Hello, I'm from Microsoft team maintaining push notification api behind Teams platform. We are experiencing strange and short error spikes towards APNS that seem to mostly correlate worldwide. We checked the networking and push request code but could not find what could be causing this. These error spikes are all timeouts or connection resets (by remote host, ie. APNS servers) and seem to come and go randomly: Would it be possible to check this for outages or some other metrics on your side or investigate why would it happen? Since it's worldwide it seems unlikely it's something broken on our side. We are using the standard APNS http2 endpoint with modern support for all RFC features (so everything should work normally). Mind you, our api might be in a unique position because of the volume of notifications (in the billions per day).

Hello. Recently, the users of our APP have reported using our products, and they can normally receive push in Hong Kong. However, when traveling to Japan or some countries and regions in Europe, push will not be received. we checked that -the cert is valid -the server get 'sent successfully' response -used pushtry to test the cert and token and it can receive push in app

Push message on the lock-screen disappears in one specific instance. In general the situation is as follows: the application, upon starting up, sets the badge counter (i.e. notificationCenter.setBadgeCount(3)) the application is being sent to background the screen is locked (it doesn't matter if it's turned on or not) send a push message to the application and set the badge (in aps) to "0" What happens: the screen lights up (unless it's lit up already), the push is being displayed for a very short time and gets hidden. Happens on iOS 18.1, 18.1.1, 18.2. If not setting badge in the aps keys it works correctly. I've created a feedback report https://feedbackassistant.apple.com/feedback/16095572. I am able to reproduce the issue on a sample app 100% of the time :/

Hi, am facing an issue related to voip push notifications getting delivered 1-2 hours after apns-expiration to 0 and apns-priority to 10. I had raised a similar post got a reply that it may be due to network delay. But network delay can cause the delivery of voip push to be delayed only by few seconds or minutes. But in our case voip push is getting delivered hours after the voip call was attempted. Steps to reproduce: Put our voip app in background and lock iPhone. As app is put in background, socket connections gets disconnected from server. Now if a caller makes call to this app, the call should be delivered through voip push. 2) Voip push should ideally be received even if app is in background and iPhone is locked. It is connected to a good wifi network. But it does not receive the voip push. 3) After 1-2 hours user unlocks iPhone and opens voip app. As soon as user opens app, the voip push is received and phone starts ringing.

Hi! I am encountering an issue when attempting to send a test notification to update a live activity. The request is failing with the following error: { "code": 400, "message": "bad-request", "reason": "The device token doesn't match the specified topic.", "requestUuid": "3ed3fc0c-9c57-4d67-8ae8-cbabe0579b10" } I have verified that all device tokens and app identifiers are correct, but the error persists. Could you please assist in identifying the root cause of this issue?

Got notification to update this certificate - there was a link to Sectigo.com where I found an attachment with that name - when I clicked it I got a box where it said to install it. Clicked the box and it was saved somewhere on my computer. Now I dont know if that's it or I need to take further actions - please help :-) Have no experience with this - my collegue who did this has stopped. Hoping for a simple answer :-) P

Question, if I am writing async code in the notification service extension, I understand it terminates after 30 seconds. If I want to wait until these async methods finish before calling the content handler, I believe an option I have is to use dispatch groups. However I am open to other solutions if there are better options. My question is, if I use dispatch groups, is there any issue in using the main queue here? Or does the main thread not make sense to use in the context of the NSE? dispatch_group_notify(group, dispatch_get_main_queue(), ^{ if (self.contentHandler) { self.contentHandler(self.bestAttemptContent); } }); Or is it recommended to instead use a different queue in the NSE? dispatch_queue_t nseQueue = dispatch_queue_create("com.blah.blah.nse.queue", DISPATCH_QUEUE_SERIAL); dispatch_group_notify(group, dispatch_get_global_queue(QOS_CLASS_(SOMETHING), 0), ^{ ... }); OR am I over thinking this? :) Thanks ahead of time, relatively new to iOS so just looking to learn/understand better.

We are in the process of preparing our app to support the new Texas law (SB2420) that takes effect 1/1/2026. After reviewing Apple's recent announcements​/docs concerning this subject, one thing isn't clear to me: how to associate an app install with a​n App Store Server RESCIND_CONSENT notification​ that could be delivered to our server. Our app is totally free so there isn't an originalTransactionId​ or other similar transaction IDs that would be generated as part of an in-app purchase (and then subsequently sent as part of the payload in the notification to our server during an in-app purchase scenario). So my question is: How do I associate an app (free app) install with an App Store Server RESCIND_CONSENT notification​ that is sent to our server​?

