Explore the intersection of business and app development. Discuss topics like device management, education, and resources for aspiring app developers.

All subtopics

Post

Replies

Boosts

Views

Activity

How to enable push notification settings for PWA app with App Restriction payload?
Push notification for PWA app is supported on iOS >= 16.4. I want to restrict app usage using Restriction payload of configuration profile. Formerly we could it by defining a restriction like this. (actually via MDM) <key>whitelistedAppBundleIDs</key> <array> <string>com.apple.webapp</string> </array> However on iOS >= 17.0, the notification setting of the PWA app is disappeared!! Without the restriction payload, or with the restriction payload without whitelistedAppBundleIDs, the notification setting for the PWA app is shown as expected. Also we discovered that the issue can be avoided by adding com.apple.WebKit.PushBundle.xxxxxx into the restriction payload. <key>whitelistedAppBundleIDs</key> <array> <string>com.apple.webapp</string> <string>com.apple.WebKit.PushBundle.7880D99FB56F4FF7B5DC019E0EDBCBD0</string> </array> com.apple.WebKit.PushBundle.7880D99FB56F4FF7B5DC019E0EDBCBD0 can be found with console log using Apple Configurator. However it cannot be found via MDM command (ex. InstalledApplicationList). We want to configure and install the restriction payload into multiple devices via MDM. So how can we know the com.apple.WebKit.PushBundle.xxxxxx via MDM? or how can we enable push notification settings for PWA apps with restriction payload? Thank you
0
0
556
Dec ’23
Mac Assessment Mode in Electron App
I am implementing the Mac Assessment Mode feature on an Electron application. I have successfully activated it (verified through the assessmentSessionDidBegin function), but the application hangs on a gray screen. Additionally, I tried adding the Calculator app and VS Code (which is built with Electron) to the whitelist. The Calculator app can display, but VS Code cannot. I suspect that helper processes (Render, GPU, ...) may be blocked by this mode, preventing the application from displaying content. Therefore, I would like to ask if The Mac Assessment Mode supports Electron applications. Thank you for reviewing.
0
0
465
Dec ’23
Version Number Conflicts
We are the client of a vendor who built a custom app for us. We use mobile device management to automate application updates. We push 45 apps and 44 work flawlessly. The 45th is this app and we always have to manually force it to update which causes drastic issues when the app is updated. After troubleshooting, it appears there is some type of mismatch between the store version number and what the device sees. The store will show the app as 1.2.3.4 but the device shows 1.2.3 when I force it to update. The vendor shows that they fill out the version as 1.2.3 and the build number as 4 which then produces 1.2.3.4. Are they filling this information out correctly? Are there other fields that are required for them to fill out elsewhere with the version number? Thank you
0
0
562
Dec ’23
Apple App Publish - Distribution Method Issue
Guideline 3.2 - Business We found in our review that your app is intended to be used by a specific business or organization, including partners, clients, or employees, but you've selected public distribution on the App Store in App Store Connect. Since the App Store is intended for apps with a public audience, we recommend reviewing the other distribution options available to you through your Apple Developer Program Account. Next Steps To resolve this issue, review the other distribution options available for apps designed for specific businesses or organizations and choose a distribution option that works for your app and users. You can review these app distribution options on Apple Developer. How to resolve this issue - when my App's Business Model is - Business - to - Business Model and my app doesn't involve Registration Technique. If somebody has any information on this issue, Please Guide us.
0
1
689
Dec ’23
Disabling the extra buttons on UIReferenceLibraryViewController
