Hello Apple Forums, We are developing an iOS application that connects to a custom BLE accessory and sends control commands to it. Our system architecture is as follows: A separate hardware device collects data and sends it to our backend server via Wi-Fi. The backend evaluates state changes and determines when the BLE accessory should update its display. The iOS app acts purely as a BLE command executor for this accessory. Our goal is to: Maintain a BLE connection with the accessory while the app is in the background. Receive state-change events from our backend server. Upon receiving such events, send a BLE command to the accessory to update its state. We understand that iOS does not allow arbitrary background execution. We would like to confirm whether there is any supported mechanism, entitlement, or program that allows: Long-running background execution for BLE control, or Server-originated events (other than APNs) to trigger background BLE actions. If this is not supported, we would appreciate confirmation that APNs (silent push) is the only supported way to trigger such background BLE actions, or guidance on any recommended alternative architectures. Thank you for your guidance.

Hey there, is there a way to set the z-index for MarkerAnnotations in MapkitJS? I'm loading up to 200 markers dynamically as the map moves or the user zooms and I want a few specific markers to always be at the top (the best search results). The only way I found is to always remove all markers and then add them again in the right order, but that's visually so annoying to see them disappear and animate in with every tiny movement. I thought about using a default Annotation and setting the z-index myself and trying to rebuild the balloon, including the animation when it's clicked, but the big downside is probably the performance because I won't be able to use shadow DOM elements and have 200 real DOM elements instead. Is there a solution to this right now or is it planned to add a feature like that to Mapkit JS? It's a real blocker for me right now because all the bad content always gets rendered on top when a user zooms in, because I obviously want to show the best content first when the user isn't zoomed in yet. Thank you so much in advance. I really appreciate it. Manuel

