Hi Team We are building a live activity feature for our app. While using the APNS broadcast API (https://api.push.apple.com:443/4/broadcasts/apps/), we are getting throttled. The updates are infrequent (sport games) and yet we are facing this issue. Our understanding was that the throughput is quite high but there is no documentation on the actual limitations. Furthermore, all of our updates are using a priority of 5. We have currently configured retry with exponential backoff and jitter but we would like to understand the APNS throttle limit for live activity broadcast. Is the limit per channel id or at API level? What is the hard limit for the API request per seconds? Can we request increase to the API rate limit?

We are writing to report a recurring stability issue with the Apple Pay sandbox environment. We are using the official sandbox test cards provided on the Apple Developer website for our testing: https://developer.apple.com/apple-pay/sandbox-testing/ We are experiencing frequent, intermittent failures when attempting to add these sandbox cards to the Wallet for testing purposes. The issue typically occurs a couple of times per day. When the failure occurs, the card provisioning process fails unexpectedly. The issue is not limited to a single card; we have observed this behavior across all available card networks. In some instances, all cards (Visa, Mastercard, Discover, Amex) fail to provision simultaneously. At other times, the issue appears to be isolated to specific networks while others work correctly. Crucially, the issue appears to be temporary. After some time passes (ranging from minutes to an hour), we are able to add the exact same card successfully without making any changes to our test environment or configuration. We have diligently checked our setup to rule out configuration errors on our end. This includes verifying: The device is set to a supported region. We are signed in with a valid sandbox tester Apple ID. All other prerequisites for sandbox testing are met. The fact that the process works correctly at other times strongly suggests that this is a server-side stability issue within the Apple Pay sandbox environment rather than a persistent misconfiguration on our part. To help with your investigation, we have attached an image that demonstrates a failed attempt to add a card. Could you please investigate the stability of the sandbox card provisioning service? Please let us know if this is a known issue or if there is any further information we can provide. Thank you for your time and assistance.

For Apple Pay testing, I have tried the following: Sign into the Sandbox Account via Developer Settings: Settings > Developer > Sandbox Account Keep your main Apple ID for everything else Add Test Cards to Wallet: Try adding the test card numbers (MasterCard and Visa Debit, as we support only those) Apple provides in their documentation. Unfortunately, none of them are added to the wallet. All the time it gives 'Could Not Add Card'. I tried on devices with iOS 18+. Can anyone advise on this? Thanks

we are currently using the requestAutomaticPassPresentationSuppression API in my app. to prevent the Wallet interface from appearing when an NFC/RF reader is detected during active app usage. Recently, a new transit card supporting Express Mode (T-money Transit Card) was released in Korea, and we are seeing an increasing number of users enabling Express Mode. However, this has introduced an issue where users are unable to use the BLE-based functionality we provide via our widget. Specifically, when the user taps our widget, it triggers a BLE signal broadcast for approximately 10 seconds. In this scenario, when the user brings their iPhone close to our reader, Express Mode is activated before the BLE interaction can be established. This prevents the BLE signal from being successfully received and processed. We would like to ask: Is it possible to suppress Express Mode behavior (similar to requestAutomaticPassPresentationSuppression) even when the app is launched via a widget interaction? Alternatively, is there any way to delay or defer Express Mode activation temporarily when launching from a widget or during BLE communication? We would appreciate any guidance or best practices you can share regarding this scenario. Thank you.

Hello, We are experiencing an issue with Apple Pay integration in our application. We are using WKWebView to handle various payment methods, but we are unable to complete payments via Apple Pay. Upon debugging the WKWebView, we received the following error message: "400 No required SSL certificate was sent" when attempting to process the payment. Currently, we are using a Let's Encrypt SSL certificate. Could you please confirm whether this certificate is suitable for Apple Pay, or if we should be using a different SSL certificate?

Hello, I have recently started exploring the Apple Wallet extension and have a couple of questions I was hoping you could help clarify: Is there any form of communication between the UI extension and the non-UI extension? From my understanding, the UI extension handles the authorization and simply indicates whether the app approves it or not, without passing additional data. However, the non-UI extension is expected to make calls to the issuer app’s backend, which typically require a token obtained through prior authentication services and may even involve an OTP. Is there a recommended way to share this information between extensions within the Apple Wallet Extension framework, or is using App Groups the only option? Additionally, during the provisioning process, is there any possibility of re-invoking the UI extension if further validation is required? Furthermore, according to the documentation, testing is carried out via TestFlight and in production. Is there any way to test these extensions on a physical device directly from Xcode for debugging purposes, or is TestFlight the only available method? Thank you very much in advance for your time and assistance.

