Hello Apple Support, I'm reaching out in desperation, as my Apple Developer account was suddenly blocked without any prior notice. I'm writing from a different email address because I can't access my original account at all. I've dedicated years of hard work, energy, and resources to build my applications and support my users through this platform. The sudden blocking of my account has not only put my business in jeopardy but also significantly impacted my personal life, as my income and livelihood heavily depend on it. The potential loss of revenue and the disruption to my users is devastating. I’m deeply hurt and disheartened by the lack of communication and would appreciate any help to resolve this situation as quickly as possible. I kindly request guidance on how I can recover my account, or at the very least, understand why this action was taken. Thank you for your attention to this matter. I’m hopeful for a quick resolution.

Hello Is there any official source from Apple listing all their models with their respective specs (mainly storage and device color)? Third party open source exist, but it's incomplete, and we'd like to use an official source. EG https://theapplewiki.com/wiki/Models No "ML9C3" in that site.

Hello Everyone, I am completely new to programming, I have played with the Playgrounds app and I understand how some of the basic concepts work, however when going through "A Swift Tour" on developer.apple.com I struggle to understand a lot of the concepts presented. Are there any resources that someone can recommend so I can continue to learn? I tried just watching the video and searching the things I didn't understand, but I don't think I am learning much this way.

Today, I can no longer create a new version for my Apps. Getting "An error has occurred. Try again later"... This has never happened to me before.

We are pushing some Chrome settings through Directory Services command line utility /usr/bin/dscl /usr/bin/dscl /Local/Default -mcximport /Computers/local_computer chrome_settings.plist /usr/bin/mcxrefresh -n root These commands created com.google.Chrome.plist in /Library/Managed Preferences on previous macOS versions. However on macOS 15.x Sequoia these commands intermittently fail to create the file in /Library/Managed Preferences though there is no error reported or any log entries that could indicate an error. There could be other component on Sequoia that is preventing directory services tool to push the preferences but I am unable to locate it. It is not MDM because the machines are not enrolled (also have a setup where dscl and MDM both work). This is happening on a clean macbook setup but I have never seen it happen on mac mini. Anyone have an idea what could be interfering with directory services to complete its task of pushing managed settings? DDM?

We use a profile that delays the installation of the new system in order to test it earlier. Well Sequoia works differently and fails with our system, the manufacturer tells us to talk to Apple. Does anyone have any idea about this? My MDM is Mosyle

Hello everyone, our company has an annual fee of $299 for an enterprise developer account, which is about to expire next month, but I submitted the renewal application, but after a month, I received an email that refused to renew the subscription. Is there any remedy for this? This account is very important to our company. Thank you

On a supervised device running iOS 18 without any AirDrop restrictions applied, when a profile with allowListedAppBundleIDs restriction key is installed, the AirDrop sound plays. But still the accept prompt does not appear, making it impossible to accept files. The prompt works as expected on iOS 18 devices to which the allowListedAppBundleIDs restriction is not installed. This issue occurs only on supervised iOS 18 devices to which the allowListedAppBundleIDs restriction is being applied. Device must be in iOS 18 version > Install the (allowListedAppBundleIDs restriction) profile with the device > Try to AirDrop files to the managed device. The expected result is that the accept prompt must pop up but it does not appear. This issue is occurring irrespective of any Whitelisted bundle ID being added to the allowListedAppBundleIDs restriction profile. Have attached a few Whitelisted bundle ID here com.talentlms.talentlms.ios.beta, com.maxaccel.safetrack, com.manageengine.mdm.iosagent, com.apple.weather, com.apple.mobilenotes, gov.dot.phmsa.erg2, com.apple.calculator, com.manageengine.mdm.iosagent, com.apple.webapp, com.apple.CoreCDPUI.localSecretPrompt etc. Have raised a Feedback request (FB15709399) with sysdiagnose logs and a short video on the issue.

Hello! We using jwsRepresentation for Transaction. In documentation we found The decoded payloads of the jwsRepresentation and JWSTransaction strings contain price fields that are specified in milliunits of the currency; StoreKit represents the price in units of currency. Take care not to confuse these two representations when working with both APIs. source But when we decoded JWS, we found what price are specified in units (but we were expecting to get milliunits) We using https://developer.apple.com/documentation/storekit/product/purchaseresult/success switch result { case .success(let verification): let jwsRepresentation = verification.jwsRepresentation ... And when we decoded jwsRepresentation we get { "transactionId": ".....", "originalTransactionId": ".....", "webOrderLineItemId": ".....", "bundleId": ".....", "productId": ".....", "subscriptionGroupIdentifier": ".....", "purchaseDate": ".....", "originalPurchaseDate": ".....", "expiresDate": ".....", "quantity": 1, "type": ".....", "deviceVerification": ".....", "deviceVerificationNonce": ".....", "appAccountToken": ".....", "inAppOwnershipType": ".....", "signedDate": ".....", "environment": ".....", "transactionReason": ".....", "storefront": ".....", "storefrontId": ".....", "price": 12990, "currency": "USD" }

