So the battery level value is in accurate returns the battery percentage in multiple of 5 values e.g. battery percentage is 42 but the api returns it as 40. So please fix the issue if possible because i checked that the devices running iOS versions below 17 appear to be working fine.

Body: Hello, We are currently implementing iOS order verification and have encountered an issue. Some of the receipts we verify return with an empty in_app array, which makes it impossible to determine whether there is a valid in-app purchase. Below is the code we’re using for verification and the result we receive: Code Example: public function iosVerifyReceipt($receipt, $password = '', $sandbox = false) { $url = $sandbox ? 'https://sandbox.itunes.apple.com/verifyReceipt' : 'https://buy.itunes.apple.com/verifyReceipt'; if (empty($password)) { $data = json_encode(['receipt-data' => $receipt]); } else { $data = json_encode(['receipt-data' => $receipt, 'password' => $password]); } $ch = curl_init($url); curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); curl_setopt($ch, CURLOPT_POST, true); curl_setopt($ch, CURLOPT_POSTFIELDS, $data); $result = curl_exec($ch); curl_close($ch); $result = json_decode($result, true); $result = $result ?? []; $result['sandbox'] = $sandbox; if ($result['status'] != 0) { Log::warning('ios verify receipt failed', ['receipt' => $receipt, 'result' => $result, 'sandbox' => $sandbox]); if ($result['status'] == 21007) { return $this->iosVerifyReceipt($receipt, $password, true); } } return $result; } // Order validation check if (empty($result) || $result['status'] != 0) { throw new BadRequestHttpException("Ios Order Verify Error"); } $appItemId = $result['receipt']['app_item_id'] ?? ""; if ($appItemId != MY_APP_ID) { throw new BadRequestHttpException("Ios Order Verify Error"); } $inApp = array_filter( $result['receipt']['in_app'] ?? [], function ($item) use ($transactionId,$order) { return $item['transaction_id'] == $transactionId && $item['product_id'] == $order->getProductId(); } ); if (empty($inApp)) { throw new BadRequestHttpException( "Ios Order Verify Error"); } Array ( [receipt] => Array ( [receipt_type] => Production [adam_id] => * [app_item_id] => * [bundle_id] => * [application_version] => 5511 [download_id] => * [version_external_identifier] => * [receipt_creation_date] => 2025-02-11 04:06:47 Etc/GMT [receipt_creation_date_ms] => * [receipt_creation_date_pst] => 2025-02-10 20:06:47 America/Los_Angeles [request_date] => 2025-02-11 15:54:56 Etc/GMT [request_date_ms] => * [request_date_pst] => 2025-02-11 07:54:56 America/Los_Angeles [original_purchase_date] => 2025-02-11 04:02:41 Etc/GMT [original_purchase_date_ms] => * [original_purchase_date_pst] => 2025-02-10 20:02:41 America/Los_Angeles [original_application_version] => * [preorder_date] => 2025-01-17 21:12:28 Etc/GMT [preorder_date_ms] => * [preorder_date_pst] => 2025-01-17 13:12:28 America/Los_Angeles [in_app] => Array ( ) ) [environment] => Production [status] => 0 [sandbox] => )

