Team-scoped keys introduce the ability to restrict your token authentication keys to either development or production environments. Topic-specific keys in addition to environment isolation allow you to associate each key with a specific Bundle ID streamlining key management. For detailed instructions on accessing these features, read our updated documentation on establishing a token-based connection to APNs.

I’m building a macOS app with a DNS Proxy system extension for Developer ID + notarization, deployed via MDM, and Xcode fails the Developer ID Release build with a provisioning profile mismatch for com.apple.developer.networking.networkextension. Environment macOS: Sequoia (15.7.2) Xcode: 26.2 Distribution: Developer ID + notarization, deployed via MDM Host bundle ID: com.mydns.agent.MyDNSMacProxy DNS Proxy system extension bundle ID: com.mydns.agent.MyDNSMacProxy.dnsProxy Host entitlements (Release): File: MyDNSMacProxy/MyDNSMacProxyRelease.entitlements: "http://www.apple.com/DTDs/PropertyList-1.0.dtd"> <plist version="1.0"> <dict> <key>com.apple.application-identifier</key> <string>B234657989.com.mydns.agent.MyDNSMacProxy</string> <key>com.apple.developer.networking.networkextension</key> <array> <string>dns-proxy</string> </array> <key>com.apple.developer.system-extension.install</key> <true/> <key>com.apple.developer.team-identifier</key> <string>B234657989</string> <key>com.apple.security.app-sandbox</key> <true/> <key>com.apple.security.application-groups</key> <array> <string>group.com.mydns.MyDNSmac</string> </array> <key>keychain-access-groups</key> <array> <string>B234657989.*</string> </array> </dict> </plist> xcodebuild -showBuildSettings -scheme MyDNSMacProxy -configuration Release : PROVISIONING_PROFILE_SPECIFIER = main MyDNSMacProxy5 CODE_SIGN_IDENTITY = Developer ID Application Host Developer ID profile main_MyDNSMacProxy5.provisionprofile (via security cms -D): "Entitlements" => { "com.apple.application-identifier" => "B234657989.com.mydns.agent.MyDNSMacProxy" "com.apple.developer.team-identifier" => "B234657989" "com.apple.security.application-groups" => [ "group.com.mydns.MyDNSmac", ..., "B234657989.*" ] "keychain-access-groups" => [ "B234657989.*" ] "com.apple.developer.system-extension.install" => 1 "com.apple.developer.networking.networkextension" => [ "packet-tunnel-provider-systemextension", "app-proxy-provider-systemextension", "content-filter-provider-systemextension", "dns-proxy-systemextension", "dns-settings", "relay", "url-filter-provider", "hotspot-provider" ] } So: App ID, team ID, keychain and system‑extension.install match. The profile’s com.apple.developer.networking.networkextension is a superset of what I request in the host entitlements (dns-proxy only). System extension (for context) DNS Proxy system extension target: NSExtensionPointIdentifier = com.apple.dns-proxy NetworkExtension → NEProviderClasses → com.apple.networkextension.dns-proxy → my provider class Entitlements: com.apple.developer.networking.networkextension = ["dns-proxy-systemextension"] This target uses a separate Developer ID profile and builds successfully. Xcode error Release build of the host fails with: …MyDNSMacProxy.xcodeproj: error: Provisioning profile "main MyDNSMacProxy5" doesn't match the entitlements file's value for the com.apple.developer.networking.networkextension entitlement. (in target 'MyDNSMacProxy' from project 'MyDNSMacProxy') Xcode UI also says: Entitlements: 6 Included, 1 Missing Includes com.apple.developer.team-identifier, com.apple.application-identifier, keychain-access-groups, com.apple.developer.system-extension.install, and com.apple.security.application-groups. Doesn’t match entitlements file value for com.apple.developer.networking.networkextension. Because of this, the app bundle isn’t produced and I can’t inspect the final signed entitlements. Questions: For com.apple.developer.networking.networkextension, should Xcode accept a subset of values in the entitlements (here just dns-proxy) as long as that value is allowed by the Developer ID profile, or does it currently require a stricter match? Is the following configuration valid for Developer ID + MDM with a DNS Proxy system extension: Host entitlements: ["dns-proxy"] System extension entitlements: ["dns-proxy-systemextension"] Host profile’s NE array includes the DNS Proxy system extension types. If this is a known limitation or bug in how Xcode validates NE entitlements for Developer ID, is there a recommended workaround? Thanks for any guidance.

