I'm implementing a NEDNSProxyProvider on macOS 15.x and macOS 26.x. The flow works correctly up to the last step — returning the DNS response to the client via writeDatagrams. Environment: macOS 15.x, 26.x Xcode 26.x NEDNSProxyProvider with NEAppProxyUDPFlow What I'm doing: override func handleNewFlow(_ flow: NEAppProxyFlow) -> Bool { guard let udpFlow = flow as? NEAppProxyUDPFlow else { return false } udpFlow.readDatagrams { datagrams, endpoints, error in // 1. Read DNS request from client // 2. Forward to upstream DNS server via TCP // 3. Receive response from upstream // 4. Try to return response to client: udpFlow.writeDatagrams([responseData], sentBy: [endpoints.first!]) { error in // Always fails: "The datagram was too large" // responseData is 50-200 bytes — well within UDP limits } } return true } Investigation: I added logging to check the type of endpoints.first : // On macOS 15.0 and 26.3.1: // type(of: endpoints.first) → NWAddressEndpoint // Not NWHostEndpoint as expected On both macOS 15.4 and 26.3.1, readDatagrams returns [NWEndpoint] where each endpoint appears to be NWAddressEndpoint — a type that is not publicly documented. When I try to create NWHostEndpoint manually from hostname and port, and pass it to writeDatagrams, the error "The datagram was too large" still occurs in some cases. Questions: What is the correct endpoint type to pass to writeDatagrams on macOS 15.x, 26.x? Should we pass the exact same NWEndpoint objects returned by readDatagrams, or create new ones? NWEndpoint, NWHostEndpoint, and writeDatagrams are all deprecated in macOS 15. Is there a replacement API for NEAppProxyUDPFlow that works with nw_endpoint_t from the Network framework? Is the error "The datagram was too large" actually about the endpoint type rather than the data size? Any guidance would be appreciated. :-))

Hello, I am developing a URL traffic filtering system. I’ve set up a PIR server following this guide: https://developer.apple.com/documentation/networkextension/setting-up-a-pir-server-for-url-filtering According to this WWDC25 video, it appears that I need to use an OHTTP Gateway: https://developer.apple.com/videos/play/wwdc2025/234/ So, I developed an OHTTP Gateway and verified it using a test client. Following that, I built the app and installed it on a test iPhone based on this sample: https://developer.apple.com/documentation/networkextension/filtering-traffic-by-url However, I cannot find any settings related to the OHTTP URL within this sample. How should I proceed with the OHTTP configuration in this case? Thank you.

Since updating the OS to 26.4, the app has been crashing more often after I launch it. The devices on which this issue has been confirmed are as follows: ・iPhone SE (2nd generation) ・9th-generation iPad ・8th-generation iPad ・5th-generation iPad mini We have confirmed that the application functions properly on all devices prior to the OS update.

The M5 Pro does not connect to the Wi-Fi AP using RADIUS when NetworkExtension Activiate. The M1 and M2 Pro worked, but only the M5 Pro MacBook Pro did not work. If you deactivate NetworkExtension, it connects to the AP, and afterwards, it works even if you activate NetworkExtension.

Hi, Regarding the Brazil Digital ECA (DECA) requirements, which became effective on March 17, 2026. Following the guidance for regulated regions, we have been testing the eligibility check with the iOS 26.4 release. We previously confirmed that isEligibleForAgeFeatures was returning true for users in the Brazil region, which allowed us to verify our age-gating implementation. A few questions follow on this eligibility check: We have observed in manual testing that specific devices which returned true as recently as March 23rd are now returning false today, despite no changes to the OS build or account settings. Does this indicate a change in the server-side eligibility heuristics? Why would isEligibleForAgeFeatures stop returning true for a region where the law is now in force? Has the guidance on how to evaluate these properties for Brazil changed with the transition to the stable 26.4 release? Thank you!