Hi, I’m implementing a macOS DNS Proxy as a system extension and running into a persistent activation error: OSSystemExtensionErrorDomain error 9 (validationFailed) with the message: extension category returned error This happens both on an MDM‑managed Mac and on a completely clean Mac (no MDM, fresh install). Setup macOS: 15.x (clean machine, no MDM) Xcode: 16.x Team ID: AAAAAAA111 (test) Host app bundle ID: com.example.agent.NetShieldProxy DNS Proxy system extension bundle ID: com.example.agent.NetShieldProxy.dnsProxy The DNS Proxy is implemented as a NetworkExtension system extension, not an app extension. Host app entitlements From codesign -d --entitlements :- /Applications/NetShieldProxy.app: xml com.apple.application-identifier AAAAAAA111.com.example.agent.NetShieldProxy <key>com.apple.developer.system-extension.install</key> <true/> <key>com.apple.developer.team-identifier</key> <string>AAAAAAA111</string> <key>com.apple.security.app-sandbox</key> <true/> <key>com.apple.security.application-groups</key> <array> <string>group.com.example.NetShieldmac</string> </array> <key>com.apple.security.files.user-selected.read-only</key> <true/> xml com.apple.application-identifier AAAAAAA111.com.example.agent.NetShieldProxy.dnsProxy <key>com.apple.developer.networking.networkextension</key> <array> <string>dns-proxy-systemextension</string> </array> <key>com.apple.developer.team-identifier</key> <string>AAAAAAA111</string> <key>com.apple.security.application-groups</key> <array> <string>group.com.example.NetShieldmac</string> <string>group.example.NetShieldmac</string> <string>group.example.agent.enterprise.macos</string> <string>group.example.com.NetShieldmac</string> </array> DNS Proxy system extension Info.plist On the clean Mac, from: bash plutil -p "/Applications/NetShieldProxy.app/Contents/Library/SystemExtensions/com.example.agent.NetShieldProxy.dnsProxy.systemextension/Contents/Info.plist" I get: json { "CFBundleExecutable" => "com.example.agent.NetShieldProxy.dnsProxy", "CFBundleIdentifier" => "com.example.agent.NetShieldProxy.dnsProxy", "CFBundleName" => "com.example.agent.NetShieldProxy.dnsProxy", "CFBundlePackageType" => "SYSX", "CFBundleShortVersionString" => "1.0.1.8", "CFBundleSupportedPlatforms" => [ "MacOSX" ], "CFBundleVersion" => "0.1.1", "LSMinimumSystemVersion" => "13.5", "NSExtension" => { "NSExtensionPointIdentifier" => "com.apple.dns-proxy", "NSExtensionPrincipalClass" => "com_example_agent_NetShieldProxy_dnsProxy.DNSProxyProvider" }, "NSSystemExtensionUsageDescription" => "SYSTEM_EXTENSION_USAGE_DESCRIPTION" } The DNSProxyProvider class inherits from NEDNSProxyProvider and is built in the system extension target. Activation code In the host app, I use: swift import SystemExtensions final class SystemExtensionActivator: NSObject, OSSystemExtensionRequestDelegate { private let extensionIdentifier = "com.example.agent.NetShieldProxy.dnsProxy" func activate(completion: @escaping (Bool) -> Void) { let request = OSSystemExtensionRequest.activationRequest( forExtensionWithIdentifier: extensionIdentifier, queue: .main ) request.delegate = self OSSystemExtensionManager.shared.submitRequest(request) } func request(_ request: OSSystemExtensionRequest, didFailWithError error: Error) { let nsError = error as NSError print("Activation failed:", nsError) } func request(_ request: OSSystemExtensionRequest, didFinishWithResult result: OSSystemExtensionRequest.Result) { print("Result:", result.rawValue) } } Runtime behavior on a clean Mac (no MDM) config.plist is created under /Library/Application Support/NetShield (via a root shell script). A daemon runs, contacts our backend, and writes /Library/Application Support/NetShield/state.plist with a valid dnsToken and other fields. The app NetShieldProxy.app is installed via a notarized, stapled Developer ID .pkg. The extension bundle is present at: /Applications/NetShieldProxy.app/Contents/Library/SystemExtensions/com.example.agent.NetShieldProxy.dnsProxy.systemextension. When I press Activate DNS Proxy in the UI, I see in the unified log: text NetShieldProxy: [com.example.agent:SystemExtensionActivator] Requesting activation for system extension: com.example.agent.NetShieldProxy.dnsProxy NetShieldProxy: [com.example.agent:SystemExtensionActivator] SystemExtensionActivator - activation failed: extension category returned error (domain=OSSystemExtensionErrorDomain code=9) NetShieldProxy: [com.example.agent:SystemExtensionActivator] SystemExtensionActivator - OSSystemExtensionError code enum: 9 NetShieldProxy: [com.example.agent:SystemExtensionActivator] SystemExtensionActivator - validationFailed And: bash systemextensionsctl list -> 0 extension(s) There is no prompt in Privacy & Security on this clean Mac. Question Given: The extension is packaged as a system extension (CFBundlePackageType = SYSX) with NSExtensionPointIdentifier = "com.apple.dns-proxy". Host and extension share the same Team ID and Developer ID Application cert. Entitlements on the target machine match the provisioning profile and Apple’s docs for DNS Proxy system extensions (dns-proxy-systemextension). This is happening on a clean Mac with no MDM profiles at all. What are the likely reasons for OSSystemExtensionErrorDomain error 9 (validationFailed) with "extension category returned error" in this DNS Proxy system extension scenario? Is there any additional configuration required for DNS Proxy system extensions (beyond entitlements and Info.plist) that could trigger this category-level validation failure? Any guidance or examples of a working DNS Proxy system extension configuration (host entitlements + extension Info.plist + entitlements) would be greatly appreciated. Thanks!