The same code built in a regular Mac app (with UI) does get paired. The characteristic properties are [.read, .write, .notify, .notifyEncryptionRequired] The characteristic permissions are [.readEncryptionRequired, .writeEncryptionRequired] My service is primary. In the iOS app (central) I try to read the characteristic, but an error is reported: Error code: 5, Description: Authentication is insufficient.

Hi, On macOS 26.4 Beta (25E5218f) （macOS Tahoe 26 Developer Beta ）, the network filter causes network failures or slowdowns. This manifests as Chrome failing to access websites, while Safari can access the same websites without issue. The affected websites can be pinged locally. My situation is similar to this situation.The same question link is: https://github.com/objective-see/LuLu/issues/836 Have you been paying attention to this issue? Hopefully, it can be fixed in the official release. Thank you.

Dear Apple Developer Support Team, I am writing to inquire about the process for obtaining approval for the following entitlement in my iOS/macOS app: <key>com.apple.developer.networking.networkextension</key> <array> <string>content-filter-provider</string> </array> Specifically, I would like guidance on: The steps required to submit a request for this entitlement. Any necessary documentation or justification that needs to be provided to Apple. Typical review timelines and approval criteria. Any restrictions or compliance requirements associated with this entitlement. Our app intends to implement a content filtering functionality to enhance network security and user safety. We want to ensure full compliance with Apple’s policies and guidelines. Could you please provide detailed instructions or point us to the relevant resources to initiate this approval process? Thank you for your assistance.

Dears, We are developing an apple wallet extension. In the Non-ui extension, in the getPaymentPassEntry overriden function we have to return an object such as: ``PKIssuerProvisioningExtensionPaymentPassEntry(identifier: identifier, title: label, art: getEntryArt(image: uiImage), addRequestConfiguration: requestConfig)!`` What is not clear are the requirements for this "art" parameter. Somewhere in the FAQ it says that the art has to be an image of 1536 x 969 resolution, <4 MB, squared corners, no chip contacts, and so forth) but we set there images of any size and the extension displays them without any problem. Are those requirements (1536 x 969 resolution, and so on) only for the images that are displayed in the wallet only after the card has been added? In this case, are those images coming from the PNO directly and not coming from the function above which is in the wallet extension? Thanks,

Hi Apple Network Team, Good day. Recently we are experiencing some issues that when iOS or iPad OS connected to a Wi-Fi with captive portal, iOS sometimes failed to launch the full captive portal website. Based on TCPDump and WLAN dump logs, when this failure happened, we only see web client on iOS queried AAAA and HTTPS DNS queries without A query. Not all the websites are supporting and being hosted on both IPv4 and IPv6 servers. Is there a know bug on iOS and iPad OS side including OS version >= 36.2.

I have an older project that was created before Xcode 26.2. In Xcode versions prior to 26.2, there was no Swift Compiler – Concurrency build setting. With those older versions, the following behavior occurs: a nonisolated function executes off the main thread. class ViewController: UIViewController { override func viewDidLoad() { super.viewDidLoad() run() } private func run() { Task { await runInMainThread() } } func runInMainThread() async { print(">>>> IN runInMainThread(), Thread.isMainThread \(Thread.isMainThread)") await runInBackgroundThread() } private nonisolated func runInBackgroundThread() async { print(">>>> IN runInBackgroundThread(), Thread.isMainThread \(Thread.isMainThread)") } } Output: >>>> IN runInMainThread(), Thread.isMainThread true >>>> IN runInBackgroundThread(), Thread.isMainThread false However, starting with Xcode 26.2, Apple introduced the Swift Compiler – Concurrency settings. When running the same code with the default configuration: Approachable Concurrency = Yes Default Actor Isolation = MainActor This is the output Output: >>>> IN runInMainThread(), Thread.isMainThread true >>>> IN runInBackgroundThread(), Thread.isMainThread true the nonisolated function now executes on the main thread. This raises the following questions: What is the correct Swift Compiler – Concurrency configuration if I want a nonisolated function to run off the main thread? Is nonisolated still an appropriate way to ensure code runs on a background thread?