This is a StoreKit / ExternalPurchaseCustomLink clarification. Apple DTS asked me to post the follow-up question here. We are designing an SDK for apps that support EU external purchase. In EU storefronts, the app will use ExternalPurchaseCustomLink only: No App Store In-App Purchase will be offered to users. No Product.purchase() will be called. No SKPaymentQueue.add(_:) will be called. The actual purchase will happen only on our external website through the ExternalPurchaseCustomLink flow. Question: In this EU ExternalPurchaseCustomLink-only setup, is it acceptable and supported to call Product.products(for:) / SKProductsRequest only to fetch product display metadata from App Store Connect? The metadata would only be used to display the product list UI, for example: product title / display name localized price currency / priceLocale formatting information The returned Product / SKProduct would not be used to start an App Store purchase. Or should apps avoid Product.products(for:) / SKProductsRequest entirely in EU storefronts where only ExternalPurchaseCustomLink is offered, and use their own product catalog instead?

Since weeks I am waiting for my enrollment. I Receive E-Mails telling me "To complete your enrollment, please agree to the terms of the Apple Developer Program License Agreement . " When I click that Link (https://developer.apple.com/enroll/status/) there is not button, checkbox or link to agree to the terms. I do have an Enrollment ID: ZW------- which is written there Has anybody an idea where I should go to do that? HELP, my time is running out

We operate a captive portal WIFI network in a walled-garden setup. There is no public internet access on this network. Users connect to our SSID and can only reach a local resource. On Android, our captive portal can show a button that launches the devices default browser and navigates to our portal page. We cannot reproduce this on iOS: we can place the button inside the CNA tear sheet but tapping it does not open Safari, the redirect simply does not happen. I found this older thread describing the same need: https://developer.apple.com/forums/thread/75498 From that thread, it seems the behavior changed several times. It reportedly worked around iOS 11.2 then broke again in later releases. My questions: On current iOS, is it possible to open Safarı or the default browser programmatically from within the CNA? For example, via a link or button after authentication? If yes, what is the supported way? If it is not supported, is that intentional? Is there any official documentation describing CNA limitations and the recommended pattern? For a walled-garden network with no public Internet, what is Apple's recommended approach to move the user from the CNA into a full browser session?

Problem Description We are encountering a pushToken retrieval failure when creating Live Activities using the ActivityKit framework in our iOS application. Problem Symptoms Failure Rate: Approximately 40% of Live Activities created in production fail to obtain a pushToken Behavior: The Activity is created successfully, but activity.pushToken and the activity.pushTokenUpdates stream remain empty / return nothing Impact: Unable to update Live Activities via APNS Offline Issue Environment iOS Version: iOS 26.5 Device: Physical iPhone device Deployment Environment: Production environment, release build Code Sample Task { // Executed after Live Activity creation for await activity in Activity<T>.activityUpdates { ... if let activityTokenData = activity.pushToken { // Report token to APNS service reportTokenToAPNS(tokenString) } // Start async monitoring self.registerPushTokenUpdates(...) Log("actObserver: Live Activity registered successfully") } } // Async monitoring private func registerPushTokenUpdates<T: SAKActivityAttributes>(...) { Task { self.pushTokenObserveRecords.safe{ $0.append(activity.id) } Log("Monitoring pushToken updates for Live Activity <\(activity.id)>") for await data in activity.pushTokenUpdates { let pushToken = pushTokenString(with: data) // Report token to APNS service reportTokenToAPNS(pushToken) } } } System Log Evidence System logs, log and log

Hi I was wondering under what circumstances does @Query call body. Does it call it when the result set changes? E.g. object added/removed/moved. Does it also call when the result set is the same but a property of a model changed? I'd prefer 1, since models are @Observable my Views can handle tracking if they need to update when a property of a model changes. But I am concerned it is 2 which would cause unnecessary calls to body? E.g. a ForEach would needlessly be reinit since the model array is exactly the same. So which is it? By the way it would be useful if the docs could be updated with this important info. Thanks

One thing I wanted to confirm, suppose i submit one request to onboard OHTTP relay for one organisation app and it gets approved, so can I re submit the request with different bundle ID for other organisation and same PIR server, same OHTTP server ? Or do we need different domain name ?

I built an advanced app clip experience, associated it to a location, and its MATCHED. The status is marked (green) RECEIVED. However, I am unable to see the invocation on Maps. I don't see the buttons such as SUPPORT/ORDER shown for that place. The docs does not explain why. What is the exact requirement for us to surface buttons for POI? We are authorized by the businesses to add these for them. I'd love to hear in detail the exact process to add buttons for POI - how Uber Eats and Door Dash does it for restaurants and how their app clips get shown. Thank you.

