Hey @blueberry6401, Thanks for posting this! Make sure to check out a few other issues that users on the forums are facing as well. https://developer.apple.com/forums/thread/692592 Our organization is facing long processing times as well. Our longest wait times right now are right at 26 hours. Processing time varies in general, but what we have found is the more complicated the application is, specifically if you have a Watch App along with any extensions the longer the build processing time will take as Apple needs to recompile your application for each Watch series as of today. Our native applications without Watch applications are still processing in sub 20 minutes across the board and the delays feel very localized to larger IPA file sizes along with extensions and a Watch App componant. Hopefully Apple finds a way to address this soon or deliver tools like a web hook for notifying automation systems when builds have completed processing so that they can be added to TestFlight groups. Have a great day!

Hey @JonBrydgesLP, This is a great question! The best place to get your answer is going to be the App Store Review Guidelines document (Specifically section 4.2.6). https://developer.apple.com/app-store/review/guidelines/#minimum-functionality Your organization would be fulfilling the "App Generation Service" where the organization that you are selling to would be the "Provider of the App's Content" since they are providing the content to be displayed to users. The approach that you are taking is spot on in submitting the application under the other organizations App Store Connect account and business registration. This is the same approach that our organization takes with vendors and we have never been rejected for this with hundreds of applications in the App Store. Hopefully this helps!

Hey @tngacker & @zhengjuf, So there is tons of complexity when changing from a WiFi network to a cellular network. Hopefully there is more than 1 device facing the issue to help diagnose where the actual issue is. Also, if you have any additional logs to share from the mobile client, this might be beneficial but understand the confidentiality. Below are a few thoughts. The cellular network is taking a drastically different path that WiFi altogether. Does the MDM network support both IPv4 and IPv6? Does the application download on ANY WiFi network or just a managed network that is being pushed to the device? WiFi is often "inside" of a Firewall where cellular needs to go through the "Firewall" to get to your content. In order to initiate an application install through MDM, that request goes through Apple services, the streaming of the data itself which is being triggered by appstored during the install process is a stream to where the content is hosted. Are you using a Cloud MDM or a local hosted MDM? Do you have a way to determine if you can get access to the data through a cellular connection? Is the location where the content hosted following all of the TLS requirements and using a valid certificate? Are other applications (Enterprise) applications able to install successfully where this one is not? What are the differences between them if some can install successfully and others cannot? WiFi and Cellular are using completely different networking paths to get to the content and that is where the problem is most likely lying if one works and one does not. We just need to rule out all of the places where a cellular connection is different from Wifi. Hopefully this helps in some way!

Hey @lukasg, In general, if an application is offering in-app purchases, they should be using the In App purchasing tools provided by Apple which would mean Apple gets some kind of commission. There are legal cases right now that might change this, but this is how the App Store is supposed to work currently. One thing to consider is the Apple Small Business Program where the Apple commission is only 15%. https://developer.apple.com/app-store/small-business-program/ The App Store Review Guidelines currently lay this out very clearly on how in app purchasing is supposed to work. https://developer.apple.com/app-store/review/guidelines/#in-app-purchase Hopefully this helps!

Hey @tngacker, This is some good investigative work! I do think this rules out any connection issues to the data stream from a networking perspective! The device is getting blocked before it can even open up the stream. Are the devices that you are working with Supervised by chance? If so, I wonder if it would be possible to set another device restriction in order to prevent the user from being prompted with this? https://support.apple.com/guide/mdm/supervised-restrictions-for-iphone-and-ipad-mdm54960f92a/web Modify personal Hotspot settings Modify eSIM settings Modify cellular plan settings Modify cellular data app settings However, I would definitely open up a Feedback with Apple on this as it is a unique edge case. https://feedbackassistant.apple.com What I imagine you as the admin are expecting to happen would be for the application to be installed and for the device to go into single-app mode, but due to the "user" having control over the cellular plan you are not able to accomplish this. If the device is supervised and one of the above restrictions cant help with this I think Apple would consider making a change to the protocol to support your use case. Hopefully one of the above restrictions can help get this solved for you!