Hi, I develop an ES client applying rule-engine evaluating ES events (mostly File-system events). It is a bit non-standard not being deployed as a System-Extension, but rather as a global daemon. On some Macs, I sometimes see "crash reports" for the ES process, all sharing Termination Reason: Namespace ENDPOINTSECURITY, Code 2 EndpointSecurity client terminated because it failed to respond to a message before its deadline All of these happen not while normal Mac usage, but rather right at Mac wakeup time after sleep. My guess is, some ES_AUTH events (with deadline) arrive when Mac goes to sleep, and somehow my high-priority dispatch_queue handling them is "put to sleep" mid processing them, so when the Mac wakes up - event handling continues long after the deadline passed, and MacOS decides to kick the process. Questions: What is the recommended behavior with ES vs Sleep/Wake cycles? (we're not an antivirus, and we don't care much to clear events or go "blind" for such time) Can I specify somewhere in the info.plist of my bundle (this is built like an App) that my process should't be put to sleep, or that the OS should sleep it only when it becomes idle, or some other way tells the OS it is "ready for sleep" ? If not -- How do I observe the scenario so I can suspend my event handling IN TIME and resume on wake? Thanks!

Hi all, I’m facing a device-specific issue in a live production iOS app distributed privately via the App Store . The app crashes immediately after login on one client’s iPhone, while the same account works fine on other devices. There’s no crash log generated in Analytics, and the app just pops to the home screen. Environment: App: Production app on App Store iOS version: 26.3 Devices: Only one device exhibits the crash; other iPhones work fine Login flow: App calls an API and writes the response to a local SQLite database immediately after login Distribution: App Store (Privately). The user is install via the redemption codes. Observations: All users on the problematic device crash immediately after login. The crash does not occur on any other devices, including the same iOS version. The client had already uninstalled and reinstalled the app via App Store cloud download, but the crash persisted. No crash log appears in Analytics or Xcode (process just terminates). Device restart had not been attempted before reinstall. App does not use Keychain tokens; local DB is only SQLite in the app sandbox. Hypotheses so far: Corrupted binary or cached app installation on that device SQLite database corruption or write failure Device-specific OS/environment issue (temp files, file locks, provisioning) iOS watchdog silently terminating the app during post-login DB write Language / region differences unlikely Questions: Is it possible for a device to retain a corrupted app binary or cached installation even after uninstall + cloud download reinstall from the App Store? Can uninstalling, restarting the device, and reinstalling guarantee a fresh binary and sandbox? Are there any known iOS behaviors where a local SQLite write could trigger an instant crash on one device only, without generating crash logs? Any other suggestions for diagnosing this device-specific post-login crash in a live production environment? Thanks in advance for any guidance — this issue is affecting a client’s live usage, and we’d like to understand the root cause and best way to resolve it safely.

I’d like to confirm the expected behavior of StoreKit 2 in the Sandbox environment regarding unfinished consumable transactions across devices. Scenario: Device A and Device B are signed in with the same Sandbox Apple ID A consumable in-app purchase is completed on Device A The transaction may be verified or unverified, but transaction.finish() is not called The app is then launched on Device B and listens for Transaction.updates Question: In this scenario, is it expected that Device B will or will not receive a callback for this unfinished consumable transaction? Or is it by design that unfinished consumable transactions are not guaranteed to be delivered across devices, regardless of verification state?