Hello, I'm developing a gambling blocker app that uses NEFilterDataProvider. My app was approved on the App Store, but the core feature doesn't work for end users. I have the content-filter-provider entitlement. Issue 1 — saveToPreferences() fails in distribution builds In dev builds (Xcode direct install), NEFilterManager.saveToPreferences() works fine — iOS shows a permission dialog and the filter is registered. In distribution builds (TestFlight/App Store), it fails immediately: NEFilterErrorDomain code 5 — Operation not permitted Console log from nehelper: "Creating a content filter configuration is only allowed through profile in production version" Issue 2 — .mobileconfig profile requires MDM Following the Console hint, I tried a .mobileconfig profile with com.apple.webcontent-filter payload (ContentFilterUUID, FilterType: Plugin, PluginBundleID). On an unsupervised consumer iPhone (iOS 18.5), installation fails: Profile Installation Failed — MDM required Question: What is the correct mechanism to activate a NEFilterDataProvider on a consumer (non-MDM) iPhone in a distribution build? Is there a specific entitlement or approval process I'm missing? (DTS Case-ID: 20087732)

To perform the integration, it must be done under the same domain that has been validated. Is it not possible to do it in a local environment? Could that be the reason why I can't display the button or complete the validation with the API?

Hi, I’ve been trying to integrate Apple Pay, but for some reason, the payment button is not showing up. The project is built with Laravel 11 and Vue. I imported the script as follows: <script crossorigin crossorigin src="https://applepay.cdn-apple.com/jsapi/1.latest/apple-pay-sdk.js" ></script> Then I added the following the steps: <style> apple-pay-button {{ --apple-pay-button-width: --apple-pay-button-width: 150px;; --apple-pay-button-height: --apple-pay-button-height: 30px;; --apple-pay-button-border-radius: --apple-pay-button-border-radius: 3px;; --apple-pay-button-padding: --apple-pay-button-padding: 0px 0px;; --apple-pay-button-box-sizing: border-box; } </style> <apple-pay-button buttonstyle="black" type="plain" locale="en-US"></apple-pay-button> I followed all the steps from the official Apple Pay demo: https://applepaydemo.apple.com/ I also configured the Content Security Policy (CSP) to allow all necessary resources. However, when I test my integration, the button doesn’t appear. I’ve checked the console, but there are no errors. At the same time, I have my certificate imported into the Keychain, and I’ve completed the entire process of creating both the certificate and the private key. However, when I try to validate the session using the certificate and key with Apple’s API, I get an error: 400 The SSL certificate error https://apple-pay-gateway-cert.apple.com/paymentservices/

In the docs, I see a button type with label "Pay With [apple logo]. https://developer.apple.com/design/human-interface-guidelines/apple-pay Although I don't see this type as an option here: https://developer.apple.com/documentation/PassKit/PKPaymentButtonType Wondering if I'm looking in the right place and if this button type is still available?

We are developing a native iOS financial application called Tradu: Stocks, Forex, and CFDs (Apple ID: 6473443264), which embeds a WKWebView to render all user-facing logic. All user interactions—including authentication with MFA—occur inside this WKWebView. To access native functionality, we use postMessage() to communicate between the web and native layers. This approach has worked successfully for biometric authentication, for example. We are currently integrating Apple Pay In-App Provisioning and have a few questions regarding compliance with the documentation provided by our Issuer Host (Modulr). In the document titled Getting Started with Apple Pay: In-App Provisioning, Verification, Security, and Wallet Extensions (Version 4.0, February 2023), all examples are based on a fully native application. We’ve managed to integrate most of the In-App Provisioning flow via postMessage() up to the point of passing encryptedData to the Payment View. Apple Pay button inside WKWebView In Section 7: Frontend Overview, the user initiates the provisioning by tapping a native PKPaymentButton (SwiftUI example). In our case, this button is rendered inside the WKWebView, styled according to the Apple Style Guide. While the document references this approach as a “raw mark text supplement,” is this method acceptable and compliant with Apple’s UX and technical guidelines? MFA requirement before provisioning In Section 4: Security Guidelines, it is stated that the user must have passed MFA at least once before starting the provisioning flow. In our implementation, users must complete MFA on every login (including on recognized devices) before the provisioning UI becomes available. Even though this is not tied specifically to “unrecognized devices,” is our MFA requirement sufficient to satisfy Section 4.2? Summary: Is using a web-rendered Apple Pay button inside WKWebView (instead of a native PKPaymentButton) considered compliant? Is our MFA enforcement model (required on every login) aligned with the security requirements outlined in Section 4.2 of the Apple Pay In-App Provisioning documentation?

Hi, I am the developer of this app and I was shared this receipt which strangely does not list my name as the merchant but instead says "The flow network" as you can see below: What is going on?

We plan to set Manual PAN Entry Allowed = N and accept only issuer push provisioning (PKAddPaymentPass). Is there any Apple Pay programme rule that obliges us to keep MANUAL_ENTRY enabled? Will disabling it affect “Participating Issuer” listing?