Hi Dear Apple Developer, We had some problem to ping iTunes server since Oct-30, 2024. Previously we can ping the VPP server url http://ax.itunes.apple.com/WebObjects/MZStoreServices.woa/wa/wsSearch?media=software&entity=software&country=US&lang=en_us&limit=1&term= w/o any issues, but now it failed. Even if I tried to use "https" to access the above url, it still failed with error "This server could not prove that it is ax.itunes.apple.com; its security certificate is from a248.e.akamai.net. This may be caused by a misconfiguration or an attacker intercepting your connection." And finally ended with this error "Access Denied You don't have permission to access "http://ax.itunes.apple.com/WebObjects/MZStoreServices.woa/wa/wsSearch?" on this server. Reference #18.55503617.1730815948.be1bde3 https://errors.edgesuite.net/18.55503617.1730815948.be1bde3" Same that we had problem to get VPP app details via url: http://ax.itunes.apple.com/WebObjects/MZStoreServices.woa/wa/wsLookup?country=us&id=6445849909 Is there any changes to this url recently? Thanks, Wei

Is there a way to check in code if a device is under Mobile Device Management? We want to show the users a different screen in the app if it is under device management. This is primarily for devices under Apple School Manager or something similar

Numbers recently began crashing on startup. It barely has time to display the open dialog box, then boom! I've tried: Booting in Safe Mode, Deleting preferences in user library (Container files too), no joy. Is there anything else I can delete? I have confirmed that it works fine in another user account on the same machine. So the problem is somewhere in my account. I'd appreciate any suggestions. I'm running MacOS Version 15.0 Beta (24A5298h). but numbers has been fine until literally this weekend. The betaOS was installed a few weeks ago. I've added nothing to the machine since that.

I'm developing an ACME server to issue identity certificates to macOS/iOS devices for MDM attestation, following RFC 8555. Per RFC, the client creates an order, performs authorization, verifies the challenge, and finalizes the order by submitting a CSR to the CA. In my setup, the CA sometimes takes longer to issue the certificate (around 50 seconds). According to RFC 8555, if certificate issuance isn’t complete after the /finalize call, the server should respond with an "order" object with a "processing" status. The client should then send a POST-as-GET request to the order resource (e.g., /order/<order_id>) to check the current state. If the CA still hasn’t issued the certificate, the server should return the order object with the same "processing" status and include a "Retry-After" header, indicating when the client should retry. The client is expected to poll the order resource at this specified interval with POST-as-GET requests. However, it seems the Apple ACME client ignores the "Retry-After" header and instead returns the error: "Profile failed - Order status is processing, not yet valid" immediately upon the first poll response with "processing." Apple ACME client deviating from the RFC documentation. Has anyone found a reliable solution to this issue? Or does Apple supports asynchronous order finalization? Ref -https://datatracker.ietf.org/doc/html/rfc8555#:~:text=A%20request%20to%20finalize%20an%20order%20will%20result%20in%20error,to%20the%20%22certificate%22%20field%20of%20the%20order.%20%20Download%20the%0A%20%20%20%20%20%20certificate. To work around this, I’m holding the /finalize call until the CA issues the certificate. This works when issuance is quick (under 20 seconds), but if it takes more than that , the client times out. Interestingly, the Apple ACME client’s timeout appears shorter than the usual 60-second URLSession default.

There could be a case where-in multiple transparent proxies might exist in the system (for ex., Cisco AnyConnect, GlobalProtect, etc). We want to know if there is a way to order transparent proxies so that the desired transparent proxy gets the request first. During our research, we found a resource which talks about ordering transparent proxies through MDM. https://developer.apple.com/documentation/devicemanagement/vpn/transparentproxy Using this reference, we tried to create a profile and push it through JAMF. Below is the profile that we created and pushed with JAMF. Property List - &lt;?xml version="1.0" encoding="UTF-8"?&gt; &lt;!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd"&gt; &lt;plist version="1.0"&gt; &lt;dict&gt; &lt;key&gt;TransparentProxy&lt;/key&gt; &lt;array&gt; &lt;dict&gt; &lt;key&gt;ProviderBundleIdentifier&lt;/key&gt; &lt;string&gt;com.paloaltonetworks.GlobalProtect.client.extension&lt;/string&gt; &lt;key&gt;Order&lt;/key&gt; &lt;string&gt;1&lt;/string&gt; &lt;/dict&gt; &lt;dict&gt; &lt;key&gt;ProviderBundleIdentifier&lt;/key&gt; &lt;string&gt;com.cisco.anyconnect.macos.acsockext&lt;/string&gt; &lt;key&gt;Order&lt;/key&gt; &lt;string&gt;2&lt;/string&gt; &lt;/dict&gt; &lt;dict&gt; &lt;key&gt;ProviderBundleIdentifier&lt;/key&gt; &lt;string&gt;com.mydomain.transparentproxy&lt;/string&gt; &lt;key&gt;Order&lt;/key&gt; &lt;string&gt;3&lt;/string&gt; &lt;/dict&gt; &lt;/array&gt; We are not sure if this is the right way to create the profile, though JAMF is not throwing any error while pushing this profile. We see this profile on the local machine as "/Library/Managed Preferences/com.apple.networking.vpn-transparent-list.plist". Is there a way to know if the profile took effect and the order of transparent proxies has changed. Thanks in advance.