I’m prototyping a personal-use system that lets an iPhone with a physically attached controller act as an input device for a Mac. End goal: Use the iPhone as the transport and sensor host Use the attached physical controller for buttons/sticks Map the iPhone gyroscope to the controller’s right stick to get gyro aim in Mac games / cloud-streamed games such as GeForce NOW that don't support the gyro. What I’m trying to understand is whether Apple supports any path for this on macOS that does NOT require restricted entitlements or paid-program-only capabilities. What I’ve already found: CoreHID virtual HID device creation appears to require com.apple.developer.hid.virtual.device HIDDriverKit / system extensions appear to require Apple-granted entitlements as well GCVirtualController does not seem to solve the problem because I need a controller-visible device that other apps can see, not just controls inside my own app So my concrete question is: Is there any supported, entitlement-free way for a personal macOS app to expose a game-controller-like input device that other apps can consume system-wide? If not, is the official answer that this class of solution necessarily requires one of: CoreHID with restricted entitlement HIDDriverKit/system extension entitlement some other Apple-approved framework or program I’m missing I’m not asking about App Store distribution. This is primarily for local/personal use during development. I’m trying to understand the supported platform boundary before investing further. Any guidance on the recommended architecture for this use case would be appreciated.

Is there a way to trigger the start of my app (just for a short time) when the iPhone is connected to CarPlay (and/or to a car via bluetooth). I could not find anything. I don´t want to apply for CarPlay as I have no intention to show something on the cars screen. Any even small tipp is welcome

In an iOS App that uses CKShare I have a many-to-many relationship that does not consistently sync between the share's N participants. The relationship is between Group and Player as group.players and player.groups. As an example, given 3 group each with 4 players (aka 4:4:4), some devices show CoreData (it is NOT a UI issue) with 4:2:3 or 3:4:4. (A deletion of CoreData from a device, forcing a full re-sync from CloudKit, seems to populate the group:player relationships consistently; but obviously that is impractical to resolving the issue). How do I avoid these sync-from-CloudKit inconsistencies? Note: AI agents generally suggest adding a CoreData 'join' entity - such as 'GroupPlayer'. Is that THE fix?

how to disable streamline purchasing, when I click turn off, it show error Streamlined purchasing cannot be turned off because your latest approved binary doesn’t include the required StoreKit APIs My app has subscribe button to click before start to use though not need to login, chatgpt had done the store kit and subscription part, do not understand why it can not turn off streamlined purchasing

After updating Xcode and SDK to 26.4, I'm now getting an concurrency error when trying to update or end live activities with the following code that built successfully before: // Get list of active activities let allActivities = Activity<ArbeitszeitWidgetAttributes>.activities // Cancel all active activities Task { for activity in allActivities { await activity.end(nil, dismissalPolicy: .immediate) } } Sending 'activity' risks causing data races. Sending main actor-isolated 'activity' to @concurrent instance method 'update' risks causing data races between @concurrent and main actor-isolated uses I'm currently using nonisolated(unsafe) let activity = activity await activity.end(nil, dismissalPolicy: .immediate) to get it to compile again. What's the best approach here?

[EDIT: Please ignore. Will delete in a second] Transaction.currentEntitlements is returning the complete history of transactions on a subscription product. I have a program with an In-App Purchase for a monthly subscription. I am testing with a local StoreKit file in Xcode. I configured the StoreKit test file to update every minute. When the program starts, I retrieve the current transactions from StoreKit to see if there is an active subscription. for await verificationResult in Transaction.currentEntitlements { guard case .verified(let transaction) = verificationResult else { continue } // update status for subscriptions This morning's testing is showing transactions for all transactions, both current and past. The current subscription renewal is sent plus all the past renewals that have expired. I thought in my previous testing that only one transaction (i.e., the latest/current) was sent per Product ID. Is this (all subscription transactions) the expected behavior, or should I file a bug report? Example debug output from Transaction.currentEntitlements loop (top transaction is the current one, but past expired ones are provided too; "DEBUG CURRENT ----" separates individual transactions): DEBUG CURRENT: getCurrentEntitlements BEGIN DEBUG CURRENT ---- DEBUG CURRENT: for product pro.monthly DEBUG CURRENT: Verified Reason: Renewal DEBUG CURRENT: Ownership: Purchased DEBUG CURRENT: Purchases: is good DEBUG CURRENT: signed date: 2026-03-26 17:37:12 +0000 DEBUG CURRENT: purchase date: 2026-03-26 17:36:24 +0000 DEBUG CURRENT: environment: Environment(rawValue: "Xcode") DEBUG CURRENT: store front: Storefront(countryCode: "USA", id: "143441", localeStorage: en_US (fixed en_US)) DEBUG CURRENT ---- DEBUG CURRENT: for product pro.monthly DEBUG CURRENT: Verified Reason: Renewal DEBUG CURRENT: Ownership: Purchased DEBUG CURRENT: Expired 2026-03-26 17:36:24 +0000 DEBUG CURRENT: signed date: 2026-03-26 17:35:25 +0000 DEBUG CURRENT: purchase date: 2026-03-26 17:35:24 +0000 DEBUG CURRENT: environment: Environment(rawValue: "Xcode") DEBUG CURRENT: store front: Storefront(countryCode: "USA", id: "143441", localeStorage: en_US (fixed en_US)) DEBUG CURRENT ---- DEBUG CURRENT: for product pro.monthly DEBUG CURRENT: Verified Reason: Renewal DEBUG CURRENT: Ownership: Purchased DEBUG CURRENT: Expired 2026-03-26 17:35:24 +0000 DEBUG CURRENT: signed date: 2026-03-26 17:34:25 +0000 DEBUG CURRENT: purchase date: 2026-03-26 17:34:24 +0000 DEBUG CURRENT: environment: Environment(rawValue: "Xcode") DEBUG CURRENT: store front: Storefront(countryCode: "USA", id: "143441", localeStorage: en_US (fixed en_US))

