Family activity picker looses icon and incudes parent apps after 20 seconds...and you never see the kids icons again until you reboot. Any ideas? family controls authorized on both apps Share across devices activated Web & activity activated. Before... ...and after 22 seconds.

Can someone confirm this is supposed to be happening after all these years. I have noticed that now when I delete the messages from my Apple Watch (IOS11) they are now deleting from my phone (IOS18). I was glad I noticed and was able to recover them but I almost lost some impoRyan messages. I did do a test and confirm this is true. But the question is, is this supposed to be happening and if so is there a way to disable only this sync? I like to try and keep the messages icon on the watch clean since when I read the messag on my phone it does sync read on the watch and leaves the unread number on the icon.

Hi, I run a midsize business. Apple recommends for company owned devices and for other reasons to use Apple Business managed Apple IDs for the employees. After that, you have to use a MDM System for e.g. deploying apps and licenses. Testflight is an app that can be deployed too. But....Testflight can not more than to say "Hello" on a managed device. The use of Testflight and to test our developed apps is not possible with a managed ID. Can anyone explain to me this thinking or what is recommended than. Setting up a private Apple ID for that purpose...which on the other hand, Apple do not want or does not recommend.

Hi everyone, I'm working on a Swift application and trying to determine whether an application has exceeded its limit based on an ApplicationToken. I have the following function to check if the current app's token matches any of the tokens stored when the app limit is reached: private func isAppLimitExceeded(for application: Application?) -> Bool { guard let application = application, let appToken = application.token else { return false } let exceededTokens = configManager.getAppLimitExceededTokens() return exceededTokens.contains { exceededToken in appToken == exceededToken } } The function configManager.getAppLimitExceededTokens() returns a list of [ApplicationToken] that were saved in UserDefaults when an app limit is reached. The goal is to use the isAppLimitExceeded method to verify if the current shield for the app is triggered due to a limit/threshold being exceeded. This function is part of a class that conforms to the ShieldConfigurationDataSource protocol: class ShieldConfigurationExtension: ShieldConfigurationDataSource { // ... } My concern is whether comparing two ApplicationToken instances using == is a reliable method for determining if they are equal. Are ApplicationToken objects guaranteed to be comparable with == out of the box, or do I need to implement Equatable or another method of comparison? Could there be issues with tokens stored in UserDefaults not matching due to reference or serialization differences? Any guidance on how to ensure proper comparison of these tokens would be appreciated! Thanks!

I want to create an app to control a child's device. As I understand it, I need to follow this logic: I have one app for both the child and the parent. For the child, I request authorization with the following code: try await AuthorizationCenter.shared.requestAuthorization(for: .child) For the parent, I show functions like: familyActivityPicker Are these settings automatically applied to the child's device, or do I need to send a silent push notification to apply the new settings? Additionally, how can I get statistics from the child's device to the parent's device?

I am working on a screen time app that helps individuals shield distracting apps and web content. Assuming one is granted the Family Controls entitlement and a user accepts the Family Controls authorization request, can you call the ManagedSettings framework from your main app? Is this framework only allowed to be used within the context of a Device Activity Monitor Extension? I'm unsure if this type of usage will result in an instant rejection from App Review?

Hello! I've been doing a lot of work with ApplicationTokens, but there is very little documentation. While Apple gives you the FamilyAcitvitiesPicker to get tokens of apps on an iPhone, I need to get the tokens of apps that aren't on the phone. Example: Someone can select Instagram even though they don't have it downloaded. Then the application token will get sent to a server. Then a different person who does have Instagram on their phone will receive the token and it will do something with that application. Because FamilyActivitiesPicker can only select apps on the iPhone that it is running on, FamilyActivitiesPicker is useless to me, leading to my problem: Creating an ApplicationToken without FamilyActivitiesPicker This documentation says that I can create an Application (and thus an ApplicationToken) from the bundle identifier init(bundleIdentifier: String) Creates an object that represents the app with the specified bundle identifier. However, when I try to use this to get instagrams(or any apps) token, it returns nil every time! So, finally, my questions: How do I correctly use this initializer to create an ApplicationToken? Or, if this won't work for my purposes Are the ApplicationTokens created by FamilyActivitiesPicker the same across all devices no matter what?

