Hello, I have implemented my virtual meeting extension and my application shows no issues in the calendar application, with a join button displayed. Everything is great!. However, with the help of EKEventEditViewController and EKEvent instances, when creating an event from the main target of the application using EventKitUI, the event will not be displayed as a virtual meeting. I have seen that other applications like Zoom have already implemented this, and I find it difficult to find relevant documentation on how to link events created by the program to virtual meetings. How do I set an event as a meeting when I want to add it to the main program? In addition, the function in the VirtualConferenceProvider.swift file of the extension program fetchVirtualConference(identifier: EKVirtualConferenceRoomTypeIdentifier, completionHandler: @escaping (EKVirtualConferenceDescriptor?, (any Error)? ）->Void) How are the parameters in this function obtained? It's impossible for every conference related link to be the same

We are developing an MDM (Mobile Device Management) solution for device management purposes, and our current implementation process is as follows: 1. Configure DEP profile to obtain profile_uuid We configured a DEP profile with the following parameters to retrieve the profile_uuid: { "allow_pairing": true, "anchor_certs": [], "auto_advance_setup": true, "await_device_configured": false, "configuration_web_url": "", "department": "test define profile", "devices": ["MNWF07QD9M"], "is_mandatory": false, "is_mdm_removable": false, "is_multi_user": false, "is_supervised": true, "language": "zh", "org_magic": "", "profile_name": "Enrollment Profile - MNWF07QD9M", "region": "cn", "skip_setup_items": [ "Accessibility", "ActionButton", "Android", "Appearance", "AppleID", "AppStore", "Biometric", "CameraButton", "DeviceToDeviceMigration", "Diagnostics", "EnableLockdownMode", "FileVault", "iCloudDiagnostics", "iCloudStorage", "iMessageAndFaceTime", "Intelligence", "Keyboard", "MessagingActivationUsingPhoneNumber", "Passcode", "Payment", "Privacy", "Restore", "RestoreCompleted", "Safety", "ScreenTime", "SIMSetup", "Siri", "SoftwareUpdate", "SpokenLanguage", "UpdateCompleted", "WatchMigration", "WebContentFiltering" ], "supervising_host_certs": [], "support_email_address": "", "support_phone_number": "", "url": "https://mdmp.com/mdm/apple/enroll?shopId=1" } We sent a POST request to the /profile endpoint with the above payload, and the response returned the profile_uuid: 605FB5C274303C19189C9B99DCD3280D. 2. Assign the profile We sent a POST request to the /profile/devices endpoint, including the aforementioned profile_uuid and the target devices list in the request body. 3. Scan the device with Apple Configurator 2 We used Apple Configurator 2 to scan and enroll the target device. Issue Encountered After the device restarts twice, it fails to retrieve the mobileconfig file from the URL: https://mdmp.com/mdm/apple/enroll. We are using Nginx as the web server and have enabled access logging, but the logs show no incoming requests from the device to the /mdm/apple/enroll endpoint at all. Could you please help identify where we might have made a mistake in this process?

We are trying to develop an app that will be responsible for managing 5000+ managed iPads through Intune MDM. The user flow is to have a device locked to a single app when a user is not logged in, but to make the device available to other apps once a user is authenticated. We already tried UIAccessibility GuidedAccess Mode and autonomous single app mode but those were not sufficient due to our need to be able to toggle this from the background. When the device may be asleep. So another way we could achieve this functionality would be to control all app access under a launching mechanism. That way we could allow one app to be visible in our MDM configuration and try to access our business app through that using deep links. If this were to work, we would have to be able to hide an app and still make it launchable from the manager. Any ideas? Thanks

Hello, I’m facing an issue while trying to add iOS devices to Apple Business Manager (ABM) using Apple Configurator during enrollment. When going through the setup process, the device fails to complete enrollment and times out. I’ve tried it multiple times. The device does appear in ABM during the process and I am able to assign it to different MDM servers but since the setup times out and fails, the device is automatically released. I have tried this with multiple iOS devices and it times out on every single one of them. Steps attempted: Factory reset and re-enrollment of the device Ensured network connectivity is stable and tested on multiple Wi-Fi networks Tried the following process using Apple Configurator on Mac (wired): Created a Wi-Fi profile in Configurator Connected the iPhone via cable and used Prepare (manual configuration) Used the “MDM server” placeholder and trusted anchors (as recommended) Linked the device to the ABM organization Skipped Setup Assistant steps Attached the Wi-Fi profile, then prepared and wiped the device Verified that the device should appear in ABM Attempted to assign the device to my MDM in ABM Despite these checks, the enrollment process times out. I’m attaching a screenshot of the error for reference. Could someone advise what might be causing this timeout or how I can further troubleshoot this? Any guidance would be greatly appreciated. Thanks in advance.