Not quite but maybe sorta related to the errOSAInternalTableOverflow problem I asked about in a different thread, this one deals with crashes our app gets (and much more frequently lately after recent OS updates (15.7.3) are OK'd by our IT department). Our app can run multiple jobs concurrently, each in their own NSOperation. Each op creates its own SBApplication instance that controls unique instances of InDesignServer. What I'm seeing recently is lots of crashes happening while multiple ops are calling into ScriptingBridge. Shown at the bottom is one of the stack crawls from one of the threads. I've trimmed all but the last of our code. Other threads have a similar stack crawl. In searching for answers, Google's AI overview mentions "If you must use multiple threads, ensure that each thread creates its own SBApplication instance…" Which is what we do. No thread can reach another thread's SBApplication instance. Is that statement a lie? Do I need to lock around every ScriptingBridge call (which is going to severely slow things down)? 0 AE 0x1a7dba8d4 0x1a7d80000 + 239828 1 AE 0x1a7d826d8 AEProcessMessage + 3496 2 AE 0x1a7d8f210 0x1a7d80000 + 61968 3 AE 0x1a7d91978 0x1a7d80000 + 72056 4 AE 0x1a7d91764 0x1a7d80000 + 71524 5 CoreFoundation 0x1a0396a64 __CFRUNLOOP_IS_CALLING_OUT_TO_A_SOURCE0_PERFORM_FUNCTION__ + 28 6 CoreFoundation 0x1a03969f8 __CFRunLoopDoSource0 + 172 7 CoreFoundation 0x1a0396764 __CFRunLoopDoSources0 + 232 8 CoreFoundation 0x1a03953b8 __CFRunLoopRun + 840 9 CoreFoundation 0x1a03949e8 CFRunLoopRunSpecific + 572 10 AE 0x1a7dbc108 0x1a7d80000 + 246024 11 AE 0x1a7d988fc AESendMessage + 4724 12 ScriptingBridge 0x1ecb652ac -[SBAppContext sendEvent:error:] + 80 13 ScriptingBridge 0x1ecb5eb4c -[SBObject sendEvent:id:keys:values:count:] + 216 14 ScriptingBridge 0x1ecb6890c -[SBCommandThunk invoke:] + 376 15 CoreFoundation 0x1a037594c ___forwarding___ + 956 16 CoreFoundation 0x1a03754d0 _CF_forwarding_prep_0 + 96 17 RRD 0x1027fca18 -[AppleScriptHelper runAppleScript:withSubstitutionValues:usingSBApp:] + 1036