I've been working a lot with the FamilyControls API and App Shield recently but have encountered a problem with no documentation. I used the FamilyActivitySelection to select the app store to shield(This is just for testing), and then printed out the application token: 1wfY¸êB ò S« öi #×(É?âðw ù/jQ ¿ J ïE¢? ·¿ º<Òd?ý r7¥Ãn N átJ¹ÿ85B_{VAF fC8. ,,¸¯3 T7F ±õü; ¹?v@¯ô Ä \-õ# Ò I know the application token is a Codable object so I was wondering, How do I create an application token using the Token<Application> initializer init(from: any Decoder) throws Creates a new instance by decoding from the given decoder. Using the above data? Do I have to encode first in order to decode it? For reference, the code I tried to use is: newValue.applicationTokens.encode(to: JSONEncoder) if let encoded = try? JSONEncoder().encode(newValue.applicationTokens) { data = encoded print(String(data: data, encoding: .utf8)!) } if let app = try? JSONDecoder().decode(Token<Application>.self, from: data) { let token = Application(token: app) print(token) } else { print("didn't work") } But it prints didn't work every time. What should I do differently?

Hi there, In short, I'm trying to use CoreData in my ShieldConfigurationDataSource extension. Trying to fetch from core data at all seems to cause the shield to render it's default look. I already added the extension to an app group + configured my persistence store to use the app group. Below is my code, any help is appreciated: // Shield extension override func configuration(shielding application: Application) -> ShieldConfiguration { do { let appSelectionId = "***" let blockedItemReq = ... blockedItemReq.predicate = ... let moc = PersistenceController.shared.container.viewContext // Commenting this and the bottom out makes it work, but I need the data! let blockedItemRes = try moc.fetch(blockedItemReq) let shieldTitle = ShieldConfiguration.Label(text: "Hello there", color: .red) return ShieldConfiguration(backgroundColor: .black, title: shieldTitle) } catch { let shieldTitle = ShieldConfiguration.Label(text: "ERROR \(error.localizedDescription)", color: .white) return ShieldConfiguration(backgroundColor: .black, title: shieldTitle) } } // Persistence Controller init(inMemory: Bool = false) { container = NSPersistentContainer(name: "AppBlockerOne") if inMemory { container.persistentStoreDescriptions.first!.url = URL(fileURLWithPath: "/dev/null") } else { let containerURL = FileManager.default.containerURL(forSecurityApplicationGroupIdentifier: "group.appblockerone")! let storeURL = containerURL.appendingPathComponent("AppBlockerOne.sqlite") let description = NSPersistentStoreDescription(url: storeURL) container.persistentStoreDescriptions = [description] } container.loadPersistentStores(completionHandler: { (storeDescription, error) in if let error = error as NSError? { fatalError("Unresolved error \(error), \(error.userInfo)") } }) container.viewContext.automaticallyMergesChangesFromParent = true }

My app correctly applies the ShieldConfiguration template that I chose (icon, text, CTA, etc), but some users reported seeing the following default shield: With the default shield text that reads, "You cannot use AppName because it is restricted." Any idea why?

Hi everyone, I’m encountering an issue with shield.applicationCategories = .all(except: applications.applicationTokens) when trying to shield all apps except a specified few. Despite using this configuration, all apps are getting shielded, including those that should be exempt. I’ve verified that the correct applicationTokens are being used and ensured that there are no conflicting schedules that might override this configuration. Interestingly, the ShieldConfiguration appears for the apps that are supposed to be blocked, but not for the ones in the exception list. Has anyone else experienced this issue, or does anyone have insights into what might be causing this behavior? Thanks in advance!

Hey everyone, I'm working on implementing an AppLimit, where after accumulating x minutes of Screen Time for an app, it should be blocked. It works fine on the first day, but stops functioning correctly on subsequent days. What I'm Doing I start a 24/7 schedule with a DeviceActivityEvent that has a specified Screen Time threshold. In my DeviceActivityMonitor, I'm reacting to the eventDidReachThreshold. Once the accumulated time is reached, the app is blocked. This works as expected on the first day. Issues I'm Experiencing / Questions Second Day Issue: On the second day, the app is no longer blocked after the Screen Time threshold is reached, even though it worked on the first day. This leads me to suspect that a DeviceActivityEvent is "consumable". Is this correct? Pre-existing Screen Time Issue: If a user has already surpassed the Screen Time threshold before monitoring starts, the app isn't blocked once the schedule is set up. This leads to 2 issues: I would expect that the accumulated amount of time after starting the schedule would result in the call of eventDidReachThreshold. But it is never called It could also be the case that the previously accumulated time is being kept in mind, but that would mean the apps should be blocked, which isn't the case. Does the threshold account for accumulated Screen Time before the schedule begins? I haven't tested setting a limit of 10 minutes, accumulating 3 minutes of Screen Time, then starting the schedule and accumulating the remaining time, but I'm curious if anyone has encountered this behavior. Does anyone have an explanation for this behavior? Any help would be greatly appreciated!