私は現在Intuneを使ったAppleIntelligenceの機能制限方法を調査しております。 AppleIntelligenceの機能のうち、以下5点を制御したく、その方法について教えてほしいです。 ・作文ツール ・Gen文字 ・写真(クリーンアップ機能等) ・さまたげ低減モード(通知の要約・優先順位機能含む) ・ChatGPTのサインイン(同期)・使用 今回ここに聞いた経緯としては、Microsoft社に本調査の確認をとったところ、 「制御後のデバイスの動作についてはAppleのペイロードを使用した制限のため、Appleに確認をとってほしい」 と伝えられたからです。 以下サイトではIntuneのAppleIntelligence機能の制御項目(MDM)が17項目ありますが、 ところどころ実動作について文章では理解ができない部分がありました。 ・https://techcommunity.microsoft.com/blog/intunecustomersuccess/microsoft-intune-support-for-apple-intelligence/4254037 AppleDeveloperサポートにも確認をとりましたが、以下サイトを紹介のみで、 特に追加の情報はありませんでした。 ・https://developer.apple.com/documentation/devicemanagement/restrictions 上記５機能を制限するためにはどの制限項目を使用すればよいでしょうか。

I'm currently testing app updates using the App:Managed declarative device management payload, and I have a question regarding app update status reporting. Presently, by subscribing to the app.managed.list status item, we can retrieve a list of managed applications along with their installation status. Additionally, we enable automatic updates for managed App Store apps using the UpdateBehavior.AutomaticAppUpdates key. However, especially when a critical application update is initiated, we frequently find ourselves needing more detailed information about the update process. For instance, having status items similar to softwareupdate.install-state and softwareupdate.failure-reason would be incredibly helpful for user troubleshooting. My question is: Is there a way to obtain a similar level of detailed, real-time status updates for app updates? Any insights you might have, or existing methods to achieve this, would be greatly appreciated. Thank you.

Hi everyone, I’m sharing this because I’ve been stuck with this issue for over two weeks, and I still haven’t found a solution — or received a meaningful response from Apple Support. A yellow banner has appeared on my account saying: “The Apple Developer Program License Agreement has been updated and needs to be reviewed.” But here’s the problem: I’ve already accepted the latest agreement long ago. When I log into both: App Store Connect Developer Portal …there’s no new agreement to accept, no prompt, no button — absolutely nothing new. The yellow banner simply refuses to go away, and it's preventing updates. I’ve already: Cleared cache & cookies Tried Safari, Chrome, Firefox Logged in from different devices/networks Verified that I am the Account Holder Reported the issue via Apple Developer Support (more than a week ago) Despite clearly stating the urgency of the matter, I’ve received no fix and no timeline. This is beginning to feel like developers’ time — especially for those who depend on timely releases — isn’t being taken seriously. So I’m writing here to ask: 🔹 Has anyone else encountered this same issue recently? 🔹 Is there any known workaround or fix? I’d appreciate any help or shared experience. Thank you.

Hello, I would like to ask a question regarding documentation related to app sales. Currently, I’m researching the sales process for an app and realized that I lack sufficient understanding when it comes to creating official documents such as estimates, invoices, and receipts — especially when dealing with corporate clients. In our company’s case, we can issue documents based on the net revenue (after platform fees are deducted). However, when issuing these documents to a client, would it be more appropriate to include a breakdown showing both the platform fee and the app usage fee? I would greatly appreciate any insights or examples of how others have handled similar situations. Thank you in advance.

