation/passkit/pkpasslibrary/requestautomaticpasspresentationsuppression(responsehandler:) In most cases, this works as expected and the Wallet popup does not appear. However, in some cases — particularly when the app is running in the foreground — the Wallet still appears for users. We have verified that the app bundle includes the required entitlement, and the Info.plist correctly specifies the Pass Presentation Suppression key set to true. Could you please help us understand under what conditions this behavior might still occur, or if any additional configuration is required?

My application is from a bank that provides payment passes, and when I try to retrieve passes already enrolled in the wallet, it always returns empty. Is there something I need to configure for it to work? This is what I've tried, and it hasn't worked: let pkPassLibrary = PKPassLibrary() let paymentPasses = pkPassLibrary.passes(of:.payment) let pkPassLibrary = PKPassLibrary() let paymentPasses: [PKSecureElementPass]=pkPassLibrary .passes(of: .secureElement) .compactMap { $0 as? PKSecureElementPass }

I'm creating an event ticket Apple Wallet Pass and setting a light-coloured background image. When I do this, it automatically sets the foregroundColor to white, even when I explicitly set it to black. What's strange is that on my Mac, the foregroundColor appears as intended, and I can set it to any color I want, but when I AirDrop the pass to my iPhone, it sets the color to white, regardless of what I set the foregroundColor to. This means the text becomes completely illegible for my users, with white text on a white background image. If I remove the background image, the foregroundColor works fine. Is there a way to have a light-colored background image with dark text, or am I forced to have a dark-colored background image? Here are the colors in my pass.json: backgroundColor: "rgb(255, 255, 255)" foregroundColor: "rgb(0, 0, 0)" labelColor: "rgb(0, 0, 0)" I've attached what the pass looks like on my Mac and my iPhone.

We are getting vulnerabilities for passkit generator, used for apple wallet creation. Could you please suggest how to resolve this issue In our system we updated MIME with latest version but passkit is referring older version 1.4.1 npm audit report mime <1.4.1 Severity: high mime Regular Expression Denial of Service when MIME lookup performed on untrusted user input - https://github.com/advisories/GHSA-wrvr-8mpx-r7pp No fix available node_modules/mime passkit * Depends on vulnerable versions of mime node_modules/passkit 2 high severity vulnerabilities Some issues need review, and may require choosing a different dependency.

My application is from a bank that provides payment passes, and when I try to retrieve passes already enrolled in the wallet, it always returns empty. Is there something I need to configure for it to work? This is what I've tried, and it hasn't worked

I want to be able to retrieve payment form wallet, I've used the PKPassLibrary but it hasn't worked

I´m tring to integrate InApp push provisioning but when I send the information from the issuer to SDK to add my debit card to wallet I saw this error: PKPassKitErrorDomain Code 2 error Looking in the forum I found how to see part of the logs to get more detail on the error and I found: POST https://pr-pod9-smp-device.apple.com:443/broker/v4/devices/04131B65D01590022288082867404947F3CCA674C3D41F3C/cards/683986c983984251b9aecfc8ff51d88a/enable 'Error Domain=PKPaymentWebServiceErrorDomain Code=0 "Error inesperado." UserInfo={PKErrorHTTPResponseStatusCodeKey=500, NSLocalizedDescription=Error inesperado.

Hi, We are distributing pk pass files via a web browser. When a user taps Add in the system pass preview, the pass is added successfully, the preview is dismissed, and the user remains in the browser. From a user experience perspective, we would like to better guide users to their newly added pass in Apple Wallet. Is there a supported API, URL scheme, or documented mechanism that allows a web-based flow to transition the user to the Wallet app after a pass has been added? If direct app transitions are not supported in this scenario, what is the recommended best practice for helping users locate and open their newly added pass in Wallet? Thank you for your guidance.

Hello there, We’re currently integrating Apple Wallet pass functionality into our application and am looking for clarification around the automatic update flow. Particularly regarding secure management of the authenticationToken. We’ve reviewed the documentation here: Adding a Web Service to Update Passes authenticationToken Documentation From our understanding: When a user downloads a pass from our service, the .pkpass includes both a webServiceURL and an authenticationToken. Once the pass is added to Wallet, the Wallet app makes authenticated requests to our webServiceURL, using the token in the Authorization header. We then validate this token server-side to serve updates or handle device registration. So far, this flow is clear. However, we’re looking for clarification on two key scenarios: If a user adds the same pass twice on the same device, should the authenticationToken remain the same in both cases? If the same user adds the same pass on a different device, should the authenticationToken also remain consistent across devices? If the answer to both is “yes,” we assume that our backend must store the original authenticationToken in a retrievable form (not just as a hash) to regenerate the same pass for re-download or multi-device sync. Our main question is: What is Apple’s recommended or acceptable approach to storing authenticationToken values securely on the backend? Should these tokens be: Stored in plaintext (e.g. in a protected DB field)? Encrypted using a symmetric key? Hashed (not reversible, but limits reuse)? We want to ensure we align with Apple’s best practices for Wallet security and token management, especially in contexts where the same pass may be installed on multiple devices or reissued later.

Hi everyone, With the rapid growth of digital banking, payments, and AI-driven financial services, building secure and scalable FinTech apps on iOS has become more complex than ever. From handling sensitive user data to ensuring compliance and seamless performance, iOS developers face multiple technical challenges. Key areas that usually require deep expertise include: Apple Pay and Wallet integrations Secure authentication (Face ID / Touch ID / biometrics) Real-time transaction processing Core ML for financial predictions SwiftUI dashboards for financial analytics Data encryption and regulatory compliance https://www.nimbleappgenie.com At Nimble AppGenie, we’ve worked extensively as a FinTech app development expert, helping startups and enterprises design and build iOS financial applications that are secure, scalable, and user-centric. Our experience shows that the most successful fintech apps are those that balance strong security architecture with intuitive UX and performance optimization. I’m interested to hear from the community: What are the biggest challenges you’ve faced while building fintech apps on iOS? Are there any recent iOS updates or Apple frameworks that significantly improved your fintech workflows? How are you handling compliance and security in production apps? Looking forward to learning from everyone’s experiences and best practices.

Hello, I'm implementing the wallet extension for a financial app. Right now I'm having a problem, I want to redirect to the main app when the user hasn't logged in. Is it possible? This is my code in the WalletUI. It just doesn't work. let urlString = "bank://login" guard let url = URL(string: urlString) else { return } self.extensionContext?.open(url, completionHandler: { success in if !success { print("Success") } else { self.completionHandler?(.canceled) } }) }

Hello, I'm implementing the wallet extension but I found a problem in the passEntries function. This following part is giving nil ando I don't know why if let entry = PKIssuerProvisioningExtensionPaymentPassEntry( identifier: element.id, title: element.cardType ?? "Card", art: self.testImage()!, addRequestConfiguration: config! ) { entries.append(entry) } I debug and all the arguments have information but it doesn't create the entry