Since this file is protected by SIP, it can't just be changed by an installer/app without prompting the user. If the user chooses to deny the request, the sudo file won't be updated with a security critical pam module. I need to insert our custom pam module into /etc/pam.d/sudo without the user being able to deny the operation.

I'm reaching out to discuss a significant issue related to how iOS handles app login sessions, particularly in the context of MDM (Mobile Device Management) and the Outlook app. In our organization, we use MDM to distribute applications, including Outlook, with certificate-based authentication for BYOD (Bring Your Own Device) devices. This setup allows users to log in seamlessly to their accounts. However, we've encountered a concerning behavior: when a user unenrolls from MDM, which automatically removes the distributed apps and certificates, they can later reinstall the app from the App Store and find themselves automatically logged back into their previous accounts without any authentication prompts. Here’s a detailed breakdown of the situation: Initial Installation: Users enroll their devices in MDM, which installs the necessary apps and certificates on those devices. Session Storage: After the initial login, the app stores the session locally on the device. App Deletion: When users un enroll their devices from MDM, it automatically removes the distributed apps and certificates. Reinstallation: Days or weeks later, when they reinstall the Outlook app from the App Store, they find themselves automatically logged back into their accounts. This behavior raises important concerns: Lack of Authentication: The app retaining user sessions even after deletion allows users to access their accounts without re-authentication, which could lead to potential unauthorized access and undermines the effectiveness of certificate-based authentication and two-factor authentication (2FA). Note: This issue is not limited to Outlook; we've observed similar behavior with many other apps. Need for a Solution - Given the implications of this behavior, we are looking for effective solutions to prevent it. Specifically, we need options within the MDM framework to: Restrict Session Retention: Implement settings that ensure any app deleted via MDM will lose all stored sessions and require re-authentication upon reinstallation. Default Settings for MDM-Distributed Apps: Ideally, this would be a default feature for all apps distributed through MDM, ensuring that user sessions are not retained after app deletion. Has anyone else experienced this issue? Are there any existing settings or workarounds within MDM platforms to mitigate this problem? Your insights and experiences would be invaluable as we navigate this challenge. Thank you!

Analytics report issues

Hello, I have a system, which is able to execute bash/zsh scripts on a set of machines. The default behaviour is that the signature of the script is checked on the machine, which is executing it, and in case if it is not signed properly, the system rejects the execution. An own certificate has to be created for signing the scripts, which means that the certificate has to be installed and marked as trusted on the target machines (which are executing the script). I've been using : "/usr/bin/security add-trusted-cert ..." command to install the certificate on the machines as trusted. Since macOS Big Sur, the above command was prompting the local user for admin credentials. To avoid this, Apple suggested to use the following command to temporarily disable and re-enable the confirmation dialog : 1.: /usr/bin/security authorizationdb write com.apple.trust-settings.admin allow 2.: /usr/bin/security authorizationdb write com.apple.trust-settings.admin admin Now with the release of macOS Sequoia, the above command : "/usr/bin/security authorizationdb write com.apple.trust-settings.admin allow" does not work any more. It gives the following output : NO (-60005) I have the following questions : 1.: Could you please suggest an alternative way for IT administrators to install certificates on their machines, without any user confirmation? 2.: Could you please suggest how the same could be achieved using a bash/zsh script? In which context could the above commands : "/usr/bin/security authorizationdb write com.apple.trust-settings.admin allow" and "/usr/bin/security authorizationdb write com.apple.trust-settings.admin admin" still work? Thank you for your help in advance!

When the user pushed the lock device action on a macOS 14, it returned an acknowledgement but the device wasn't locked. Which resulted in loss of data on the device.

Dear Apple Developer Support Team, I hope this message finds you well. I am currently utilizing the services at https://identity.apple.com for mobile device management and encountered an issue while attempting to upload a Certificate Signing Request (CSR) file to the portal. The system generated an error indicating that the file format was invalid. Below are the steps I followed to generate the CSR: I first created a private key on my server using the following command: openssl genrsa -out private.key 2048 Next, I generated the CSR file with the following command: openssl req -new -key private.key -out request.csr Despite following these steps, I could not successfully upload the CSR file and obtain the APNs certificate. I would greatly appreciate your guidance on creating and uploading a valid CSR file to avoid this error. Please let me know if there are any specific formatting requirements or additional steps I need to follow. Thank you in advance for your assistance and support.