We are currently experiencing an issue that occurs only on iPhone 17 models. In our app, after connecting to an external device, users can download multiple video files stored on the device. When downloading several videos consecutively, the device consistently stops receiving responses midway through the process. As a result, no response is returned, and the connection between the app and the device is eventually lost. This issue does not occur on any iPhone models prior to iPhone 17. It is reproducible across all iPhone 17 devices within our company. This is a critical issue, and we need urgent assistance. The main error logs show two patterns: • Connection loss • Timeout At the OS level, the only error codes we receive are: • -1005 (Network connection lost) • -1001 (Request timed out) Unfortunately, we are unable to obtain more detailed error information beyond these codes, which makes further debugging difficult. We have attached the relevant logs below. We would greatly appreciate any guidance on how to further investigate or resolve this issue. 310.0 / :: 81 % ::: 251.21481481481482 310.0 / :: 82 % ::: 254.23280423280423 310.0 / :: 83 % ::: 257.3820105820106 310.0 / :: 84 % ::: 260.4 KeepAlive SEND id=423F1336-6239-4B3B-9414-5A987D85D564 at=2026-02-24T12:56:43Z timeout=60.000000s current: D20-Q2-PLUS, ssid: D20-Q2-PLUS_136a63 KeepAlive SKIP (in-flight) tcp_output [C10.1.1:3] flags=[R.] seq=4017430266, ack=4146413113, win=2048 state=CLOSED rcv_nxt=4146413113, snd_una=4017429847 nw_read_request_report [C10] Receive failed with error "Operation timed out" nw_flow_add_write_request [C10 192.168.000.0:443 failed parent-flow (satisfied (Path is satisfied), interface: en0[802.11], ipv4, dns, uses wifi, LQM: good)] cannot accept write requests nw_write_request_report [C10] Send failed with error "Socket is not connected" Task <5BDBE621-329A-45E9-B236-9C173E92A41F>.<7> HTTP load failed, 361/0 bytes (error code: -1005 [4:-4]) Task <5BDBE621-329A-45E9-B236-9C173E92A41F>.<7> finished with error [-1005] Error Domain=NSURLErrorDomain Code=-1005 "The network connection was lost." UserInfo={_kCFStreamErrorCodeKey=-4, NSUnderlyingError=0x13e632160 {Error Domain=kCFErrorDomainCFNetwork Code=-1005 "(null)" UserInfo={NSErrorPeerAddressKey=<CFData 0x14cfe5a90 [0x201746068]>{length = 16, capacity = 16, bytes = 0x100201bbc0a86f010000000000000000}, _kCFStreamErrorCodeKey=-4, _kCFStreamErrorDomainKey=4}}, _NSURLErrorFailingURLSessionTaskErrorKey=LocalDataTask <5BDBE621-329A-45E9-B236-9C173E92A41F>.<7>, _NSURLErrorRelatedURLSessionTaskErrorKey=( "LocalDataTask <5BDBE621-329A-45E9-B236-9C173E92A41F>.<7>" ), NSLocalizedDescription=The network connection was lost., NSErrorFailingURLStringKey=https://192.168.000.0/keepalive, NSErrorFailingURLKey=https://192.168.000.0/keepalive, _kCFStreamErrorDomainKey=4} KeepAlive FAIL id=423F1336-6239-4B3B-9414-5A987D85D564 elapsed=29.203s status=-1 error=Optional(Alamofire.AFError.sessionTaskFailed(error: Error Domain=NSURLErrorDomain Code=-1005 "The network connection was lost." UserInfo={_kCFStreamErrorCodeKey=-4, NSUnderlyingError=0x13e632160 {Error Domain=kCFErrorDomainCFNetwork Code=-1005 "(null)" UserInfo={NSErrorPeerAddressKey=<CFData 0x14cfe5a90 [0x201746068]>{length = 16, capacity = 16, bytes = 0x100201bbc0a86f010000000000000000}, _kCFStreamErrorCodeKey=-4, _kCFStreamErrorDomainKey=4}}, ), NSLocalizedDescription=The network connection was lost., KeepAlive FAIL 1001 Log KeepAlive SEND id=FC433405-C1F7-47EF-AF9E-D12E67B071FA at=2026-02-24T12:22:38Z timeout=60.000000s current: D20-Q2-PLUS, ssid: VUEROID_D20-Q2-PLUS_136a63 KeepAlive FAIL id=FC433405-C1F7-47EF-AF9E-D12E67B071FA elapsed=7.834s status=-1 error=Optional(Alamofire.AFError.sessionTaskFailed(error: Error Domain=NSURLErrorDomain Code=-1001 "The request timed out." UserInfo={_kCFStreamErrorCodeKey=60, NSUnderlyingError=0x135e612f0 {Error Domain=kCFErrorDomainCFNetwork Code=-1001 "(null)" UserInfo={_NSURLErrorNWPathKey=satisfied (Path is satisfied), viable, interface: en0[802.11], ipv4, dns, uses wifi, LQM: good, _kCFStreamErrorCodeKey=60, _kCFStreamErrorDomainKey=1}}, ), NSLocalizedDescription=The request timed out., NSErrorFailingURLKey=https://192.168.000.0/keepalive, _kCFStreamErrorDomainKey=1})) KeepAlive FAIL ignored count=1 error=Server error : Optional(Alamofire.AFError.sessionTaskFailed(error: Error Domain=NSURLErrorDomain Code=-1001 "The request timed out." UserInfo={_kCFStreamErrorCodeKey=60, KeepAlive SEND id=A64AE4C0-28B4-41E3-AAC9-422C41D99D15 at=2026-02-24T12:22:58Z timeout=60.000000s KeepAlive FAIL id=110B96DA-4D88-45E0-B8F7-D0A9798593AE elapsed=43.605s status=-1 error=Optional(Alamofire.AFError.sessionTaskFailed(error: Error Domain=NSURLErrorDomain Code=-1005 "The network connection was lost." UserInfo={_kCFStreamErrorCodeKey=-4, NSUnderlyingError=0x135e60f60 {Error Domain=kCFErrorDomainCFNetwork Code=-1005 "(null)" UserInfo={NSErrorPeerAddressKey=<CFData 0x144dfee40 [0x201746068]>{length = 16, capacity = 16, bytes = 0x100201bbc0a86f010000000000000000}, _kCFStreamErrorCodeKey=-4, _kCFStreamErrorDomainKey=4}}, ), NSLocalizedDescription=The network connection was lost., NSErrorFailingURLStringKey=https://192.168.000.0/keepalive, NSErrorFailingURLKey=https://192.168.000.0/keepalive, _kCFStreamErrorDomainKey=4})) KeepAlive FAIL ignored count=2 error=Server error : Optional(Alamofire.AFError.sessionTaskFailed(error: Error Domain=NSURLErrorDomain Code=-1005 "The network connection was lost." UserInfo={_kCFStreamErrorCodeKey=-4, NSUnderlyingError=0x135e60f60 {Error Domain=kCFErrorDomainCFNetwork Code=-1005 "(null)" UserInfo={NSErrorPeerAddressKey=<CFData 0x144dfee40 [0x201746068]>{length = 16, capacity = 16, bytes = 0x100201bbc0a86f010000000000000000}, _kCFStreamErrorCodeKey=-4, _kCFStreamErrorDomainKey=4}}, Network type changed, hasWiFiInterface :false We are sending a keepalive request every 30 seconds to maintain the connection state with the device. Most of the issues occur during this keepalive process, and this is when the logs mentioned earlier are generated. Based on our debugging so far, the keepalive function itself is being called as expected. However, the execution appears to stall while waiting for a response from the device. After remaining in that state for some time, the session eventually ends with either a timeout or a connection loss error. We are use almofire 4.0.1. According to the firmware developer, when this issue occurs, there are no corresponding values or logs received on the device side. Therefore, we are currently investigating whether this might be related to a networking issue on the iPhone side. All other features are functioning normally. The problem occurs only when downloading VOD video files, and the reproduction rate is 100% under that condition.