Hello @JordanBettridge, Thanks for posting this on the forums! From what you have shared, I would suggest going through the process to get an Organizational Apple Developer Account. The biggest reason for this is that under a personal Apple Developer Account you are either going to need to share your Apple Developer Account credentials with all of the developers on your team so that they can access development resources or expect them to download and install new profiles and certificates that you make available to them. This could work, but it is a tons of overhead when most developers now days will want to login to Xcode with the account to help them during development. Sharing your Apple Developer Account credentials and a poor developer experience is what leads me to suggest an Organizational Apple Developer Account. The biggest benefit that you have with this approach is User Management in the App Store Connect Console so that you have more flexibility with roles and access to developer account resources and not needing to have a shared password. From a cost perspective, both of the above options currently cost the same amount (Annually, Enterprise Excluded) and do not have any limits on the number of applications that you can upload or deploy. I am sure there is at some point, but our account has close to 300 applications in it and we are still going strong. Outside of the annual cost, the only other cost would be if you have paid applications, in-app purchases, etc. where the Apple royalty would be applied (Make sure to enroll to the Small Business Program). https://developer.apple.com/app-store/review/guidelines/#business Hopefully this helps!

Hello @jimstr, Apple has some information on this posted at the below site. I would strongly recommend reviewing it and the other information as it has some really interesting details. https://support.apple.com/guide/sccc/overview-sccc9b6aa4275/1/web/1.0 From an architecture perspective, I would suggest not trusting Apple by default as that could get you in trouble in the long run. Even if you choose to rely on their current compliance standards, I would still recommend at a minimum encrypting the data in the notification payload and implementing a notification service extension and decrypting the data inside of the application container before posting to the device to at least ensure the plain text is not stored on Apple servers. Dynamically delivering a certificate to decrypt the data would be ideal, but if that is not possible and it needs to be included in the IPA file that is better than sending plain text through the system. Hopefully this helps!

Hey @stefanvasic, This has been a recurring issue recently for users across the forum. I would recommend looking for other posts as well just to see if there are any details that might help you. The best way (although not amazing) to get more information on your build status will be to call Apple Developer Support and see if they can verify that your builds exist in the database and provide a status. If they have not completed processing, I would try and verify that they haven't been rejected and still have a chance to finish processing. I have experienced sometimes where with some errors Apple has not found a way to present this information successfully to developers. https://developer.apple.com/contact/topic/select Often times unfortunately, Apple will suggest uploading another build. Hopefully this helps and best of luck!

Hey @jimstr, Awesome to hear that you are already using an additional layer of encryption! Two other resources that might help, but not formally state "compliance". New Developer Documentation: https://developer.apple.com/documentation/usernotifications/setting_up_a_remote_notification_server https://developer.apple.com/documentation/usernotifications/setting_up_a_remote_notification_server/sending_notification_requests_to_apns Old Developer Documentation (My Preference): https://developer.apple.com/library/archive/documentation/NetworkingInternet/Conceptual/RemoteNotificationsPG/APNSOverview.html#//apple_ref/doc/uid/TP40008194-CH8-SW1 Neither answer the "compliance" question directly though outside of speaking abstractly to how the service works. One approach to take in a compliance report is to show what systems you have control over and those you do not. Showing that you have compliance within the systems that you are able to control (Certificate Pinning, KMS, etc.) with the ability to ensure cryptographic integrity to the client (assuming you also have client side protections in place) through untrusted space which is essentially the entire Internet because the client wouldn't have control over the client side network connection (assuming a BYOD approach) even with those protections in place (ISP Interference, etc.). If I am able to find any more specific documents from Apple I will make sure to update the post!

Hey @bhavesh_jain, @Claude31 has the right answer. Depending on why you are asking the question and how complicated your application is, there might be other ways to accomplish what you are looking to achieve. As an example, if you are building an application with HealthKit, HealthKit does not exist on iPad so it will only show up in the App Store for iPhone. Say that there is a device hardware feature that your application requires but is not supported on iPad, the application would not show up on the App Store for iPad. https://developer.apple.com/support/required-device-capabilities/ Apple does a spectacular job at trying to make as many of their devices support as many applications as possible though so it may be hard to accomplish this if you are not building an extremely complex application. Additionally, don't forget about your application running on Mac hardware! It is not a requirement yet... but I imagine that isn't more than a few years down the pipeline. Hopefully this helps!

Hey @ktanya1901, Thanks for posting on the forum! Is the App Review team able to provide you with any logs from the device in which you are testing on? If there was a network issue it would be fairly easy to find if they are able to provide you with logs even if the device they are using is not crashing. When you say HTTP, are you really leveraging HTTP or did you mean HTTPS? If you are using HTTP, do you have the exception for insecure web traffic in your Info.plist? https://developer.apple.com/documentation/bundleresources/information_property_list/nsapptransportsecurity Hopefully this helps!