I’d like to propose that Apple consider introducing a controlled entitlement for the SIM Application Toolkit (STK) on iOS, allowing limited developer access through a secure, user-consented API layer. While I understand the historical restrictions around SIM access for privacy and carrier security, there are legitimate, high-impact use-cases in emerging markets where STK remains a critical part of everyday digital transactions. Currently, developers have no sanctioned way to trigger or interact with STK flows — which leaves millions of iPhone users unable to complete basic offline payment or authentication actions that their Android counterparts can. The Problem In regions such as Sub-Saharan Africa, South Asia, and Southeast Asia, entire financial ecosystems still depend on SIM-based STK interactions (commonly through USSD or encrypted STK sessions). On iOS: The “SIM Applications” menu is buried under Settings → Cellular → SIM Applications, often missing depending on carrier provisioning. Third-party developers cannot programmatically open or trigger STK actions. This results in incomplete or inconsistent payment experiences for iOS users — even when the same SIM card supports rich offline capabilities on Android devices. Proposed Solution Introduce a “SIMToolkitAccess” entitlement, gated behind the following controls: User Consent Prompt When first triggered, the system displays a native dialog: “App ‘X’ would like to initiate a SIM Toolkit action (e.g., payment or balance check). Do you allow this?” The user can approve once, always, or deny. Scoped Access Model Allow only STK command initiation (e.g., “Launch STK Menu,” “Send STK Request”) Prohibit background execution or passive SIM data reading. Require entitlement approval from Apple Developer Relations, similar to CarPlay, CallKit, or HealthKit. Secure Sandbox STK sessions run in a system-managed sandbox with zero data exposure to the calling app. The app simply receives a completion callback with a generic status code (e.g., .completed, .cancelled, .timeout). Key Use-Cases That Would Benefit Offline Mobile Payments (M-PESA, Airtel Money, T-Kash) Many users rely on STK-based menus for sending or receiving money, paying bills, and topping up accounts. → Enabling secure triggers from native apps would unify the payment UX between Android and iOS, increasing inclusivity. SIM-based Authentication / OTP Requests Telecoms and banks in these regions use STK channels for encrypted session-level identity verification. → Allowing STK initiation would enable secure, offline identity confirmation flows. Carrier Value-Added Services (Data Bundles, Utility Payments) Network operators still deliver bundles, electricity token purchases, and airtime loans via STK sessions. → Secure developer access would allow modern iOS apps to wrap these flows in more intuitive interfaces while maintaining carrier security. Offline Resilience / Disaster-Recovery Flows During power or data outages, STK is often the only operational payment method, as it runs directly on the GSM layer. → Allowing iOS apps to gracefully degrade to STK ensures users can still transact safely without internet access. Why It Matters This is not about exposing low-level carrier interfaces — it’s about giving developers the ability to deliver consistent, accessible, and inclusive financial experiences to iPhone users in markets where connectivity cannot be assumed. Apple’s leadership in privacy and safety would make it the perfect platform to define the secure standard for modernized STK integration — something Android’s open access model lacks. A gated entitlement model would preserve integrity while unlocking transformative use-cases for millions.

We recently released an update to our app to prepare for TX SB2420. Almost immediately on release, we started getting crash reports of crashes when calling isEligibleForAgeFeatures. Crashed: com.apple.root.user-initiated-qos.cooperative EXC_BAD_ACCESS KERN_INVALID_ADDRESS 0x0000000000000004 Is it possible that these are beta users that have IOS 26.2 RC or is there a bug in the release version of IOS 26.2? Note: The crash reports are coming from Crashlytics so we are not getting OS build identifiers other than version "26.2"

Background: We are developing a cross-platform mobile application that communicates with a custom NFC-enabled hardware device. The hardware expects ISO7816-style APDU commands for data exchange and functions correctly with Android using the IsoDep protocol. Observed Issue on iOS: On iOS, the tag is only detectable via NFCNdefReaderSession, which provides access to INFCNdefTag. Attempting to use NFCTagReaderSession with NFCPollingOption.Iso14443 (which is required for APDU communication) results in no tag detection. As a result, the tag is inaccessible for APDU-based communication on iOS. Since NFCNdefReaderSession does not support APDU, we are unable to establish the required command channel. Constraints: The hardware firmware cannot be changed to support NDEF-based command interpretation. The device expects raw ISO-DEP APDU commands (i.e., Class-Instruction-Param1-Param2-Data-Le). Impact: The lack of ISO7816 tag detection on iOS prevents the app from sending APDU commands, resulting in a platform-specific feature limitation. Functionality that relies on secure, structured APDU communication is unavailable to iOS users, even though it works seamlessly on Android.

