Hi, I'm trying to sign in with Apple CloudKit. I'm using the following code: 'use client'; import { CLOUDKIT_CONSTANTS } from '@/constants/cloudkit'; import { setCloudKitConfigured } from '@/lib/cloudkitSingleton'; import { CloudKitStatic } from '@/types/cloudkit'; import Script from 'next/script'; declare global { interface Window { CloudKit: CloudKitStatic; } } export default function Home() { const initializeCloudKit = async () => { console.info('⭐️ initializeCloudKit - start'); // 古い認証情報を削除 try { // LocalStorageから古い認証情報を削除 const keysToRemove = []; for (let i = 0; i < localStorage.length; i++) { const key = localStorage.key(i); if (key && (key.includes('cloudkit') || key.includes('CloudKit'))) { keysToRemove.push(key); } } keysToRemove.forEach(key => localStorage.removeItem(key)); // SessionStorageからも削除 const sessionKeysToRemove = []; for (let i = 0; i < sessionStorage.length; i++) { const key = sessionStorage.key(i); if (key && (key.includes('cloudkit') || key.includes('CloudKit'))) { sessionKeysToRemove.push(key); } } sessionKeysToRemove.forEach(key => sessionStorage.removeItem(key)); console.log('古い認証情報を削除しました'); } catch (cleanupError) { console.warn('認証情報のクリーンアップ中にエラー:', cleanupError); } try { const cloudKit = window.CloudKit.configure({ containers: [ { containerIdentifier: 'XXXXXX', apiTokenAuth: { apiToken: 'XXXX-XXXX-XXXX-XXXX-XXXX-XXXX-XXXX-XXXX', persist: false, signInButton: { id: 'cloudkit-sign-in-button', theme: 'black', }, signOutButton: { id: 'cloudkit-sign-out-button', theme: 'black', }, }, environment: 'development', }, ], }); console.info('⭐️ cloudKit', cloudKit); setCloudKitConfigured(true); const container = cloudKit.getDefaultContainer(); console.info('⭐️ CloudKit configured, setting up auth...'); // 初期認証状態をチェック try { const initialUser = await container.setUpAuth(); console.info('⭐️ setUpAuth result:', initialUser); } catch (authError) { console.info('⭐️ setUpAuth error (expected for unauthenticated):', authError); } // CloudKitの標準コールバックも併用（念のため） try { container.whenUserSignsIn().then((userInfo: any) => { console.info('⭐️ CALLBACK: whenUserSignsIn fired!', userInfo); }); container.whenUserSignsOut().then(() => { console.info('⭐️ CALLBACK: whenUserSignsOut fired!'); }); } catch (callbackError) { console.info('⭐️ Callback setup error (non-critical):', callbackError); } console.info('⭐️ initializeCloudKit - completed'); } catch (error) { console.error('⭐️ Critical CloudKit initialization error:', error); } }; return ( <> <Script src="https://cdn.apple-cloudkit.com/ck/2/cloudkit.js" strategy="afterInteractive" onLoad={() => { initializeCloudKit(); }} onError={error => { console.error('⭐️ CloudKit initialization error:', error); }} /> <div id="cloudkit-sign-in-button" /> <div id="cloudkit-sign-out-button" /> </> ); } In Chrome secret tab, I can sign in successfully. But in Chrome normal tab, I can't sign in. In normal tab, following error occurs on sign in button click: cloudkit.js:14 Uncaught (in promise) Error: UNKNOWN_ERROR cloudkit.js:14 GET https://api.apple-cloudkit.com/database/1/XXXXXX/XXXXXX/public/users/caller?ckjsBuildVersion=2420ProjectDev22&ckjsVersion=2.6.4&clientId=XXXXX-XXXXXXX-XXXX-XXXXX& ckAPIToken=XXXX-XXXX-XXXX-XXXX-XXXX-XXXX-XXXX-XXXX 421 (Misdirected Request) I think, cloudkit instance has re-initialized when I click the sign in button only in normal tab. So I can't sign in. Do you have any idea what might be causing the error ? Thanks in advance for your help!