Hello Apple Developer Community, We have developed two totally separate apps for parental control: one for parents (xyz/parent.com) and one for children (abc/child.com). These are not two sides of the same app, but rather distinct applications. Recently, we integrated these two apps and encountered a few challenges and questions that we hope the community can help with. Family Picker Behavior: We noticed that only the parent app on the current device is displayed in the Family Activity Picker. Is this the intended behavior? Our expectation was that the Family Activity Picker would show both the parent and child apps available on the device. Is there a way to ensure that both types of apps are listed? Filtering Apps in Family Picker: Is it possible to filter the apps displayed in the Family Activity Picker to show only the child’s app and exclude the parent app? Our goal is to streamline the selection process for users by removing irrelevant apps from the picker. If direct filtering is not possible, are there any recommended workarounds or best practices to achieve a similar result? Screen Time Permission Requirements: We’ve successfully implemented screen time permissions using the Authorization Center for the child app. However, do we also need to request screen time permissions from within the parent app? If so, are there any specific guidelines or best practices for managing screen time permissions across two interconnected apps? Triggering Child Managed Settings from Multiple Apps: Is it feasible to trigger managed settings (e.g., enabling restrictions) for the child app from both the parent and child apps? We want to ensure consistent enforcement of settings regardless of which app initiates the change. Are there any limitations or conflicts we should be aware of when managing settings from two different apps? We appreciate any guidance or insights you can provide on these issues. We’ve referred to the Family Controls and Screen Time documentation, but we're seeking more specific advice related to the integration of two separate apps in this context. Thank you in advance for your help!

We have encountered an issue while developing our own Apple MDM solution. The issue occurs in the activation lock scenario. We have implemented the activation and deactivation of the activation lock feature in accordance with the following documentation. 1:https://developer.apple.com/documentation/devicemanagement/activation_lock_a_device 2:https://developer.apple.com/documentation/devicemanagement/device_assignment/activation_lock_a_device/creating_and_using_bypass_codes#3734453 Activationlock Request URI : https://mdmenrollment.apple.com/device/activationlock Request Method : POST Request Headers : [Accept:"text/plain, application/json, application/*+json, /", X-ADM-Auth-Session:"1723449441118O1O649496FAD285FDC77565EC075E770547O90695212BB76419F8E43B2F68BE7A6C6O67033512O11Op1OA0EA85747E70D2D6941C4F6662166CAF22C2193COC298C61ECC7B9E9C14EB2A20305F7E41", X-Server-Protocol-Version:"3", Content-Type:"application/json", Content-Length:"133"] Request Body : {"device":"K2LP4HQXJ4","escrow_key":"QRV7D-JPPMQ-Z90N-1VN8-L1PN-45Q2","lost_message":"xxxxx"} Response : {"serial_number":"K2LP4HQXJ4","response_status":"SUCCESS"} escrowKeyUnlock Request URI : https://deviceservices-external.apple.com/deviceservicesworkers/escrowKeyUnlock?serial=K2LP4HQXJ4&imei=357174298879232&meid=35717429887923&productType=iPhone14,2 Request Method : POST Request Headers : [Accept:"text/plain, application/json, application/*+json, /", Content-Type:"application/x-www-form-urlencoded", Content-Length:"189"] Request Body : orgName=xxxxx&guid=xxxxx&escrowKey=QRV7D-JPPMQ-Z90N-1VN8-L1PN-45Q2 Response : 404 <ns:escrowKeyDeviceServicesResponse version="1" xmlns:ns="http://www.apple.com/cds/mdmescrowKeyDeviceServices/xml"></ns:escrowKeyDeviceServicesResponse> Who can help me check if there are any errors in the way I'm calling these two APIs, and how to correct them?