We are seeing an issue after updating iPads to iPadOS 26.4 where cellular service is lost until network settings are reset. Environment: Devices managed via Apple Business Manager and Microsoft Intune Carrier: Verizon Confirmed affected devices: iPad (9th generation) eSIM Behavior: After update, device shows no cellular service No prompt to re-activate or re-add the cellular plan The plan appears to still be present on the device Workaround observed: Resetting Network Settings restores service Notes: This does not appear to be a provisioning issue (no need to re-add eSIM) Behavior suggests the cellular/eSIM state may not be initializing correctly after update Toggling Cellular or Airplane mode has not yet been tested for service restoration. We have not yet confirmed whether devices using a physical SIM are affected Still gathering data on scope across additional iPad models Additional observation: We have not observed this behavior on iPhones (e.g., iPhone 16 on iOS 26.4 with LTE remains unaffected) Has anyone else observed similar behavior on iPadOS 26.4, particularly on managed devices or eSIM configurations?

After implementing the new structured concurrency API's for Network framework, we are noticing a few memory leaks in the Network framework when using API's like onViabilityUpdate and onBetterPathUpdate. Whenever a previously established connection is disconnected, the NWConnection object is never released by the Network framework when we use the 2 API's mentioned. Irrespective of what goes inside these handlers(or leave it empty), the connection object is leaking. If I comment out the handlers, there is no memory leak. Posting this here in the forum to understand if others have encountered similar issues and found a workaround? Raised a feedback assistant request with all the details and a sample app here: FB22339653

Hello, I’m facing an issue with StoreKit where no products are returned in Sandbox. Context: App: SylvoY (Bundle ID: fr.sylvoy.app) Product ID: sylvoy_sylvoy_premium_v2_monthly Type: auto-renewable subscription Build: TestFlight 1.0.16 (Build 20) Device: physical iPhone Environment: Sandbox account Setup: Paid Applications Agreement: Active Banking & Tax: Active Product status: Ready to Submit Product is linked to the current TestFlight build Issue: When fetching products using StoreKit, the returned array is empty: productsCount = 0 products = [] Expected: Product metadata (price, description) should be returned. Actual: No products are returned at all. Additional info: Product identifier is correct Tested on real device (not simulator) Installed via TestFlight Sandbox account properly configured This issue is currently blocking validation of the subscription flow before release. DTS Case-ID: 18968852 (redirected here) Any help would be appreciated.

Hello, How does macOS handle coexistence between multiple Transparent Proxy providers from different vendors if their network rules overlap and one provider modifies the traffic? Thank you in advance!

Hello, Is it possible for a Network Extension (running in its sandbox) to act as a client for an XPC service hosted by a Launch Daemon (e.g., to offload data processing)? Are there any specific sandbox restrictions or entitlement requirements for this type of XPC communication? Thank you in advance!