Body: Hello, We are currently implementing iOS order verification and have encountered an issue. Some of the receipts we verify return with an empty in_app array, which makes it impossible to determine whether there is a valid in-app purchase. Below is the code we’re using for verification and the result we receive: Code Example: public function iosVerifyReceipt($receipt, $password = '', $sandbox = false) { $url = $sandbox ? 'https://sandbox.itunes.apple.com/verifyReceipt' : 'https://buy.itunes.apple.com/verifyReceipt'; if (empty($password)) { $data = json_encode(['receipt-data' => $receipt]); } else { $data = json_encode(['receipt-data' => $receipt, 'password' => $password]); } $ch = curl_init($url); curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); curl_setopt($ch, CURLOPT_POST, true); curl_setopt($ch, CURLOPT_POSTFIELDS, $data); $result = curl_exec($ch); curl_close($ch); $result = json_decode($result, true); $result = $result ?? []; $result['sandbox'] = $sandbox; if ($result['status'] != 0) { Log::warning('ios verify receipt failed', ['receipt' => $receipt, 'result' => $result, 'sandbox' => $sandbox]); if ($result['status'] == 21007) { return $this->iosVerifyReceipt($receipt, $password, true); } } return $result; } // Order validation check if (empty($result) || $result['status'] != 0) { throw new BadRequestHttpException("Ios Order Verify Error"); } $appItemId = $result['receipt']['app_item_id'] ?? ""; if ($appItemId != MY_APP_ID) { throw new BadRequestHttpException("Ios Order Verify Error"); } $inApp = array_filter($result['receipt']['in_app'] ?? [], function ($item) use ($transactionId, $order) { return $item['transaction_id'] == $transactionId && $item['product_id'] == $order->getProductId(); }); if (empty($inApp)) { throw new BadRequestHttpException("Ios Order Verify Error"); } Array ( [receipt] => Array ( [receipt_type] => Production [adam_id] => * [app_item_id] => * [bundle_id] => * [application_version] => * [download_id] => * [version_external_identifier] => * [receipt_creation_date] => 2025-02-11 04:06:47 Etc/GMT [receipt_creation_date_ms] => * [receipt_creation_date_pst] => 2025-02-10 20:06:47 America/Los_Angeles [request_date] => 2025-02-11 15:54:56 Etc/GMT [request_date_ms] => * [request_date_pst] => 2025-02-11 07:54:56 America/Los_Angeles [original_purchase_date] => 2025-02-11 04:02:41 Etc/GMT [original_purchase_date_ms] => * [original_purchase_date_pst] => 2025-02-10 20:02:41 America/Los_Angeles [original_application_version] => 5511 [preorder_date] => 2025-01-17 21:12:28 Etc/GMT [preorder_date_ms] => * [preorder_date_pst] => 2025-01-17 13:12:28 America/Los_Angeles [in_app] => Array ( ) ) [environment] => Production [status] => 0 [sandbox] => ) Problem Description: • We are noticing that in some orders, the in_app array is returned as empty. This causes difficulty in verifying the presence of in-app purchases. • Our validation logic assumes that if in_app is empty, the order is invalid, but we would like clarification on whether this is correct or if such a scenario is normal under certain conditions. Actions Taken: • We have reviewed Apple’s documentation and other related resources, but no clear explanation is given about when in_app might be empty. • Can we safely rely on an empty in_app array to consider the order invalid, or should we investigate further for potential issues like delays or errors during the verification process? We would appreciate your guidance on how to handle such cases. Thank you for your support!

Dear Apple Developer Community,, I understand that RPC is not the recommended IPC mechanism for communication between an Endpoint Security (ES) Extension or a Network System Extension and a daemon. However, I would like to clarify whether Apple currently allows the use of RPC (clnt_call()) as an IPC method for these extensions to communicate event details to a daemon. Given that ES Extensions operate in a sandboxed environment, they may lack the necessary permissions to create network sockets (e.g., clnt_call() over TCP) on a properly signed macOS system with SIP enabled (macOS Sequoia). Looking for clarification on the following points: Whether RPC (clnt_call()) is currently supported as an IPC mechanism for ES Extensions or Network System Extensions? If supported, does Apple have any plans to deprecate RPC-based IPC (such as clnt_call()) in the near future for these extensions? I would appreciate any insights or references to official documentation on this topic.

Our team also received this email regarding the APNS. I don't know if I need to do something or not, since I haven't found any information in SAP Forums either. Our app uses the SAP Mobile Services push notifications. If any of you know any information about this, please let me know.

When using CallKit in my flutter app audio(both mic and speaker) stop working. When not using call kit to answer calls the app work fine. I am using the flutter flutter_callkit_incoming to use callkit and flutter_webrtc for the telephony. Flutter_callkit_incoming has some boilerplate code code include sections to uncomment when using webrtc and I have seen multiple fixes to suggest to make sure the to configure sharedAudioSession before the callkit is sent. Neither of this approaches seemed to have worked.

I have USB DriverKit driver. When I use the log command below to get log, there is logs from my driver on my own M-series MacBook where the driver is built using developer account. log stream | grep CompanyName But on other mac like (M-series) Mac Mini, there is no log captured from driver though the driver is communicating with the machine correctly. The only log captured are from MacOS regarding CompanyName driver status/unload/load. The MacOS is Sonoma 14.7.2 and 14.7.3. Please advise on how to get log from driver since writing to files is not allowed in DriverKit. I need logs to troubleshoot on Mac Mini. Thanks.

