Post not yet marked as solved
Hello everyone,
I'm currently in the process of implementing platform SSO (Single Sign-On) in macOS and could use some guidance. I find myself a bit confused during the device registration phase, particularly because my Identity Provider (IdP) needs to support it. I'm wondering if Platform SSO will handle this automatically or if there are specific steps I need to take.
Additionally, I'm unsure whether I need to share the device signing and encryption key in my identity. Could someone please clarify this for me?
Finally, I would greatly appreciate it if someone could provide me with some sample code or starting pointers to help me get started on the right track. More into apart from OpenID, SAML protocol what else the Idp needs to change to support Platform SSO.
Thank you in advance for your assistance!
Post not yet marked as solved
Dear Apple Support Team,
I hope this message finds you well. We are currently experiencing an issue with product signing on our build machine, specifically when utilising the productsign command. I would like to provide some context and seek your guidance on potential solutions.
We have developed a Mac product.
We employ the following productsign command to sign our package:
productsign --sign "Developer ID Installer: MyCompany, LLC (12345678)" My.pkg Mysigned.pkg
This process functions seamlessly on our local machines.
However, when attempting the same operation on our build machine, we consistently encounter the following error:
2023-09-29 04:39:54.925 productsign[98404:549470] SignData failed: Error Domain=NSOSStatusErrorDomain Code=-25308 "CSSM Exception: -2147415840 CSSMERR_CSP_NO_USER_INTERACTION" (errKCInteractionNotAllowed / errSecInteractionNotAllowed: / Interaction is not allowed with the Security Server.) UserInfo={numberOfErrorsDeep=0, NSDescription=CSSM Exception: -2147415840 CSSMERR_CSP_NO_USER_INTERACTION}
Error signing data.
productsign: error: Failed to sign the product.
It has come to our attention that the build machine utilizes SSH for code signing, which appears to be a contributing factor to this issue.
We have researched this matter and found several threads suggesting that unlocking the keychain before signing the product may resolve the problem. However, we are eager to explore alternative solutions and any updates or recommendations you may have.
Could you kindly advise if there are additional steps or configurations we should consider to address this issue? We would greatly appreciate any guidance you can provide on this matter.
Warm regards,
skappdevloper
I have created a custom username/password lock screen using SFAuthorizationPluginView. When lock the screen the view appears. The cursor start blinking in TextField. However, it always automatically dismiss in 20 second if ideal. I could see the Mechanism dealloc gets called and dismiss the view. Based on my investigation, I think the system kill the view in 20second, and there is no ways to increase that and keep the custom screen for more time. Any help will be appreciate.
Post not yet marked as solved
We have 2 process in our macOS application
Daemon process written in golang
Swift application
Currently, the communication between both the process are done with Unix domain socket. However, we are seeing significant amount of delay when large amount of data communication. We are looking for some faster communication. Probably XPC is the answer. But not sure how to use XPC between two process which are written in different language. Any sample code would be great help.
Post not yet marked as solved
I am migrating my Mac project to latest XCode. The project contains many custome keychain operation e.g SecKeyChainCreate, Lock, unlock etc. However, the latest. XCode showing the API are deprecated. What is the alternative of these API. I am not getting proper answer in Apple forum.
Post not yet marked as solved
During MDM profile download, download is failed with error as Profile could not be decrypted. There is no change on profile creation in MDM server. Could you please share some pointer on this.
`Failure occurred while retrieving profile during OTA Profile Enrollment: NSError:
Desc : Profile could not be decrypted
Sugg : Decryption key for this profile is not installed.
US Desc: Profile could not be decrypted
US Sugg: Decryption key for this profile is not installed.
Domain : MCProfileErrorDomain
Code : 1006
Type : MCFatalError
...Underlying error:
NSError:
Desc : The operation couldn’t be completed. (OSStatus error -26275.)
Domain : NSOSStatusErrorDomain
Code : -26275`
I have recently started working macOS app from iOS background. In iOS when we delete the app, all app related items also gets removed/cleared. e.g UserDefault.
But it looks same is not happening incase of macOS app. The userdefault data is still there even though delete the app. Because if Installed the app after remove, Istill see old values saved in userdefault.
Post not yet marked as solved
I wanted to notarise a mac dmg. To support notarise (app specific) password is needed. As per https://developer.apple.com/documentation/security/notarizing_macos_software_before_distribution/customizing_the_notarization_workflow/notarizing_apps_when_developing_with_xcode_12_and_earlier?language=objc
But I am able unable to create app specific password using https://support.apple.com/en-us/HT204397. The Edit option is not there in security option. And my apple id is managed apple id. So is it not possible to notarise a mac app if apple id is manged?
Post not yet marked as solved
Hello Team,
I would like to get some feedback on below scenarios.
We are keeping certificate in mac os keychain to achieve Certificate Based Authentication with safari. We have our own logic to fetch and put the certs into keychain.
When open the safari browser, it ask for keychain access by prompting username/password. Successfully provided the keychain username and password.
The requested site opens without prompting for username and password.
This works for couple of days, after sometime even-though right certificate is there in keychain it prompt for username and password.Where the things started breaking.It should automatically login without prompting as we have correct certs in keychain.
For further isolation we tried same in other browser and didn't face the similar issue.
Only seeing the issue with Safari
Any input or help on this. As don't have control how safari accessing the keychain.