I have a macOS VPN app with a Network Extension (packet tunnel provider) distributed outside the App Store via Developer ID. Everything works perfectly when running from Xcode. After archiving and exporting for Developer ID distribution, the extension launches but immediately gets killed by nesessionmanager. The error: Signature check failed: code failed to satisfy specified code requirement(s) followed by: started with PID 0 status changed to disconnected, last stop reason Plugin failed What makes this interesting: the extension process does launch. AMFI approves it, taskgated-helper validates the provisioning profile and says allowing entitlement(s) due to provisioning profile, the sandbox is applied, PacketTunnelProvider is created — but then Apple's Security framework internally fails the designated requirement check and nesessionmanager kills the session. Key log sequence: taskgated-helper: Checking profile: Developer ID - MacOS WireGuardExtension taskgated-helper: allowing entitlement(s) for com.xx.xx.WireGuardNetworkExtension due to provisioning profile (isUPP: 1) WireGuardNetworkExtensionMac: AppSandbox request successful WireGuardNetworkExtensionMac: creating principle object: PacketTunnelProvider WireGuardNetworkExtensionMac: Signature check failed: code failed to satisfy specified code requirement(s) nesessionmanager: started with PID 0 error (null) nesessionmanager: status changed to disconnected, last stop reason Plugin failed Setup: macOS 15, Xcode 16 Developer ID Application certificate Manual code signing, Developer ID provisioning profiles with Network Extensions capability Extension in Contents/PlugIns/ (standard appex, not System Extension) Extension entitlement: packet-tunnel-provider-systemextension NSExtensionPointIdentifier: com.apple.networkextension.packet-tunnel codesign --verify --deep --strict PASSES on the exported app Hardened runtime enabled on all targets What I've verified: Both app and extension have matching TeamIdentifier Both are signed with the same Developer ID Application certificate The designated requirement correctly references the cert's OIDs The provisioning profiles are valid and taskgated-helper explicitly approves them No custom signature validation code exists in the extension — the "Signature check failed" comes from Apple's Security framework What I've tried (all produce the same error): Normal Xcode archive + export (Direct Distribution) Manual build + sign script (bypassing Xcode export entirely) Stripping all signatures and re-signing from scratch Different provisioning profiles (freshly generated) Comparison with official WireGuard app: I noticed the official WireGuard macOS app (which works with Developer ID) uses packet-tunnel-provider (without -systemextension suffix) in its entitlements. My app uses packet-tunnel-provider-systemextension. However, I cannot switch to the non-systemextension variant because the provisioning profiles from Apple Developer portal always include the -systemextension variants when "Network Extensions" capability is enabled, and AMFI rejects the mismatch. Questions: Is there a known issue with packet-tunnel-provider-systemextension entitlement + PlugIn-based Network Extension + Developer ID signing? Should the extension be using packet-tunnel-provider (without -systemextension) for Developer ID distribution? If so, how do I get a provisioning profile that allows it? The "Signature check failed" happens after taskgated-helper approves the profile — what additional code requirement check is the NE framework performing, and how can I satisfy it? Any guidance would be appreciated. I've exhausted all signing approaches I can think of.

We are implementing Apple Pay In-App Provisioning (EV_ECC_v2) for our EU app. The same codebase and encryption logic works successfully for our main app (different bundle ID and Adam ID), but the EU app consistently fails with HTTP 500. Environment: Entitlement: Granted (Case-ID: 18772317) Encryption scheme: EV_ECC_v2 Issue: During In-App Provisioning, the iOS app successfully obtains certificates, generates cryptographic material (encryptedCardData, activationData, ephemeralPublicKey), and POSTs to Apple's broker endpoint. The request fails at: Endpoint: POST /broker/v4/devices/{SEID}/cards Response: HTTP 500 with an HTML error page (not a JSON business error) <html> <head><title>500 Internal Server Error</title></head> <body> <center><h1>500 Internal Server Error</h1></center> <hr><center>Apple</center> </body> </html> Key observations: Our main app (different bundle ID/Adam ID) uses identical encryption code, private keys, and key alias — and works correctly in production. Manual card provisioning through Apple Wallet on the same device succeeds. The entitlement com.apple.developer.payment-pass-provisioning is confirmed present in the provisioning profile (verified via codesign). The 500 response is HTML rather than JSON, suggesting the request is rejected at the gateway level before reaching Apple Pay business logic. What we've verified: Entitlement correctly configured in provisioning profile ephemeralPublicKey is in uncompressed format (65 bytes, starts with 0x04) encryptionVersion is EV_ECC_v2 No double Base64 encoding Question: Could you please check whether Adam ID 6745866031 has been correctly added to the server-side allow list for In-App Provisioning in the production environment? Given the HTML 500 (not JSON) and that the identical code works for our other app, we suspect this may be an allow list or account configuration issue rather than a cryptography error. I will follow up with a Feedback Assistant ID including sysdiagnose logs shortly, per the steps outlined in https://developer.apple.com/forums/thread/762893

I am seeing an issue with NETransparentProxyProvider where the extension successfully transitions from sleep to wake, but stops receiving handleNewFlow(_:) calls. Only below two methods gets called, We don't apply rules in these methods: override func wake() override func sleep(completionHandler: @escaping () -> Void) This breaking complete proxy workflow as it stops intercepting traffics. We are not observing this issues always. FYI: com.apple.developer.endpoint-security.client is not present in .entitlement file. I am not sure adding this will help. Any possibilities nesessionmanager might fail to re-bind the traffic rules for this extensions? Any thing we can do to avoid this issues?