Hey everyone, I wanted to check if anyone else has faced extreme delays when requesting access to Apple Pay Wallet APIs. It was Oct 11 2024 a year ago since we first applied to enable in-app provisioning for virtual cards in our app and we made 1% progress. For context, we already got access from Google for Google Wallet—it was smooth, professional, and timely. But with Apple… it’s been nothing but an endless cycle of waiting. We followed every step, submitted everything correctly, and even called Apple Developer Support multiple times. Their response? "We've escalated it." Again and again. But there’s no real progress. We’re rerouted, ignored, and left in limbo. At this point, I don’t even know if anyone is actually reviewing these requests. If a business like ours—fully compliant and ready to integrate—can’t even get a response in 150 day, how is this process supposed to work? I’m posting this here because I can’t be the only one. Has anyone else faced this? If you finally got access, how did you do it? Because right now, it feels like Apple Pay in-app provisioning is an impossible goal. Hoping someone from Apple sees this and realizes how broken this process is. We’re just trying to innovate and offer Apple users a great experience—why is it so difficult? Looking forward to hearing from anyone in the community who can help, Thanks! 🙏

I'm trying to build an app with a DeviceActivityMonitor extension that executes some code after 15 minutes. I can confirm that the extension is set up correctly and that intervalDidStart is executed, but for some reason the intervalDidEnd method never gets called. What I'm doing in both is just registering a local notification. class DeviceActivityMonitorExtension: DeviceActivityMonitor { let store = ManagedSettingsStore() override func intervalDidStart(for activity: DeviceActivityName) { createPushNotification( title: "Session activated!", body: "" ) super.intervalDidStart(for: activity) } override func intervalDidEnd(for activity: DeviceActivityName) { createPushNotification( title: "Session ended", body: "" ) super.intervalDidEnd(for: activity) } private func createPushNotification(title: String, body: String) { let content = UNMutableNotificationContent() content.title = title content.body = body // Configure the recurring date. var dateComponents = Calendar.current.dateComponents([.era, .year, .month, .day, .hour, .minute, .second], from: Date().addingTimeInterval(1.0)) dateComponents.calendar = Calendar.current dateComponents.timeZone = TimeZone.current // Create the trigger as a repeating event. let trigger = UNCalendarNotificationTrigger(dateMatching: dateComponents, repeats: false) let uuidString = UUID().uuidString let request = UNNotificationRequest(identifier: uuidString, content: content, trigger: trigger) // Schedule the request with the system. let notificationCenter = UNUserNotificationCenter.current() notificationCenter.add(request) } } And this is the method that is starting the monitoring session: @objc public static func startSession() -> String? { // Calculate start and end times let center = DeviceActivityCenter() let minutes = 15 let startDate = Date().addingTimeInterval(1) guard let endDate = Calendar.current.date(byAdding: .minute, value: minutes, to: startDate) else { return "Failed to create end date?" } // Create date components and explicitly set the calendar and timeZone let startComponents = Calendar.current.dateComponents([.era, .year, .month, .day, .hour, .minute, .second], from: startDate) let endComponents = Calendar.current.dateComponents([.era, .year, .month, .day, .hour, .minute, .second], from: endDate) // Create schedule let schedule = DeviceActivitySchedule( intervalStart: startComponents, intervalEnd: endComponents, repeats: false ) print("Now", Date()) print("Start", startDate, startComponents) print("End", endDate, endComponents) print(schedule.nextInterval) do { // Use a consistent activity name for our simple implementation let activity = DeviceActivityName("SimpleSession") try center.startMonitoring(activity, during: schedule) return nil } catch { return "Failed to start monitoring: \(error)" } } I can confirm my dates & date components make sense with the 4 print statements. Here is the output: Now 2025-02-12 04:21:32 +0000 Start 2025-02-12 04:21:33 +0000 era: 1 year: 2025 month: 2 day: 11 hour: 20 minute: 21 second: 33 isLeapMonth: false End 2025-02-12 04:36:33 +0000 era: 1 year: 2025 month: 2 day: 11 hour: 20 minute: 36 second: 33 isLeapMonth: false Optional(2025-02-12 04:21:33 +0000 to 2025-02-12 04:36:33 +0000) I get the Session activated! notification but never get the Session ended notification. Half an hour later, I've tried debugging the DeviceActivityCenter by printing out the activities property and can see that it is still there. When I try to print out the nextInterval property on the schedule object i get from calling center.schedule(for:), it returns nil. I'm running this on an iPhone 8 testing device with developer mode enabled. It has iOS 16.7.10. I'm totally lost as to how to get this to work.