I need to encode and decode Array<Array> SomeStruct is multiplexed in an Int The former API did work: if let format = decoder.decodeObject(forKey: someKey) as? Array<Array<SomeStruct>> { } But using the new API if let format = decoder.decodeObject(of: Array<Array<Int>>.self, forKey: someKey) { generates an error: Cannot convert value of type 'Array<Array<Int>>.Type' to expected argument type '[AnyClass]' (aka 'Array<any AnyObject.Type>') encoding is done as follows: var format = Array(repeating: Array(repeating: 0, count: 4), count: 4) // initialize the var coder.encode(format, forKey: someKey) What is the correct syntax ?

Issue Description: On non-Dynamic Island devices, when the screen is on, tapping the alarm banner does not open the app or trigger any action. Steps to Reproduce: Set a regular alarm. Wait until the alarm goes off. Keep the screen on. A banner appears with options (e.g., dismiss or a secondary action). Tap anywhere on the banner area that would normally open the app. Expected Behavior: Tapping the banner should open the app. Actual Behavior: Tapping the banner has no response.

Hi, Submitted Family Controls entitlement requests yesterday for a digital wellness app (main app + 3 extensions). For those who've been through this: How long did approval take? Did Apple ask for more info? Any tips? Thanks!

I'm having a reproducible problem receiving push notifications on macOS 26.2. The pattern is that the push is received and then discarded almost immediately (there is a 60s expiration date) when on battery power and then when I plug in pushes start working and even if I unplug again it works for hours until breaking again. These are alert notifications with priority 10. Other team members have had similar problems but less reliably broken and even get a "stored for device power considerations" message followed by discarded (see apns-unique-id c29250a3-abbf-008a-96f9-a5384e32d1df). An example from my machine with the apns-unique-id 6b2dfe3d-af99-182a-0e1e-6b811d3ec486 which fails immediately. iOS is working fine however so this seems to be confined to macOS only.

Hi, I am building a new app in the App Store - the app is not live yet. I have setup an annual subscription product in AppStore Connect. Our problem is that we are unable to retrieve the product from our app - we've made sure that there are no missing metadata (e.g. price, availability). Has anyone encountered before? Appreciate any help provided. Thanks

Is there any supported or recommended way to achieve user-configurable alarm volume while still using AlarmKit? Hi there! I’m currently building an alarm app on iOS using AlarmKit, and I’m running into a fundamental limitation around volume control. When using AlarmKit, alarm sounds are played at the system ringer volume. My goal is simple in concept: Allow users to set an alarm volume inside the app, and have the alarm sound play at that volume when triggered. However, AlarmKit does not provide any API to control or override the alarm volume. I’ve explored several approaches(AVSystemController, MPVolumeView...), but none achieved the desired result. Is there any supported or recommended way to achieve user-configurable alarm volume while still using AlarmKit? Any insights from developers who’ve shipped alarm apps, or from Apple engineers, would be greatly appreciated. Thanks in advance 🙏