I'm trying to test the update process for an app containing an FSKit module that I'm distributing on the Mac App Store. (I'm also distributing the same app directly with Developer ID, but here I'll focus on App Store because that's the behavior I've been looking at first.) To do that I'm using an internal tester group on TestFlight and then testing an update with TestFlight. Below is the behavior I'm seeing on macOS 15.7.2 (24G325). I've noticed that if an app update is triggered while a disk is mounted using the FSKit extension, the disk is automatically unmounted without warning (FB21287341). That's already undesirable itself in my opinion, but on top of the unmount, there are two other problems: That unmount doesn't seem to be a "clean" unmount and doesn't call functions like synchronize (FB21287688). Now, in my case, my app only provides read-only access, so that doesn't actually matter much in my case. However, I'd imagine if I were to add write access at some point in the future, this would go from "doesn't matter" to "very bad." I've seen a few cases where quitting or crashing the FSModule process while a volume is mounted without actually doing a clean unmount causes a lot of "disk-related actions" (for lack of a better term) to freeze (FB21305906). For example, a use of the mount(8) command or trying to mount a disk at all freezes, and opening Disk Utility stalls on a "Loading disks" spinning indicator. This happens until the Mac is rebooted. I did notice this issue once while testing updates via TestFlight a few times. The same applies if I simply delete the app with Finder instead of updating it. Is there a way to prevent the extension's process from terminating in this case and/or another workaround I could use without waiting for a macOS update to hopefully change this behavior? And does observing this kind of behavior with TestFlight's update behavior suggest the same thing could happen on the App Store with its automatic updates? I'm concerned that pushing an update via the App Store will unexpectedly unmount disks or cause the system-wide issues described in FB21305906 at a random time, which is a pretty big disruption for users.

Hello, I have a iOS app I was looking at porting to Mac. I'm having an issue with both the Mac (Designed for iPad) and Mac Catalyst Destinations. I can't test Mac due to too many build issues. I'm trying to assign a new NSManagedObject into a NSPersistentStore. let object = MyObject(context: context) context.assign(object, to: nsPersistentStore) This works fine for iOS/iOS Simulator/iPhone/iPad. But on the Mac it's crashing with FAULT: NSInvalidArgumentException: Can't assign an object to a store that does not contain the object's entity.; { Thread 1: "Can't assign an object to a store that does not contain the object's entity."

I'm implementing payment processing with Apple Pay on the web, but I've been stuck right at the final step of the flow: decrypting the payment data sent by Apple. Here is a summary of my implementation: The backend language is Java. The frontend portal requests the session and performs the payment using the endpoints exposed by the backend. I created .p12 files from the .cer files returned by the Apple Developer portal for both certificates (Merchant Identity and Payment Processing) and I'm using them in my backend. The merchant validation works perfectly; the user is able to request a session and proceed to the payment sheet. However, when the frontend sends the encrypted token back to my sale endpoint, the problem begins. My code consistently fails when trying to decrypt the data (inside the paymentData node) throwing a javax.crypto.AEADBadTagException: Tag mismatch! I can confirm that the certificate used by Apple to encrypt the payment data is the correct one. The hash received from the PKPaymentToken (header.publicKeyHash) object exactly matches the hash generated manually on my side from my .p12 file. In the decryption process, I'm using Bouncy Castle only to calculate the Elliptic Curve (ECC) shared secret. For the final AES-GCM decryption, I am using Java's native provider since I already have the bytes of the shared secret calculated. (Originally, I was doing it entirely with BC, but it failed with the exact same error). We have exhaustively verified our cryptographic implementation: We successfully reconstruct the ephemeralPublicKey and compute the ECDH Shared Secret using our Payment Processing Certificate's private key (prime256v1). We perform the Key Derivation Function (KDF) using id-aes256-GCM, PartyU as Apple, and counter 00000001. For PartyV, we have tried calculating the SHA-256 hash of our exact Merchant ID string. We also extracted the exact ASN.1 hex payload from the certificate's extension OID 1.2.840.113635.100.6.32 and used it as PartyV. We have tried generating brand new CSRs and Processing Certificates via OpenSSL directly from the terminal. Despite having the correct ECDH shared secret (and confirming Apple used our public key via the hash), the AES tag validation always fails.et, the AES tag validation always fails. Given that the math seems correct and the public key hashes match, could there be an environment mismatch (Sandbox vs. Production) or a domain validation issue causing Apple to encrypt the payload with a dummy PartyV or scramble the data altogether? Any guidance on this behavior or the exact PartyV expected in this scenario would be highly appreciated.