Hi Team, OS is prompting for local network permission for our application which runs as root level daemon. As per the our analysis, it looks like it is prompting from our own library which is trying to get network info ' using /usr/sbin/system_profiler with "-xml -detailLevel basic SPNetworkDataType" and then trying to iterate to find DNS.ServerAddresses for each item. Then using [NSHost hostWithAddress:IPAddress];(When this library is not linked to the app then there is no prompt, so most likely this is the code that is resulting in the prompt). Is this expected ? . Is there any other way that we can get DNS host name without being prompted for local network permission on mac OS 15

The errors below pop up when I validate or distribute the mobile app; this error happens with the upgraded Xcode version. I have Xcode 16.2, and the minimum target deployment is 14.0. Please help me to resolve these errors. build was successful, I can launch my application from the simulator Validation failed Invalid Bundle. The bundle .app/Frameworks/hermes.framework does not support the minimum OS Version specified in the Info.plist. (ID: ee79350d-249e-4101-89fe-e41b2620f4d6) Validation failed Missing Info.plist value. A value for the key 'MinimumOSVersion' in bundle .app/Frameworks/hermes.framework is required. (ID: b0f58cd5-2c72-437b-98c9-1b2b4122c203) Validation failed Invalid MinimumOSVersion. Apps that only support 64-bit devices must specify a deployment target of 8.0 or later. MinimumOSVersion in ‘.app/Frameworks/hermes.framework' is ''. (ID: c2a6247f-21d6-438f-b52f-572425b7aa65)

We have an application which is written in Swift, which activates two network extensions (Content Filter, Transparent Proxy). We want to use MDM deployment for these network system extensions. For Content Filter, we already have Jamf Profile which has Web Content Filter payload and it works fine. Our Transparent Proxy module is a system extension, which is exposing an app proxy provider interface (We are using NETransparentProxyProvider class and in extension’s Info.plist we use com.apple.networkextension.app-proxy key.) We don’t have any remote server setup to forward the traffic, instead we open a connection with a certain localhost:port to redirect the traffic which is received in our transparent proxy. We have another module that listens to the particular localhost:port to process the traffic further. We are unable to find the appropriate payload in any of the Profile Editor applications like Apple Configurator, iMazing Profile Editor and Jamf Pro that correctly describes our setup. As per https://developer.apple.com/documentation/devicemanagement/vpn/transparentproxy documentation, we noticed that we can use the VPN payload with app-proxy as Provider Type for Transparent Proxy. Here are the list of issues encountered with different MDM solutions. **AppleConfigurator: ** We were able to install the profile created via Apple Configurator. However when we install our product (which has the above mentioned system extensions), the Transparent Proxy added by our product fails to map with the installed profile. User has to provide the credentials and follow the steps while installing the extension via the product. Attached the screenshot of "Network->Filters" screen and the profile for reference. Profile Created using Apple Configurator iMazing Profile Editor: Unable to install the profile created using iMazing Profile Editor. Attached the screenshot of error and the profile for reference: Profile Created Using iMazing Profile Editor Jamf Pro: We were able to install the profile created via Jamf Pro and also while in stalling our product the Transparent Proxy gets mapped with the one which is installed via profile. However after that the network is broken and hence unable to browse anything. Attached the profile for reference. Profile Created using Jamf Pro What should be the correct profile payload to use for our Transparent Proxy?