LSUB always returns all the subscribed folders. For example lsub "" "test/*" returns a list of all the folders and not just subscribed folders that are subfolders of test. I.e, it returns the same folder list as lsub "" "*". For more details please see https://bugzilla.mozilla.org/show_bug.cgi?id=1817707#c15

I have an app that I signed and distribute between some internal testflight users. Potentially I want to invite some 'Public' beta testers which don't need to validate (_World have read rights in the public database) Question: Do I need to have a working public CloudKit , when users are invited through TestFlight, or are they going to test on the development container? I understand that when I invite beta-tester without authorization (external testers) they cannot access the developer container, so therefore I need to have the production CloudKit container up and running. I have tried to populate the public production container, but for whatever reason my upload app still goes to the development container. I have archived the app, and tried, but no luck. I let xcode manage my certificates/profiles. but what do I need to change to be able to use my upload file to upload the production container, instead of the development. I tried: init() { container = CKContainer(identifier: "iCloud.com.xxxx.xxxx") publicDB = container.publicCloudDatabase I got no error in the console, but data is always populated to the development database, instead the production. I tried to create a provisioning profile, but for some reason Xcode doesn't like it. Tried to create one a different provisioning profile manual through the developer portal, for the app. but xcode doesn't want to use that, and mentions that the requirement are already in place. What can I check/do to solve this.

I am working on an app that will allow a user to load and share their model files (usdz, usda, usdc). I'm looking at security options to prevent bad actors. Are there security or validation methods built into ARKit/RealityKit/CloudKit when loading models or saving them on the cloud? I want to ensure no one can inject any sort of exploit through these file types.

Hi everyone, I’m currently developing a SwiftUI app that uses SwiftData with CloudKit sharing enabled. The app works fine on my own Apple ID, and local syncing with iCloud is functioning correctly — but sharing with other Apple IDs consistently fails. Setup: SwiftUI + SwiftData using a ModelContainer with .shared configuration Sharing UI is handled via UICloudSharingController iCloud container: iCloud.com.de.SkerskiDev.FoodGuard Proper entitlements enabled (com.apple.developer.icloud-services, CloudKit, com.apple.developer.coredata.cloudkit.containers, etc.) Automatic provisioning profiles created by Xcode Error:<CKError 0x1143a2be0: "Bad Container" (5/1014); "Couldn't get container configuration from the server for container iCloud.com.de.SkerskiDev.FoodGuard"> What I’ve tried: Verified the iCloud container is correctly created and enabled in the Apple Developer portal Checked bundle identifier and container settings Rebuilt and reinstalled the app Ensured correct iCloud entitlements and signing capabilities Questions: Why does CloudKit reject the container for sharing while local syncing works fine? Are there known issues with SwiftData .shared containers and multi-user sharing? Are additional steps required (App Store Connect, privacy settings) to allow sharing with other Apple IDs? Any advice, experience, or example projects would be greatly appreciated. 🙏 Thanks! Sebastian

Since publishing new record types to my CloudKit schema in production, a previously unchanged record type has stopped indexing new records. While records of this type are successfully saved without errors, they are not returned in query results—they can only be accessed directly via their recordName. This issue occurs exclusively in the Production environment, both in the CloudKit Console and our iOS app. The problem began on July 21, 2025, and continues to persist. The issue affects only new records of this specific record type; all other types are indexing and querying as expected. The affected record's fields are properly configured with the appropriate index types (e.g., QUERYABLE) and have been not been modified prior to publishing the schema. With this, are there any steps I should take to restore indexing functionality for this record type in Production? There have been new records inserted, and I would prefer to not have to reset the production database, if possible.

My app is live on App Store, There is already a iCloudContainer with my app identifier. I want to add another iCloundContainer on same app identifier. Will it effect my live app? When I am trying to edit identifiers(adding a new iCloud Container with other one already exist), It is showing "Adding or removing any capabilities will invalidate any provisioning profiles that include this App ID and they must be regenerated for future use." Please let me know if it effect my live application...

In the CloudKit logs I see logs that suggest users getting QUOTA_EXCEEDED error for RecordDelete operations. { "time":"21/07/2025, 7:57:46 UTC" "database":"PRIVATE" "zone":"***" "userId":"***" "operationId":"***" "operationGroupName":"2.3.3(185)" "operationType":"RecordDelete" "platform":"iPhone" "clientOS":"iOS;18.5" "overallStatus":"USER_ERROR" "error":"QUOTA_EXCEEDED" "requestId":"***" "executionTimeMs":"177" "interfaceType":"NATIVE" "recordInsertBytes":54352 "recordInsertCount":40 "returnedRecordTypes":"_pcs_data" } I'm confused as to what this means? Why would a RecordDelete operation have recordInsertBytes? I'd expect a RecordDelete operation to never fail on quotaExceeded and how would I handle that in the app?