Hi! I am developing a word game for children. It is intended to be educational and help children pass the time by playing. I use UIReferenceLibraryViewController ( I use a UIViewControllerRepresentable as the app is essentially in SwiftUI) to show a definition of a word that the child comes across during play. This part works fine - except that the view contains a button to look on the web, and another to manage dictionaries - both of which I do not want children to be able to do. How do I disable these buttons? Alternatively, is there a way to just get the dictionary definition text and show that in a custom view?
2
0
603
Jan ’24
Guideline 3.2 - Business
We continue to find in our review that your app is intended to be used by a specific business or organization, including partners, clients, or employees, but you've selected public distribution on the App Store in App Store Connect. Since the App Store is intended for apps with a public audience, we recommend reviewing the other distribution options available to you through your Apple Developer Program Account. Next Steps To resolve this issue, review the other distribution options available for apps designed for specific businesses or organizations and choose a distribution option that works for your app and users. You can review these I am not able to resolve the above issue kindly help.
0
0
811
Jan ’24
Behavior of AssociatedDomains in applayervpn
hi! https://developer.apple.com/documentation/devicemanagement/applayervpn I have a question about AssociatedDomains in the AppLayerVPN reference above. From the description, I believe that this property triggers the VPN when the app is launched with a universal link and connects to the domain specified in AssociatedDomains. Is that correct in your understanding? I specified "twitter.com" as a test, and the VPN was not triggered when the universal link was executed from safari, etc. How can I make a VPN connection with the domain connection specified in the AssociatedDomains property? If you could please let us know with some real life examples. I will pass on your thanks in advance. Thanks.
1
0
388
Jan ’24
【Device Management】 About Cellular PrivateNetwork
Hello, Dear Engineers I have distributed a management profile from Aplle Configurator to my terminal with reference to the following document https://developer.apple.com/documentation/devicemanagement/cellularprivatenetwork Situation: We tested the device in an environment where both Wi-Fi and cellular connections were available, Wi-Fi seemed to have priority in the operation. This is because CellularDataPreferred, which is set in the distributed management profile, is enabled, I would like cellular to be given priority. I am using iPhone 15 (iOS 17.1.2). Question: ・Is there anything else missing besides the Profile Example to make CellularPrivateNetwork's Device Management Profile work properly? ・Has anyone confirmed that CellularPrivateNetwork's Device Management Profile works correctly? BestRegards
1
0
468
Jan ’24
I Want to know the NotNow status returned by MDM commands on Apple devices.
Please tell me about the NotNow status returned by the MDM command for Apple devices. ◾️I would like to check I am aware that there are some MDM commands that return a status NotNow when the device is locked and the command cannot be executed. I am aware of InstallProfileCommand and SecurityInfoCommand. https://developer.apple.com/documentation/devicemanagement/installprofilecommand https://developer.apple.com/documentation/devicemanagement/securityinfocommand Please answer the following two questions. ◾️Question I would appreciate an answer with the official name of the command and the URL of the command's reference, if possible. Question 1 Please tell us if there are commands other than InstallProfileCommand and SecurityInfoCommand that return status NotNow because the command cannot be executed if the terminal is locked. Question 2 Please tell us if any of the following commands return the status NotNow because the command cannot be executed if the terminal is locked. DeviceConfiguredCommand AvailableOSUpdatesCommand ScheduleOSUpdateCommand OSUpdateStatusCommand
1
0
541
Jan ’24
Content Filter Extension on Shared iPads