We have an application which is written in Swift, which activates network extension (Transparent Proxy). We want to use MDM deployment for this network system extension. Our Transparent Proxy module is a system extension, which is exposing an app proxy provider interface (We are using NETransparentProxyProvider class and in extension’s Info.plist we use com.apple.networkextension.app-proxy key.) We don’t have any remote server setup to forward the traffic, instead we open a connection with a certain localhost:port to redirect the traffic which is received in our transparent proxy. We have another module that listens to the particular localhost:port to process the traffic further. As per https://developer.apple.com/documentation/devicemanagement/vpn/transparentproxy documentation, we noticed that we can use the VPN payload with app-proxy as Provider Type for Transparent Proxy. We were able to install the profile created via Jamf Pro and also while in stalling our product the Transparent Proxy gets mapped with the one which is installed via profile. However after that the network is broken and hence unable to browse anything. We are suspecting the remote server filed is causing this. So we tried creating the custom profile without remote server address for VPN payload, but we are unable to install the profile. It throws below error: 2025-02-11 16:43:55.193348+0530 0x2f880 Error 0x0 6815 0 mdmclient: (NetworkExtension) [com.apple.networkextension:] Failed to save configuration DGWebProxy because it is invalid: Error Domain=NEConfigurationErrorDomain Code=2 "configuration is invalid: Missing server address" UserInfo={NSLocalizedDescription=configuration is invalid: Missing server address}
2025-02-11 16:43:55.193376+0530 0x2f880 Error 0x0 6815 0 mdmclient: (NetworkExtension) [com.apple.networkextension:] NEProfileIngestion Error occurred when saving configuration 'DGWebProxy': configuration is invalid: configuration is invalid: Missing server address 
2025-02-11 16:43:55.196159+0530 0x2f880 Error 0x0 6815 7 mdmclient: [com.apple.ManagedClient:CPDomainPlugIn] [ERROR] [0:MDMDaemon:CPDomainPlugIn:<0x2f880>] <<<<< PlugIn: InstallPayload [NEProfileIngestionPlugin] Error: Error Domain=ConfigProfilePluginDomain Code=-319 "The ‘VPN Service’ payload could not be installed. The VPN service could not be created." UserInfo={NSLocalizedDescription=The ‘VPN Service’ payload could not be installed. The VPN service could not be created.} <<<<<
2025-02-11 16:43:55.196826+0530 0x2f880 Error 0x0 6815 7 mdmclient: [com.apple.ManagedClient:MDMDaemon] [ERROR] [0:MDMDaemon:<0x2f880>] [CE] PlugIn_InstallPayload ==> Error Domain=ConfigProfilePluginDomain Code=-319 "The ‘VPN Service’ payload could not be installed. The VPN service could not be created." UserInfo={NSLocalizedDescription=The ‘VPN Service’ payload could not be installed. The VPN service could not be created.} Can we create MDM profile for Transparent Proxy without remote server address?

Hey, our app is host for system extension and since macOS 15.3 there is an error when user tries delete an app pop with missing permission appears Is it intentional? Is it a bug? if not how in correct way should we handle removing of SE when app is being to removed?

Hello, I have a couple of questions regarding the change of the Certification Authority (CA) for Apple Push Notification service (APNs) and I will be grateful for any answers. Does it require only making sure the server machine has the SHA-2 Root: USERTrust RSA Certification Authority certificate included in Trust Store (/etc/ssl/certs/USERTrust_RSA_Certification_Authority.pem with SHA256: 8a3dbcb92ab1c6277647fe2ab8536b5c982abbfdb1f1df5728e01b906aba953a) ? Should the Certificate Signing Request be updated (that one that is uploaded to https://identity.apple.com/pushcert/) ? Does it have any connection with the certificates that are created on https://identity.apple.com/pushcert/ ? Is the push type "mdm" affected too? Which certificate should be added and where specifically? Is it for Certificate Signing Request to https://identity.apple.com/pushcert/ or the certificate that is generated on https://developer.apple.com/account/resources/certificates/list or like mentioned in the first question? Can a certificate for sandbox environment be created on https://identity.apple.com/pushcert/ ? Thank you for any help.

After the app is put in background for sometime and brought in to foreground and the app crashes each time with a different thread stack entries but all of them states same exception reason.

Hello, I'm developing a Transparent Proxy and I noticed that the Network Extension Framework logs in the Unified Logging System when my profile receives a flow, its source application, its destination endpoint, and my profile's decision regarding that flow. I worry that this may compromise the user's privacy. So is there a way that I can turn off these logs at least in Distribution Configurations?

Hello, I have been testing my app in iOS 18 device and while creating a server with TCP, then apple make a request for local network permission automatically. If we don't allow the permission, the connection not working. We are getting the connection timeout error even after allowing again from device setting. Has something changed in the flow for iOS 18 version? Can someone help me to solve this issue?

I have 2 XPC clients and an XPC server. One of the XPC clients is a binary-helper that serves as a native messaging host for the browserExtension. The other XPC client sends a specific event to the XPC server, which then triggers a Darwin notification. The binary-helper observes this Darwin notification and sends a response to the browserExtension. Currently, we're considering two options to communicate the response from binary-helper to browserExtension: Polling: Every 5 seconds, the browserExtension checks for a response. Darwin Notifications: The binary-helper sends a message to the browserExtension as soon as it observes the Darwin notification. I'm wondering if Darwin notifications are fast enough to reliably deliver this response to the browserExtension in real time, or if polling would be a more reliable approach. Any insights or experiences with using Darwin notifications in a similar scenario would be greatly appreciated.

Hello. Recently, the users of our APP have reported using our products, and they can normally receive push in Hong Kong. However, when traveling to Japan or some countries and regions in Europe, push will not be received. we checked that -the cert is valid -the server get 'sent successfully' response -used pushtry to test the cert and token and it can receive push in app