Hi, I am testing a situation with shared CKRecords where the data in the CKRecord syncs fine, but the creatorUserRecordID.recordName and lastModifiedUserRecordID.recordName shows "defaultOwner" (which maps to the CKCurrentUserDefaultName constant) even though I made sure I edit the CKRecord value from a different iCloud account. In fact, on the CloudKit dashboard, it shows the correct user recordIDs in the metadata for the 'Created' and 'Modified' fields, but not in the CKRecord. I am mostly testing this on the iPhone simulator with the debugger attached. Is that a possible reason for this, or is there some other reason the lastModifiedUserRecordID is showing the value for 'CKCurrentUserDefaultName'? It would be pretty difficult to build in functionality to look up changes by a different userID if this is the case.

I have a database in CloudKit, where the host share (using CKShare) a record to participants. The record is in her private database, but for the participants is in their shared database. How do I send push notifications to everyone when a new child record is created?

I have been trying to find out the app limits to my app when released into the app store, I understand that in the public database the app worldwide can use 200g of bandwidth free per month. What happens after that? is it throttled? is there a pricing structure for overages? thanks

Any idea what this message means? I assume it's coming from CloudKit, but the application seems to store and retrieve data properly.

Hi all, I recently discovered that I forgot to deploy my CloudKit schema changes from development to production - an oversight that unfortunately went unnoticed for 2.5 months. As a result, any data created during that time was never synced to iCloud and remains only in the local CoreData store. Once I pushed the schema to production, CloudKit resumed syncing new changes as expected. However, this leaves me with a gap: there's now a significant amount of data that would be lost if users delete or reinstall the app. Before I attempt to implement a manual backup or migration strategy, I was wondering: Does NSPersistentCloudKitContainer keep track of local changes that couldn't be synced doe to the missing schema and automatically reattempt syncing them now that the schema is live? If not, what would be the best approach to ensure this "orphaned" data gets saved to CloudKit retroactively. Thanks in advance for any guidance or suggestions.

Hi. I am having this error when trying to write to CloudKit public database. <CKError 0x600000dbc4e0: "Permission Failure" (10/2007); server message = "Invalid bundle ID for container"; On app launch, I check for account status and ensure that the correct bundle identifier and container is being used. When the account status is checked, I do get the correct bundle id and container id printed in the console but trying to read or write to the container would throw that "Invalid bundle ID for container" error. private init() { container = CKContainer.default() publicDB = container.publicCloudDatabase // Check iCloud account status checkAccountStatus() } func checkAccountStatus() { print("🔍 CloudKit Debug:") print("🔍 Bundle identifier from app: (Bundle.main.bundleIdentifier ?? "unknown")") print("🔍 Container identifier: (container.containerIdentifier ?? "unknown")") container.accountStatus { [weak self] status, error in DispatchQueue.main.async { switch status { case .available: self?.isSignedIn = true self?.fetchUserID() case .noAccount, .restricted, .couldNotDetermine: self?.isSignedIn = false self?.errorMessage = "Please sign in to iCloud in Settings to use this app." default: self?.isSignedIn = false self?.errorMessage = "Unknown iCloud account status." } print("User is signed into iCloud: \(self?.isSignedIn ?? false)") print("Account status: \(status.rawValue)") } } } I have tried: Creating a new container Unselecting and selecting the container in signing & capabilities Unselecting and selecting the container in App ID Configuration I used to have swift data models in my code and read that swift data is not compatible with CloudKit public data so I removed all the models and any swift data codes and only uses CloudKit public database. let savedRecord = try await publicDB.save(record) Nothing seems to work. If anyone could help please? Rgds, Hans

Hi. I'm hoping someone might be able to help us with an issue that's been affecting our standalone watchOS app for some time now. We've encountered consistent crashes on Apple Watch devices when the app enters the background while the device is offline (i.e., no Bluetooth and no Wi-Fi connection). Through extensive testing, we've isolated the problem to the use of NSPersistentCloudKitContainer. When we switch to NSPersistentContainer, the crashes no longer occur. Interestingly, this issue only affects our watchOS app. The same CloudKit-based persistence setup works reliably on our iOS and macOS apps, even when offline. This leads us to believe the issue may be specific to how NSPersistentCloudKitContainer behaves on watchOS when the device is disconnected from the network. We're targeting watchOS 10 and above. We're unsure if this is a misconfiguration on our end or a potential system-level issue, and we would greatly appreciate any insight or guidance.