It seems our company server is sending to Apple push service the push notifications that are supposed to be transferred to devices our app is installed on – but you it seems you are blocking the request We can see traffic going out from our server side towards the apple gateway notification server using port 2195 and we can see that the traffic gets "server-rst" meaning that the apple gateway server kills the connection You might need to whitelist our external IP's

Hi, we've observed a weird behavior for a small amount of our user that we keep receiving the same token from APNs despite it's shown as Unregistered. When we try to send push to the token, we got an Unregistered error so we remove that token from our server. However, later we would receive an add token request from the client with the same token we just removed, and when we try to send to the token it returns Unregistered again so we remove the token again. This happened 3 times for a user in an hour. The identifierForVendor remains the same for all the requests. We also owns the client and I've checked client code that it's sending the token it received from didRegisterForRemoteNotificationsWithDeviceToken to the server.

Hello, I have a couple of questions regarding the change of the Certification Authority (CA) for Apple Push Notification service (APNs) and I will be grateful for any answers. Does it require only making sure the server machine has the SHA-2 Root: USERTrust RSA Certification Authority certificate included in Trust Store (/etc/ssl/certs/USERTrust_RSA_Certification_Authority.pem with SHA256: 8a3dbcb92ab1c6277647fe2ab8536b5c982abbfdb1f1df5728e01b906aba953a) ? Should the Certificate Signing Request be updated (that one that is uploaded to https://identity.apple.com/pushcert/) ? Does it have any connection with the certificates that are created on https://identity.apple.com/pushcert/ ? Is the push type "mdm" affected too? Which certificate should be added and where specifically? Is it for Certificate Signing Request to https://identity.apple.com/pushcert/ or the certificate that is generated on https://developer.apple.com/account/resources/certificates/list or like mentioned in the first question? Can a certificate for sandbox environment be created on https://identity.apple.com/pushcert/ ? Thank you for any help.

When the app kills the process. Received APNs push message. Push messages carry voice related information. At the same time as receiving the push, obtain the voice playback of this voice message. How to achieve it?

I’m testing remote push notifications on macOS, and although notifications are received and displayed correctly, my Notification Service Extension (NSE) never gets invoked. The extension is properly added as a target in the same app, uses the UNNotificationServiceExtension class, and implements both didReceive(_:withContentHandler:) and serviceExtensionTimeWillExpire(). I’ve also set "mutable-content": 1 in the APNS payload, similar to how it works on iOS — where the same code correctly triggers the NSE. On macOS, however, there’s no sign that the extension process starts or the delegate methods are called. import UserNotifications class NotificationService: UNNotificationServiceExtension { override func didReceive(_ request: UNNotificationRequest, withContentHandler contentHandler: @escaping (UNNotificationContent) -> Void) { let modified = (request.content.mutableCopy() as? UNMutableNotificationContent) modified?.title = "[Modified] " + (modified?.title ?? "") contentHandler(modified ?? request.content) } override func serviceExtensionTimeWillExpire() { // Called if the extension times out before finishing } } And the payload used for testing: { "aps": { "alert": { "title": "Meeting Reminder", "body": "Join the weekly sync call" }, "mutable-content": 1 }, "MEETING_ORGANIZER": "Alex Johnson" } Despite all correct setup steps, the NSE never triggers on macOS (while working fine on iOS). Can anyone confirm whether UNNotificationServiceExtension is fully supported for remote notifications on macOS, or if additional configuration or entitlement is needed?

In didFinishLaunchingWithOptions I have this setup for getting the token to send to my server for notifications. The issue is that the delegate callback didRegisterForRemoteNotificationsWithDeviceToken gets called twice when also initializing a CKSyncEngine object. This confuses me. Is this expected behavior? Why is the delegate callback only called twice when both are called, but not at all when only using CKSyncEngine. See code and comments below. /// Calling just this triggers `didRegisterForRemoteNotificationsWithDeviceToken` once. UIApplication.shared.registerForRemoteNotifications() /// When triggering the above function plus initializing a CKSyncEngine, `didRegisterForRemoteNotificationsWithDeviceToken` gets called twice. /// This somewhat make sense, because CloudKit likely also registers for remote notifications itself, but why is the delegate not triggered when *only* initializing CKSyncEngine and removing the `registerForRemoteNotifications` call above? let syncManager = SyncManager() /// Further more, if calling `registerForRemoteNotifications` with a delay instead of directly, the delegate is only called once, as expected. For some reason, the delegate is only triggered when two entities call `registerForRemoteNotifications` at the same time? DispatchQueue.main.asyncAfter(deadline: .now() + 4) { UIApplication.shared.registerForRemoteNotifications() } func application(_ application: UIApplication, didRegisterForRemoteNotificationsWithDeviceToken deviceToken: Data) { print("didRegisterForRemoteNotificationsWithDeviceToken") }

Currently, I have implemented local cache update with server data when app is killed using Push Notification and Notification Service Extension. So it works even the app is killed by the user, but I wanted to know whether this is app review safe work around or not as I am not finding any documentation for this.