Hi everyone, I'm building an iOS app using Capacitor 6 with Swift Package Manager (SPM). I have a custom native plugin (AppleIAPPlugin) for StoreKit 2 In-App Purchases that lives in the App target (not as an SPM package). Despite compiling successfully, the JavaScript bridge throws: "AppleIAP" plugin is not implemented on ios Setup AppleIAPPlugin.swift: swift import Foundation import Capacitor import StoreKit @objc(AppleIAPPlugin) public class AppleIAPPlugin: CAPPlugin, CAPBridgedPlugin { public let identifier = "AppleIAPPlugin" public let jsName = "AppleIAP" public let pluginMethods: [CAPPluginMethod] = [ CAPPluginMethod(name: "getProducts", returnType: CAPPluginReturnPromise), CAPPluginMethod(name: "purchase", returnType: CAPPluginReturnPromise), CAPPluginMethod(name: "restorePurchases", returnType: CAPPluginReturnPromise), CAPPluginMethod(name: "getCurrentEntitlements", returnType: CAPPluginReturnPromise), CAPPluginMethod(name: "openManageSubscriptions", returnType: CAPPluginReturnPromise), ] @objc func getProducts(_ call: CAPPluginCall) { /* StoreKit 2 implementation */ } @objc func purchase(_ call: CAPPluginCall) { /* ... */ } // etc. } AppleIAPPlugin.m: objc #import <Foundation/Foundation.h> #import <Capacitor/Capacitor.h> CAP_PLUGIN(AppleIAPPlugin, "AppleIAP", CAP_PLUGIN_METHOD(getProducts, CAPPluginReturnPromise); CAP_PLUGIN_METHOD(purchase, CAPPluginReturnPromise); CAP_PLUGIN_METHOD(restorePurchases, CAPPluginReturnPromise); CAP_PLUGIN_METHOD(getCurrentEntitlements, CAPPluginReturnPromise); CAP_PLUGIN_METHOD(openManageSubscriptions, CAPPluginReturnPromise); ) MyBridgeViewController.swift (custom bridge to register the plugin): swift import UIKit import Capacitor class MyBridgeViewController: CAPBridgeViewController { override open func capacitorDidLoad() { bridge?.registerPluginType(AppleIAPPlugin.self) } } Main.storyboard points to MyBridgeViewController (module: App) instead of CAPBridgeViewController. TypeScript side: typescript import { registerPlugin } from "@capacitor/core"; export const AppleIAP = registerPlugin("AppleIAP"); What I've verified Both .swift and .m files are in the Xcode project's Compile Sources build phase nm on the compiled binary confirms OBJC_CLASS_$_AppleIAPPlugin symbol exists The build succeeds with zero errors Other SPM-based Capacitor plugins (Share, Media, NativeAudio) work fine — they have pluginMethods and jsName symbols in the binary; my custom plugin does NOT A bridging header (App-Bridging-Header.h) is configured with #import <Capacitor/Capacitor.h> What I've tried (all failed) .m file with CAP_PLUGIN macro only (no CAPBridgedPlugin in Swift) Added CAPBridgedPlugin protocol conformance to Swift class Created MyBridgeViewController subclass with registerPluginType() in capacitorDidLoad() Removed/added override public func load() method Added #import <Foundation/Foundation.h> to .m file Various bridging header configurations Multiple clean builds and derived data wipes Environment Xcode 16 Capacitor 6 (via SPM, binary xcframework) iOS 17+ deployment target Physical device testing (not simulator) Question How should a custom plugin in the App target be registered with Capacitor 6 when using SPM? The SPM-based plugins from node_modules get auto-discovered, but my custom plugin in the App target does not. Is there a step I'm missing to make registerPluginType() work, or should I structure my custom plugin as a local SPM package instead? Any guidance would be greatly appreciated.