We are developing a health app that relies on HKObserverQuery and BackgroundDelivery to monitor Heart Rate data. On watchOS 10.6 and 11.6 , these data updates are typically delivered reliably every 8–12 minutes, occasionally exceeding 12 minutes, but generally not longer than 15 minutes. This frequency has been sufficient for the real-time data requirements of our app. However, after adapting our app to watchOS 26, we noticed that HKObserverQuery triggers much less frequently, with longer and very inconsistent intervals. This issue has had a major impact on our product: data collection for essential features is unreliable, resulting in a greatly diminished user experience on watchOS 26 and making the app essentially useless from the user’s perspective. Observed Behavior: HKObserverQuery and BackgroundDelivery are extremely unstable, with trigger intervals frequently exceeding 15 minutes, and sometimes even 20 minutes. When the user is sedentary, intervals become even longer; there are cases where no heart rate or active energy updates are delivered for 30 minutes, or even over 1 hour. Request for Support and Guidance: Have there been any changes to the HKObserverQuery background delivery mechanism on watchOS 26, specifically for Heart Rate and Active Energy data? If these changes are intentional system optimizations, could you provide guidance or recommended practices to ensure our app can reliably retrieve updates and maintain a smooth experience for users? Thank you for your support.

Hello, We are using a Message Filter Extension (ILMessageFilterExtension) to classify SMS/iMessage content (junk vs allow) in our app. After testing on iOS 26.1, we want to confirm whether there are any behavioral, performance, or API-level changes that impact message filtering, such as: Changes in how often the filter extension is invoked Differences in classification accuracy or system overrides New privacy, entitlement, or permission-related restrictions Execution time limits or memory constraints Any changes specific to iMessage vs SMS filtering We did not find any explicit mention of Message Filter Extensions in the iOS 26.1 release notes and would like to confirm whether the existing behavior from previous iOS versions remains unchanged. Has Apple introduced any known or undocumented changes in iOS 26.1 that developers should be aware of when supporting Message Filter Extensions? Sometime I also found unpredictable behaviour on iOS version 18.5 or below, like sometime it works but sometimes starts working. Thanks in advance for any guidance.

We are observing some unexpected behavior in our app when using ASK. Our app is able to successfully discover and set up an accessory via ASK. After the setup completes, the connection to the accessory is managed through CBCentralManager and works as expected. However, when we attempt to discover another accessory afterward, the picker is shown and indicates that accessory discovery is in progress. After approximately 10 seconds, the CBCentralManager delegate reports the Bluetooth state as poweredOff. Once this happens, the state never transitions back to poweredOn. At this point, the only way to reconnect to the device or continue discovery is to relaunch the app. We are wondering if anyone else has encountered similar behavior, or if this is a known or documented limitation/behavior when using ASK in combination with CBCentralManager.

Apple notification description: notificationType： The type that describes the In-App Purchase or external purchase event for which the App Store sends the version 2 notification. App Store Server Notifications 2.0+ string notificationType Possible Values CONSUMPTION_REQUEST A notification type that indicates that the customer initiated a refund request for a consumable In-App Purchase or auto-renewable subscription, and the App Store is requesting that you provide consumption data. For more information, see Send Consumption Information. When the developer receives the refund request notification and sends the refundPreference, they say: GRANT_PRORATED You prefer that the App Store grants a prorated refund. Discussion Use these values in the refundPreference field of a ConsumptionRequest. The following constraints apply to the GRANT_PRORATED option: If the product is a consumable or non-consumable In-App Purchase or a non-renewing subscription, you may include a consumptionPercentage value in the ConsumptionRequest. Question: Requesting a refund for a non-consumable type does not send a notification to the developer. However, when a developer sends a refund preference, they can still send a GRANT_PRORATED request for a non-consumable type.