I received an email from Apple saying that I needed to replace the APNS certificate. I am inquiring because I am curious about who has the relevant authority and who actually makes the changes. Could you please provide specific guidance on this? Hello, We’re reaching out with a final reminder that the Certification Authority (CA) for Apple Push Notification service (APNs) is changing. APNs updated the server certificates in sandbox on January 21, 2025. APNs production server certificates will be updated on February 24, 2025. To continue using APNs without interruption, you’ll need to update your application’s Trust Store to include the new server certificate: SHA-2 Root: USERTrust RSA Certification Authority certificate. To ensure a smooth transition and avoid push notification delivery failures, please make sure that both old and new server certificates are included in the Trust Store before the cut-off date for each of your application servers that connect to sandbox and production. At this time, you don’t need to update the APNs SSL provider certificates issued to you by Apple. If you have any questions, please contact us. The Apple Developer Relations Team

We are currently developing a WebAPI service that uses APNs (HTTP/2) to send push notifications to iOS devices. (Using PushSharp's HTTP/2 support) The WebAPI service is running on IIS using .net framework 4.8 and c#. The connection to APNs is always maintained, and the connection is checked every 30 minutes using a dummy token Ping. KeepAlivePeriod = 30 minutes and KeepAliveRetryPeriod = 10 seconds have also been set. However, the following issues are occurring. Although the Ping sent immediately before was successful, a TimeoutException occurs in the notification request sent a few minutes later. There is no explicit disconnection notification from APNs, and the connection appears to be silently disconnected. Once a TimeoutException occurs, it occurs frequently afterwards. Below is an excerpt from the log. Apple Notification Failed for some unknown reason 1-1: One or more errors occurred. Apple Notification Failed for some unknown reason 1-2:System.TimeoutException: The operation timed out. In light of this issue, I would like to be advised on the following two points. Are there any official specifications regarding the lifecycle and expiration date of APNs HTTP/2 connections? Even if pings are sent periodically, is there a timeout or other setting that disables the connection on the APNs side? What are the conditions that would cause APNs to silently terminate a connection? For example, could this be due to inactivity, TLS restrictions, network maintenance, etc.? If you have any official documentation or technical guidelines to improve the reliability of this system, we would appreciate it if you could share them with us. Thank you in advance.

I am sending push notifications on iOS, and I can receive and display them correctly. I want to be able to dismiss notifications that have been read server-side (e.g. on a different device) so I am trying to send a custom notification payload alongside a badge counter update, that specifies what notification IDs to remove. I then use removeDeliveredNotifications on the IDs I get. However, it doesn't seem to be working. I am setting the identifier using the apns-collapse-id header and I do see that reflected on the device side. Any ideas what I might be doing wrong? This is how I'm handling push notifications: func userNotificationCenter( _ center: UNUserNotificationCenter, willPresent notification: UNNotification, withCompletionHandler completionHandler: @escaping (UNNotificationPresentationOptions) -> Void ) { let customPayload = notification.request.content.userInfo if let dismissedNotifications = customPayload["dismissed_notifications"] as? [String] { center.removeDeliveredNotifications(withIdentifiers: dismissedNotifications) } completionHandler([.banner, .sound, .badge]) } I also tried doing the same thing inside func userNotificationCenter( _ center: UNUserNotificationCenter, didReceive response: UNNotificationResponse, withCompletionHandler completionHandler: @escaping () -> Void ) Thank you!

When I turn the Ringtone and Alerts volume all the way up, I expect standard notifications to play at the loudest level the device allows. In theory, this should match the volume of a critical alert with its sound.volume set to 1.0 in payload. However, I’ve noticed that non-critical notifications still play quieter than critical alerts under these conditions. Critical alerts with volume: 1.0 sound noticeably louder than standard notifications, even though the Ringtone and Alerts slider is already set to maximum. And I couldn't find a documentation for this behavior anywhere. Is this expected behavior on iOS? And is there any way to make non-critical notifications play at the same maximum loudness as critical alerts? Thanks in advance for any clarification.

If an iOS application has a notification service extension which gets sent a push, but the user has not been prompted for notification authorization via requestAuthorization() then what is the expected behavior? Will the push get delivered to the NSE but the resulting notification not displayed? Or will the push not get delivered at all to the NSE?