I'm writing to point out a potential structural error in an example of the DeclarativeManagement command. This could cause significant confusion for developers implementing the MDM protocol. The standard structure for a server-to-device MDM command requires CommandUUID and the Command dictionary to be siblings under the top-level dictionary. The CommandUUID serves as a top-level identifier for the entire command envelope. This is the correct, expected structure: <?xml version="1.0" encoding="UTF-8"?> <!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd"> <plist version="1.0"> <dict> <key>Command</key> <dict> <key>Command</key> <dict> <key>RequestType</key> <string>DeclarativeManagement</string> </dict> </dict> <key>CommandUUID</key> <string>0001_DeclarativeManagement</string> </dict> </plist> This is an example of the incorrect structure I've seen: <?xml version="1.0" encoding="UTF-8"?> <!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd"> <plist version="1.0"> <dict> <key>Command</key> <dict> <key>CommandUUID</key> <string>0001_DeclarativeManagement</string> <key>Command</key> <dict> <key>RequestType</key> <string>DeclarativeManagement</string> </dict> </dict> </dict> </plist>

I'm are attempting to use the device management migration feature in Apple Business Manager / Apple School Manager (for devices running iOS 26 / iPadOS 26) to re-assign managed devices from one MDM server to another. We followed the published procedure (select device(s) → Assign Device Management → Set deadline → Continue). However, we are observing that on the device side, no notification or prompt appears to the user (such as “Enrollment Required” or “Your organization requires this device to enroll in a different device management service”), even after the migration deadline has passed. Here are the environment details: Device OS version: (iOS 26.1) Device ownership: enrolled via Automated Device Enrollment MDM re-assignment in ABM: old MDM server（name: https://dev5.clomo.com/panel/mackey-dev/ ） → new MDM server (name: https://obliging-bunny-equally.ngrok-free.app/ ) Deadline set: (12/10/2025 12:00 AM) Network connectivity: confirmed online at deadline time We would like to know: Under what exact conditions will the device display the notification/prompt, and what common mis-configurations prevent it from appearing? Is there any device log or activity indicator in ABM/ASM to confirm that the migration instruction has been sent to the device? In cases where the prompt does not appear, what troubleshooting steps can we perform on the device (or in the MDM/ABM configuration) to correct it?

The result Plist for the InstalledApplicationList MDM command is reporting duplicate Application identifiers. Sometimes with different version, other times with the same version. The device is MacOS 15.5, Enrolled via ABM (Supervised). Here are a couple samples from the returned list. Duplicate app: <key>BundleSize</key> <integer>398051</integer> <key>Identifier</key> <string>com.adobe.Acrobat.NativeMessagingHost</string> <key>Installing</key> <false/> <key>Name</key> <string>NativeMessagingHost</string> <key>ShortVersion</key> <string>5.0</string> <key>Version</key> <string>5.0</string> </dict> <dict> <key>BundleSize</key> <integer>398051</integer> <key>Identifier</key> <string>com.adobe.Acrobat.NativeMessagingHost</string> <key>Installing</key> <false/> <key>Name</key> <string>NativeMessagingHost</string> <key>ShortVersion</key> <string>5.0</string> <key>Version</key> <string>5.0</string> </dict> Different Version: <key>BundleSize</key> <integer>4197200</integer> <key>Identifier</key> <string>com.adobe.adobe_licutil</string> <key>Installing</key> <false/> <key>Name</key> <string>adobe_licutil</string> <key>ShortVersion</key> <string>11.0.0.39</string> <key>Version</key> <string>11.0.0.39</string> </dict> <dict> <key>BundleSize</key> <integer>4443177</integer> <key>Identifier</key> <string>com.adobe.AcroLicApp</string> <key>Installing</key> <false/> <key>Name</key> <string>AcroLicApp</string> <key>ShortVersion</key> <string>25.001.20432</string> <key>Version</key> <string>25.001.20432</string> </dict> <dict> <key>BundleSize</key> <integer>7380980</integer> <key>Identifier</key> <string>com.adobe.adobe_licutil</string> <key>Installing</key> <false/> <key>Name</key> <string>adobe_licutil</string> <key>ShortVersion</key> <string>10.0.0.274</string> <key>Version</key> <string>10.0.0.274</string> </dict>

I originally posted here & was referred to post in developer forumsn. https://discussions.apple.com/thread/256036430?login=true&sortBy=rank&answerId=261319559022 There has to be someone else out here that's gone through this. I've tried everything I can think of, forums, reddit, Microsoft documentation.... just can't find any clear cut method of doing this. I'm working on an InTune Mobile App Protection Policy. I know there are going to be some VPs out there asking why they can't use native iOS Apps, especially Apple Calendar, Contacts & Mail. I have not been able to get anywhere, I always end up with this error. Things I've tried: Allow sync of native apps with work account Putting in app exemptions (But I don't truly know if I know if I have the right values for this and there's no simple way of getting it from what I've seen. Having to download app to PC, finding config files, finding specific values.... that people say are hit or miss). Allow data transfer of ALL Apps What am I missing here? I'm pretty much giving up and just going to say sorry, you can't use Native apps.. Period! Anyone have any experience with this, especially for Mail, Calendar & Contacts? Thank you for anyone that can offer advice on this.