I have an app that uses CKShare to allow users to share CloudKit data with other users. With the first build of the iOS 26, I'm seeing a few issues: I'm not able to add myself as a participant anymore when I have the link to a document. Some participants names no longer show up in the app. Looking at the release notes for iOS & iPadOS 26 Beta, there is a CloudKit section with two bullets: CloudKit sharing URLs do not launch third-party apps. (151778655) The request access APIs, such as CKShareRequestAccessOperation, are available in the SDK but are currently nonfunctional. (151878020) It sounds like the first issue is addressed by the first bullet, although the error message makes me wonder if I need to make changes to my iCloud account permissions or something in order to open it. It works fine in iOS 18.5. This is the error I get when I try to open a link to a shared document (I blocked out my email address, which is what was in quotes): As far as the second issue, I am really confused about what is going on. Some names still show up, while others do not. I can't find a pattern, and the missing users are not on the iOS 26 beta. The release notes mention CKShareRequestAccessOperation being nonfunctional, which is new in the beta and has some minor documentation, but I can't find information about how it's supposed to be used yet. In previous years there have been WWDC sessions about what's new in CloudKit, but I haven't found anything that talks about these changes to document sharing. Is there a guide or session somewhere that I'm missing? Does anyone know what's going on with these changes to CloudKit?

I was experiencing a weird sign in error when using apple sign in with my app and wanted to put it here for anyone else who might experience it in the future, and so apple can make this requirement more clear. I was using CloudKit and apple sign in. If you are not using both this probably does not apply to you. Every time I would go to sign in in the iOS simulator I would enter my password, hit "sign in", and everything just froze. The very odd reason for this is if you are using iCloudKit and apple sign in you need to go to specifically the "identifiers" in the "Certificates, Identifiers & Profiles" menu (https://developer.apple.com/account/resources/identifiers/list). And from there you specifically need an App ID Configuration with apple sign in enabled. From there you have to have the same exact bundle identifier in Xcode under project settings(not an upper tab just click your project in the left panel). And that should allow you to both pass validation and have your sign in work. Hope this helps!

I have an app that uses NSPersistentCloudKitContainer stored in a shared location via App Groups so my widget can fetch data to display. It works. But if you reset your iPhone and restore it from a backup, an error occurs: The file "Name.sqlite" couldn't be opened. I suspect this happens because the widget is created before the app's data is restored. Restarting the iPhone is the only way to fix it though, opening the app and reloading timelines does not. Anything I can do to fix that to not require turning it off and on again?

We are trying to solve for the following condition with SwiftData + CloudKit: Lots of data in CloudKit Perform "app-reset" to clear data & App settings and start fresh. Reset data models with try modelContext.delete(model:_) myModel.count() confirms local deletion (0 records); but iCloud Console shows expectedly slow process to delete. Old CloudKit data is returning during the On Boarding process. Questions: • Would making a new iCloud Zone for each reset work around this, as the new zone would be empty? We're having trouble finding details about how to do this with SwiftData. • Would CKSyncEngine have a benefit over the default SwiftData methods? Open to hearing if anyone has experienced a similar challenge and how you worked around it!

Hello, I'm working on a Unity game which uses Apple Arcade Cloudkit Unity plugin. Cloud save works on all platforms except visionOS. I tried to debug using visionOS 2.4 Simulator. When the game starts XCode display the following error: DllNotFoundException: Unable to load DLL 'CloudKitWrapper'. Tried the load the following dynamic libraries: Unable to load dynamic library '/CloudKitWrapper' because of 'Failed to open the requested dynamic library (0x06000000) dlerror() = dlopen(/CloudKitWrapper, 0x0005): tried: '/Users/seb/Library/Developer/Xcode/DerivedData/Unity-VisionOS-akwybgjotadlwrghmmfkhbhpuduf/Build/Products/Debug-xrsimulator/CloudKitWrapper' (no such file), '/Library/Developer/CoreSimulator/Volumes/xrOS_22O237/Library/Developer/CoreSimulator/Profiles/Runtimes/xrOS 2.4.simruntime/Contents/Resources/RuntimeRoot/usr/lib/system/introspection/CloudKitWrapper' (no such file), '/Library/Developer/CoreSimulator/Volumes/xrOS_22O237/Library/Developer/CoreSimulator/Profiles/Runtimes/xrOS 2.4.simruntime/Contents/Resources/RuntimeRoot/CloudKitWrapper' (no such file), '/CloudKitWrapper' (no such file) at Apple.CloudKit.CKContainer.CKContainer_Default () [0x00000] in <00000000000000000000000000000000>:0 at Apple.CloudKit.CKContainer.Default () [0x00000] in <00000000000000000000000000000000>:0 I opened up the "Debug-xrsimulator" and indeed there is no CloudKitWrapper. However, if I "show content" on the app and navigate to the "Frameworks" folder, all Apple Arcade plugins are here, including CloudKit. I guess the plugin is in the right location, but the code tries to load it from the wrong path.