We're trying to make our Content Filter solution work on Shared iPads. We leverage the Network Extension framework, more specifically the Content Filter Providers. On regular, 1:1 iPads, this works perfectly fine. However, on Shared iPads we see some weird behaviour. Upon logging in with a MAID everything initially seems fine. However, in about 5 to 10 seconds the user is automatically logged out and an error indicating "a connection to iCloud could not be made" is presented to the user. After investigating the logs it turns out this is caused by the fact that the network is unreachable. For example: Jan 19 00:33:04 cloudd(CFNetwork)[5867] <Error>: Task <F5DC7C46-422D-4265-A364-B3C859BF6291>.<1> finished with error [-1009] Error Domain=NSURLErrorDomain Code=-1009 UserInfo={_kCFStreamErrorCodeKey=50, NSUnderlyingError=0xefe89ffc0 {Error Domain=kCFErrorDomainCFNetwork Code=-1009 UserInfo={_NSURLErrorNWPathKey=unsatisfied (Path was denied by NECP policy), interface: en0[802.11], ipv4, dns, uses wifi, _kCFStreamErrorCodeKey=50, _kCFStreamErrorDomainKey=1}}, _NSURLErrorFailingURLSessionTaskErrorKey=<private>, _NSURLErrorRelatedURLSessionTaskErrorKey=<private>, NSLocalizedDescription=<private>, NSErrorFailingURLStringKey=<private>, NSErrorFailingURLKey=<private>, _kCFStreamErrorDomainKey=1} Test device: iPad Pro (11-inch) running iPadOS 17.2 (21C62) My assumption: It looks like the filter providers start "too late". In the meantime the device is trying to reach the network, but since there is a Content Filter configuration in place all traffic is denied until the extension is started (and the completionHandler has been called with a nil error). I can see in the logs that, about 5 seconds after the home screen is visible, the Content Filter Providers are starting: ... Jan 19 00:52:54 neagent(NetworkExtension)[7086] <Notice>: Extension request with data extension <our filterData bundle ID> started with identifier 63576D2C-A484-4D07-9753-ADC99BFDB7A6 ... Jan 19 00:52:55 neagent(NetworkExtension)[7086] <Notice>: Extension request with control extension <our filterControl bundle ID> started with identifier 51D19516-C860-48B8-AB83-0F43D5F613CB ... Is my assumption correct? Are the Content Filter provider even officially supported by Apple on Shared iPads? Is there anything we can do to fix this issue?
4
0
940
Jan ’24
Issue with Installation of App via DDM - ManagedAppDistribution.ManagedAppDistributionError
Hello Apple Community, Issue encountered during the installation of an app via DDM (Declarative Device Management) on iOS 17.3 devices. When applying an app configuration and managed app list status event through declarative management, the configuration is successfully applied, but the configured app is not being installed on the device. Upon closer inspection, we have identified that the error "ManagedAppDistribution.ManagedAppDistributionError" is being logged during this process. My Configuration: { "Type": "com.apple.configuration.app.managed", "Identifier": "com.mdm.1740e623-4361-498d-af02-b433500d58bd.ManagedAppDDM", "ServerToken": "1706282674113", "Payload": { "AppStoreID": "361309726", "InstallBehavior": { "License": { "VPPType": "Device" }, "Install": "Required" } } } { "Type": "com.apple.configuration.management.status-subscriptions", "Identifier": "com.mdm.9c70c80f-406a-425a-8829-1025652f05c6.ManagedAppListStatus", "ServerToken": "1706282673976", "Payload": { "StatusItems": [ { "Name": "app.managed.list" }, { "Name": "mdm.app" }, { ... } ] } } DDM Response: { "StatusItems": { "management": { "declarations": { "activations": [ { "active": true, "identifier": "DEFAULT_ACT_0", "valid": "valid", "server-token": "1706282674113" } ], "configurations": [ { "active": true, "identifier": "DEFAULT_STATUS_CONFIG_0", "valid": "valid", "server-token": "3" }, { "active": true, "identifier": "com.mdm.1740e623-4361-498d-af02-b433500d58bd.ManagedAppDDM", "valid": "valid", "server-token": "1706282674113" }, { "active": true, "identifier": "com.mdm.9c70c80f-406a-425a-8829-1025652f05c6.ManagedAppListStatus", "valid": "valid", "server-token": "1706282673976" } ], "assets": [], "management": [] } } }, "Errors": [ { "Reasons": [ { "Code": "ManagedAppDistribution.ManagedAppDistributionError.0", "Description": "The operation couldn’t be completed. (ManagedAppDistribution.ManagedAppDistributionError error 0.)" } ], "StatusItem": "app.managed.list" } ] } Note : The ManagedAppDistribution framework extension appears to not be implemented in this context. Kindly help us with this issue. Thanks in advance.
2
0
730
Jan ’24
Platform SSO saveLoginConfiguration error