Hi everyone, I'm currently working with the Screen Time API, specifically trying to figure out the best way to pause an active, repeating schedule without disrupting future schedules. Here's the scenario: I have a repeating schedule set from 10:00 AM to 8:00 PM daily. If I need to pause the schedule temporarily, my current approach involves stopping monitoring, clearing all restrictions, and then setting a new schedule for the remaining time after the pause. However, this method cancels the repeating schedule entirely, which causes issues when the schedule is supposed to restart the next day at 10:00 AM. Instead, it starts after the pause time, which isn’t what I want. Challenges I'm Facing: Maintaining Repeating Schedules: How can I pause the schedule in a way that ensures it resumes correctly the next day at the intended time (10:00 AM)? DeviceActivityMonitor Logic: Is there a way to deactivate and reactivate the schedule through the DeviceActivityMonitor without fully stopping the monitoring? Ideally, I'd like to retain the original schedule, pause it, and then resume it seamlessly after the pause. What I’ve Tried So Far: I’ve attempted to store the necessary data in the App Groups shared container as a local file. In the DeviceActivityMonitor, I used the schedule's name to identify and retrieve the saved object, planning to use this data to reapply the shielding after the pause. Unfortunately, this approach exceeds the 6MB memory limit of the extension, which is another roadblock. Given these issues, I’m unsure how to move forward. Are there any best practices or alternative approaches that could help manage this situation more effectively? Any insights or suggestions would be greatly appreciated! Thanks in advance for your help.

Hi there, My app uses all the Screen Time API's with individual FamilyControls authorization. I've been using the API's for over 2 years (since they came out). In iOS 18 Beta (maybe started in Beta 3?), I've been experiencing random issues. I tracked it down to where it seems like DeviceActivityMonitor extension is more likely to deadlock in iOS 18. To reproduce: when DeviceActivityMonitorExtension.intervalDidEnd gets called, IF you call DeviceActivityCenter.startMonitoring for that SAME DeviceActivityName from the DeviceActivityMonitorExtension , the startMonitoring call deadlocks (if I pause debugger, it does not advance past DeviceActivityCenter.startMonitoring). The bug is reported in FB14664238. It also contains a sample project where you can reproduce this. I also note in the comment section that this is not the only way to encounter this problem. My application code (which is a lot more complicated) seems to deadlock on calling DeviceActivityCenter.activities. As a result, there seems to be an "overall trend" where, due to some changes, DeviceActivityMonitor extension is more likely to deadlock. The steps are not reproducible on iOS 17.6. This is built using Xcode 17.4. Thank you! 🙏

We have an iPad app which can write to user-specified locations on USB-connected storage devices. On unmanaged devices, this works just fine. However, when the device is under MDM, although the Files app can see the external USB storage device, it does not show up in the file browser in our own app. There's a restriction called "allowFilesUSBDriveAccess" which is set to true (the default), but there's no restriction called "allowOtherAppsUSBDriveAccess". Are MDM-managed iPads simply not allowed to access USB drives (except through the Files app)?

I shield a web domain picked by users like this (discouragedSelections is an instance of FamilyActivitySelection() btw) : let webDomainTokens = discouragedSelections.webDomainTokens store.shield.webDomains = webDomainTokens The domain is correcly shielded and I can see the restricted screen when I access it via Safari. When I tap on the main button of that restricted view, I receive a different token than the one I got from .webDomainTokens from the code above. Why? override func handle(action: ShieldAction, for webDomain: WebDomainToken, completionHandler: @escaping (ShieldActionResponse) -> Void) { // webDomain here is different from the one in store.shield.webDomains }

Can ManagedSettingsStore and DeviceActivityCenter be used from a background thread, or do I need to access them from the main thread/queue only?

Using the Screen Time API, I can create multiple ManagedSettingStore objects with different names. Is there a way to retrieve these later by name? For example, if I create them dynamically from a configuration managed by the user of my app, and the app crashes or its data gets corrupted, how can I get rid of "stale" ManagedSettingStore objects that I no longer know? Or, if I somehow lose the name of a ManagedSettingStore I created, how long does the store stay active? Forever? How can I get rid of the "stale" store?