Hey @Relbot, Thanks for posting this on the forums! I am not a code expert, but we will need a code sample to help find out why your application is failing to determine if it has an active network connection. I can tell you that regardless of how your application is signed (Development or AdHoc) that it does have access to the network by default to make calls outside of its container. Hopefully this helps!

Hey @Swift Beginner, Thanks for posting on the Apple Developer Forums! I don't have much information to go off of from your description, but I will do my best to help! The first thing you will want / need to do is register for an Apple Developer Account. https://developer.apple.com/programs/enroll/ This will be needed for installing your own application onto physical hardware. You can build to the simulator without this, but you will need a Apple Developer Account to build to physical hardware. The next thing you will need to do is register your device with your Apple Developer Account. Thankfully Apple has made this easy for us developers. You can sign into your Apple Developer account under Xcode --> Preferences --> Accounts and this will make all of your developer account resources available within Xcode. https://developer.apple.com/documentation/xcode/distributing-your-app-to-registered-devices From the device drop down, you will then be able to select your device after logging into your Apple Developer Account inside of Xcode and go to the "Signing" section for the target (Select your Project on the left side of Xcode and then the target under the "Targets" section). Once you do this Xcode should help you and prompt you to "Register this device" with your Apple Developer Account. Once you have completed these steps you will be able to build onto a physical device. You will need to repeat these steps for each device that you would like to build on. The second link that I shared has some good information on the different possibilities so I would recommend reading the entire guide even though not all of it will apply (right now) but will pay off in the long run to understand how distribution works. Hopefully this helps and post back with any additional questions that you may have!

Hey @meghna_810, Thanks for posting this question! This is a great one as the iOS ecosystem becomes more complex. I will share what I know, but hopefully others have more information as well! So in general, you will want to compare the SupportedDevices list of the two OS releases. At a high level, the 14.8 release applies to 71 hardware models where the 15.0.2 release applies to 79 hardware models (makes sense as newer hardware has been released that never had iOS 14 installed). Historically, this gap would exist with major OS releases to indicate hardware no longer supported for major releases as I image you know. Additionally, now that we have iOS update delays for managed devices, those also need to be accounted for when doing security updates. As an example, an MDM device has the option to now delay a major OS updates, but they can still install security updates without accepting the major OS update. Apple will continue to make security updates to legacy OS versions until they are formally no longer supported and eventually you will see those fall off. Some information about each OS release can be learned based off of the order in which they are released and also the hardware it is being made available to. The best place to find information on this is Apple Security Page and sign up for the security notifications. The release notes are not always up to date but the security updates will always be up to date from my experience. https://developer.apple.com/documentation/ios-ipados-release-notes https://lists.apple.com/mailman/listinfo/security-announce/ More information on the certificates that Apple manages and has in use can be found at the below URL. https://www.apple.com/certificateauthority/ There are also typically announcements when developer related certificates are changed such as the Apple Push Notification Service certificates. Hopefully this helps!

Hey @machine-agency, Thanks for posting this on the forums! At a super high level, this is nothing urgent to worry about and you have plenty of time! The only thing that will "stop working" on the 27th is being able to generate a production IPA file for uploading to the App Store. No other work should be impacted. Below are a few guides that might be helpful for creating a CSR file (first two are CSR file only, the later two are the full certificate process). This will look like any other file on your computer. I have three recommendations when creating CSR files for use. Only have one per Apple Developer Account that you are working with. This helps me personally reduce confusion as I work across multiple accounts. I do not specify the Key Size when working with Apple services as Apple sets the Distribution Certificate Key Size or APNS Key Size when creating these certificates. Apple changes your Distribution Certificate anyways when you upload to the App Store. In the "Common Name" field I would suggest putting your Team Name. The reason I do this is so that I know which account a certificate belongs to when looking at the certificate that you generate with the CSR after it has been created. You can find your Team Name here: https://developer.apple.com/account/#!/membership/. https://www.ssl.com/how-to/csr-generation-in-macos-keychain-access/ https://www.namecheap.com/support/knowledgebase/article.aspx/10207/14/generating-a-csr-on-mac-os-using-keychain/ https://support.staffbase.com/hc/en-us/articles/115003458931-Creating-the-iOS-Distribution-Certificate https://sarunw.com/posts/how-to-share-ios-distribution-certificate/ Hopefully this helps!