I developed a cloud drive using fskit, but after mounting it, it did not appear in the Finder sidebar and the disk tool could not list it. How should I adapt? The mounting looks successful, and you can also open and see the fixed files I wrote in the code. I have also turned on the Finder sidebar settings function

While testing record creation in public CloudKit database for authenticated user I am able to do so without any issues. But for devices missing iCloud account or authentication expired I am seeing the below error: ▿ <CKError 0x97a959200: "Permission Failure" (10/2007); server message = "CREATE operation not permitted"; op = 67331DE3AF3DD666; uuid = 1F3ACD4F-A799-4CD4-ADF0-EDE9E12F2DCB; container ID = "***"> _nsError : <CKError 0x97a959200: "Permission Failure" (10/2007); server message = "CREATE operation not permitted"; op = 67331DE3AF3DD666; uuid = 1F3ACD4F-A799-4CD4-ADF0-EDE9E12F2DCB; container ID = "***"> I am unable to add create/write permission to _world security role in dashboard. Is this something not supported by Cloudkit? Only authenticated iCloud users will be able to create and write data to public database as well?

After upgrading to a new iPhone and restoring from an iCloud backup using the same Apple ID, I noticed an issue with Health app permissions. ■ What is happening On my previous iPhone, an app had permission to read step count data. After restoring to the new iPhone, the app still appears in the Health app under Sources. However, when I tap the app, the usual data type permission toggles (such as Steps) are not displayed at all. As a result, the app is unable to read step count data. ■ Additional details The app itself seems to be recognized as a Health data source. However, the data type permission screen is empty. No ON/OFF switches are shown. The backup was created on iOS 18, and the restore was performed on iOS 26. I have not yet confirmed whether this also happens with other iOS version combinations. ■ Questions Is it expected behavior that Health app permissions (per data type) are not restored via iCloud backup? Has anyone experienced a similar situation where the app appears under Sources but the permission options are missing? If so, how did you resolve it? Any information from users who have experienced the same issue would be greatly appreciated.

Hello, everyone! I'm seeking some guidance on the App Store review process and technical best practices for a watchOS app. My goal is to create an app that uses HealthKit to continuously monitor a user's heart rate in the background for sessions lasting between 30 minutes and 3 hours. This app would not be a fitness or workout tracker. My primary question is about the best way to achieve this reliably while staying within the App Store Review Guidelines. Is it advisable to use the WorkoutKit framework to start a custom, non-fitness "session" for the purpose of continuous background monitoring? Are there any other recommended APIs or frameworks for this kind of background data collection on watchOS that I should be aware of? What are the key review considerations I should be mindful of, particularly regarding Guideline 4.1 (Design) and the intended use of APIs? My app's core functionality would require this kind of data for a beneficial purpose. I want to ensure my approach is technically sound and has the best chance of a successful review. Any insights or advice from developers who have experience with similar use cases would be incredibly helpful! Thank you!

In the WWDC 2019 session "Extended Runtime for WatchOS apps" the video talks about an entitlement being required to use the HR sensor judiciously in the background. It provides a link to request the entitlement which no longer works: http://developer.apple.com/contect/request/health-monitoring The session video is also quite hard to find these days. Does anyone know why this is the case? Is the API and entitlement still available? Is there a supported way to run, even periodically, in the background on the Watch app (ignoring the background observer route which is known to be unreliable) and access existing HR sensor data