Hi all. I'm trying to implement a Platform SSO extension for macOS and I'm freaking out. It's so complicated and with almost zero guidance documentation. I established a starting point in my SSO extension and I get the registration request to my beginDeviceRegistrationUsingLoginManager (I managed all the AASA file, MDM stuff). In this method I'm creating a ASAuthorizationProviderExtensionLoginConfiguration and I try to save it into the loginManager (ASAuthorizationProviderExtensionLoginManager which I get from the method) using saveLoginConfiguration. It worked fine, and without changing anything I started getting the next error: failed to save loginConfiguration: Error Domain=com.apple.AuthenticationServices.AuthorizationError Code=1000 "(null)" UserInfo={NSUnderlyingError=0x7ff77ff63b30 {Error Domain=com.apple.PlatformSSO Code=-1008 "Token endpoint URL is not approved profile URL." UserInfo={NSLocalizedDescription=Token endpoint URL is not approved profile URL.}}} This is my configuration: ASAuthorizationProviderExtensionLoginConfiguration *loginConfiguration = [[ASAuthorizationProviderExtensionLoginConfiguration alloc] initWithClientID:@"***" issuer:@"https://auth.platformsso.ping-eng.com/as" tokenEndpointURL:[NSURL URLWithString:@"https://auth.platformsso.ping-eng.com/as/token"] jwksEndpointURL:[NSURL URLWithString:@"https://auth.platformsso.ping-eng.com/as/jwks"] audience:@"***"]; And this is where it breaks: BOOL saveConf = [self.loginManager saveLoginConfiguration:loginConfiguration error:&confError]; Can someone help me with this error please?
2
0
948
Jan ’24
Cellular Private Network Profile not working
The new profile added to manage the cellular private network is not getting installed on the device end - https://developer.apple.com/documentation/devicemanagement/cellularprivatenetwork?changes=_9 When we try to oinstall the profile we get these error messages. {'Status': 'Error', 'CommandUUID': '556d4936-7514-4121-af8d-3f0bf855a9e6', 'ErrorChain': [ {'ErrorCode': 4001, 'ErrorDomain': 'MCInstallationErrorDomain', 'USEnglishDescription': 'Profile Installation Failed', 'LocalizedDescription': 'Profile Installation Failed'}, {'ErrorCode': 4001, 'ErrorDomain': 'MCInstallationErrorDomain', 'USEnglishDescription': 'Profile Failed to Install', 'LocalizedDescription': 'Profile Failed to Install'}, {'ErrorCode': 1009, 'ErrorDomain': 'MCProfileErrorDomain', 'USEnglishDescription': u'The profile \u201cprivate network policy\u201d could not be installed.', 'LocalizedDescription': u'The profile \u201cprivate network policy\u201d could not be installed.'}, {'ErrorCode': 4001, 'ErrorDomain': 'MCInstallationErrorDomain', 'USEnglishDescription': u'The payload \u201cPrivate Mobile Networks\u201d could not be installed.', 'LocalizedDescription': u'The payload \u201cPrivate Mobile Networks\u201d could not be installed.'}], 'UDID': '00008101-001E1DCA3A81001E'}
2
0
542
Jan ’24
ACME Managed Device Attestation - Certificate format
I'm trying to implement ACME managed device attestation, I have ACME server code written in C# and I've been able to get all of the steps working except for the very last one - issuing the certificate. I so far have not been able to get the device to accept the certificate, the device logs show: Got certificate {length = ......} ACME request flow failed at step 9: Error Domain=NSOSStatusErrorDomain Code=-67673 "failed to obtain certificate" UserInfo={NSLocalizedDescription=failed to obtain certificate} The certificate is issued by an internal CA and the correct root certificate is in the device's trusted certs. I have tried returning the certificate chain as a file response or content response to the device as a "application/pem-certificate-chain" mime type (as outlined as the default in the ACME RFC), returning just the leaf certificate as PEM, returning the leaf certificate as DER with mime type "application/pkix-cert", "application/pkcs7-mime", "application/x-pkcs12" or "application/x-x509-ca-cert", but none of this has worked. Can anyone point me in the right direction to figure out what the issue is?
1
0
746
Jan ’24
ACME Managed Device Attestation Payload - AllowAllAppsAccess
Hi, I'm looking into ACME Managed Deice Attestation and was wondering about one of the values in the payload - AllowAllAppsAccess. From the documentation: "If true, all apps have access to the private key" but what is the case that you would have this set to true? seems like it opens up the device to potentially malicious software. Also, if this were set to true, how would an app access this private key when it is stored in the Secure Enclave? is there a specific tag that it is stored with?
2
0
747
Feb ’24