Environment macOS Tahoe 26.2 (Build 25C56) Also tested with macOS 26.3 Developer Beta - same issue Windows Server 2022 DFS namespace Connection via Tailscale VPN (but also tested with direct network connection) Problem Description When connecting to a Windows Server 2022 DFS namespace from macOS Tahoe, the root namespace connects successfully, but all subfolders appear empty and return either: "No route to host" "Authentication error" (alternates inconsistently) Steps to Reproduce Set up a Windows Server 2022 DFS namespace (e.g., \\domain.com\fs) Add DFS folder targets pointing to file servers (e.g., \\fs02\share, \\fs03\share) From macOS Tahoe, connect via Finder: smb://domain.com/fs Root namespace mounts successfully Issue: Subfolders show as empty or return "No route to host" when accessed What Works Direct SMB connections to individual file servers work perfectly: smb://10.118.0.26/sharename ✓ smb://fs02.domain.com/sharename ✓ Same DFS namespace works from Windows clients Same DFS namespace worked from macOS Sonoma 14.4+ What Doesn't Work DFS referrals from macOS Tahoe 26.x to any DFS folder target The issue persists regardless of: Kerberos vs NTLM authentication SMB signing enabled/disabled on servers Various /etc/nsmb.conf configurations DNS resolution (tested with IPs and FQDNs) Historical Context A similar DFS referral bug existed in macOS Sonoma 14.0 and was fixed in 14.1. This appears to be a regression in macOS Tahoe 26. Request Please investigate the DFS referral handling in macOS Tahoe. The fact that direct SMB connections work while DFS referrals fail suggests an issue specifically in the DFS referral processing code. Feedback Assistant report will be filed separately.

When installing a new version the app while a tunnel is connected, seemingly the old packet tunnel process gets stopped but the new one does not come back up. Reportedly, a path monitor is reporting that the device has no connectivity. Is this the expected behavior? When installing an update from TestFlight or the App store, the packet tunnel instance from the old tunnel is stopped, but, due to the profile being on-demand and incldueAllNetworks, the path monitoring believes the device has no connectivity - so the new app is never downloaded. Is this the expected behavior? During development, the old packet tunnel gets stopped, the new app is installed, but the new packet tunnel is never started. To start it, the user has to toggle the VPN twice from the Settings app. The tunnel could be started from the VPN app too, if we chose to not take the path monitor into account, but then the user still needs to attempt to start the tunnel twice - it only works on the second try. As far as we can tell, the first time around, the packet tunnel never gets started, the app receives an update about NEVPNStatus being set to disconnecting yet NEVPNConnection does not throw. The behavior I was naively expecting was that the packet tunnel process would be stopped only when the new app is fully downloaded and when the update is installed, Are we doing something horribly wrong here?

I have a large code that I try to update to change deprecated APIs. In the former version, I used forWritingWith and forReadingWith let data = NSMutableData() let archiver = NSKeyedArchiver(forWritingWith: data) archiver.encode(myObject, forKey: theKey) if let data = NSMutableData(contentsOf: anURL) { let unarchiver = NSKeyedUnarchiver(forReadingWith: data as Data) let myObject = unarchiver.decodeObject(forKey: theKey) as! TheObjectType // <<-- returns the object That I changed to let data = NSMutableData() let archiver = NSKeyedArchiver(requiringSecureCoding: true) archiver.encode(myObject, forKey: theKey) if let data = NSMutableData(contentsOf: anURL) { do { let unarchiver = try NSKeyedUnarchiver(forReadingFrom: data as Data) let myObject = unarchiver.decodeObject(forKey: theKey) as? TheObjectType // <<-- This returns nil This builds correctly. But on execution, unarchiver.decodeObject now returns nil. I have searched extensively to find the cause to no avail. I may probably change the design to avoid NSKeyedArchiver, but that would be a huge refactoring. I probably miss something obvious. Could someone hint at the possible cause ?

Hi all, I'm building an iOS app extension using ExtensionKit that works exclusively with its containing host app, presenting UI via EXHostViewController. I'd like the extension to have read-only access to the host's task for process introspection purposes. I'm aware this would almost certainly require a special entitlement. I know get-task-allow and the debugger entitlement exist, but those aren't shippable to the App Store. I'm looking for something that could realistically be distributed to end users. My questions: Does an entitlement exist (or is one planned) that would grant an extension limited, read-only access to its host's task—given the extension is already tightly coupled to the host? If not, is this something Apple would consider adding? The use case is an extension that needs to inspect host process state without the ability to modify it. Is there a path to request such an entitlement through the provisioning profile process, or is this fundamentally off the table for App Store distribution? It seems like a reasonable trust boundary given the extension already lives inside the host's app bundle, but I understand the security implications. Any insight appreciated. Thanks!