Can I upload custom app onto the ABM? if yes then how can we install it into the user's devices?

We are expering frequent delays recently when associating a device serial with the adamid of an app in our business manager account. I get an event id back when calling the /associate api but when i check the status of that event id is can be sat in a pending state for sometimes several hours. Need to understand why and if its a configuration issue

I've account access level of developer. I want to create app specific password but go through the account but could not get any option to do so. Can somebody help me on this. Thanks in advance.

Hi, We developed a Platform SSO extension for our IdP, Keycloak. It would be great to get some feedback on it: https://francisaugusto.com/2025/Platform_single_sign_on_diy/

It seems like there are some "mixed messages" out there about what should be in OID 1.2.840.113635.100.8.11.1 in the attestation cert. Is it just a SHA256 hash of the nonce issued by the ACME server? The MDM profile yaml says: "In the attestation certificate the value of the freshness code OID matches the nonce specified by the ACME server via the ACME protocol." I'm hoping the difficulty we're seeing is down to the certificate being created once (and not again for 7 days). Otherwise, we're not decoding/understanding the OID's contents properly. Thanks.

Hello, We have an internal enterprise app. After the provisioning profile (certificate) expired, some employees' iPhones still retained the old certificate when updating the app, causing the app to fail to open. We’ve tried restarting and reinstalling the app, but the issue persists. Having each employee manually reset network or device settings would be too operationally costly. Since this involves a large number of devices, we cannot use Apple Configurator to remove and reinstall certificates one by one. Therefore, we’d like to ask if there is a more efficient, batch-oriented solution to quickly resolve the certificate residue issue. We’d appreciate any suggestions for large-scale deployment methods. Thank you very much!

Steps to Reproduce Step 1: Fetch Initial Device List Called the device list endpoint to retrieve all devices and saved the cursor: GET https://mdmenrollment.apple.com/server/devices Step 2: Modify Devices Added and deleted several devices via https://business.apple.com/ Step 3: Sync Without Pagination Called the sync endpoint using the cursor from Step 1 (no limit): GET https://mdmenrollment.apple.com/devices/sync?cursor={step1_cursor} Result: Returned 3 device records as expected: { "devices": [ { "serial_number": "F70JJ4C16L", "op_type": "added", "op_date": "2025-12-11T07:05:05Z" }, { "serial_number": "F70JJ4C16L", "op_type": "deleted", "op_date": "2025-12-11T07:04:36Z" }, { "serial_number": "C8RWGXZXJWF5", "op_type": "deleted", "op_date": "2025-12-11T07:04:52Z" } ], "more_to_follow": false } Step 4: Sync With Pagination (First Page) Called the sync endpoint using the same cursor from Step 1 with limit=1: GET https://mdmenrollment.apple.com/devices/sync?cursor={step1_cursor}&limit=1 Result: Returned 1 record with more_to_follow: true — indicating more data exists: { "devices": [ { "serial_number": "F70JJ4C16L", "op_type": "added", "op_date": "2025-12-11T07:05:05Z" } ], "more_to_follow": true, "cursor": "MTowOjE3NjU0MzgyNDI5ODc6..." } Step 5: Sync With Pagination (Second Page) Called the sync endpoint using the cursor from Step 4 with limit=1: { "devices": [], "more_to_follow": false } Expected Behavior When paginating with limit=1, the API should return all 3 records across 3 sequential requests. Actual Behavior Without pagination: Returns 3 records ✓ With pagination (limit=1): Returns only 1 record, then empty array ✗ 2 records are missing when using pagination. Impact This inconsistency makes the sync API unreliable for incremental device synchronization workflows.

Last year I used the iOS Distribution Managed Certificate (Enterprise Program) to sign an App and to distribute it internally. The Cert is still valid until May 2026. But its associated Provisiong Profile (which is not visible in the Apple Portal, but within Xcode when you export your archive) expired last week. Until then it was impossible for me to somehow force renew the profile and that lead to the fact that my app was not usable for a day, because the renewal was done after the expiration of the old one. Whats the whole point of the managed signing if can't influence the provisioning update. To be clear: I don't speak about the certificate - just about the profile. Or am I using it wrong?