Using personal physical iPhone for simulations. Can't get Keychain to read or store AppleID name/email. I want to avoid hard reseting physical phone. Logs confirm Keychain is working, but userIdentifier and savedEmail are not being stored correctly. 🔄 Initializing UserManager... ✅ Saved testKeychain to Keychain: Test Value ✅ Retrieved testKeychain from Keychain: Test Value 🔍 Keychain Test - Retrieved Value: Test Value ⚠️ Keychain Retrieve Warning: No stored value found for userIdentifier ⚠️ Keychain Retrieve Warning: No stored value found for savedEmail 🔍 Debug - Retrieved from Keychain: userIdentifier=nil, savedEmail=nil ⚠️ No stored userIdentifier in Keychain. User needs to sign in. 📦 Converting User to CKRecord: Unknown, No Email ✅ User saved locally: Unknown, No Email ✅ User saved to CloudKit: Unknown, No Email Below UserManager.swift if someone can help troubleshoot. Or step by step tutorial to configure a project and build a User Login & User Account creation for Apple Only app. import Foundation import CloudKit import AuthenticationServices import SwiftData @MainActor class UserManager: ObservableObject { @Published var user: User? @Published var isLoggedIn = false @Published var errorMessage: String? private let database = CKContainer.default().publicCloudDatabase init() { print("🔄 Initializing UserManager...") // 🔍 Keychain Debug Test let testKey = "testKeychain" KeychainHelper.shared.save("Test Value", forKey: testKey) let retrievedValue = KeychainHelper.shared.retrieve(forKey: testKey) print("🔍 Keychain Test - Retrieved Value: \(retrievedValue ?? "nil")") fetchUser() // Continue normal initialization } // ✅ Sign in & Save User func handleSignIn(_ authResults: ASAuthorization) { guard let appleIDCredential = authResults.credential as? ASAuthorizationAppleIDCredential else { errorMessage = "Error retrieving Apple credentials" print("❌ ASAuthorization Error: Invalid credentials received") return } let userIdentifier = appleIDCredential.user let fullName = appleIDCredential.fullName?.givenName ?? retrieveSavedName() var email = appleIDCredential.email ?? retrieveSavedEmail() print("🔍 Apple Sign-In Data: userIdentifier=\(userIdentifier), fullName=\(fullName), email=\(email)") // 🔄 If Apple doesn't return an email, check if it exists in Keychain if appleIDCredential.email == nil { print("⚠️ Apple Sign-In didn't return an email. Retrieving saved email from Keychain.") } // ✅ Store userIdentifier & email in Keychain KeychainHelper.shared.save(userIdentifier, forKey: "userIdentifier") KeychainHelper.shared.save(email, forKey: "savedEmail") let newUser = User(fullName: fullName, email: email, userIdentifier: userIdentifier) saveUserToCloudKit(newUser) } func saveUserToCloudKit(_ user: User) { let record = user.toRecord() Task { do { try await database.save(record) DispatchQueue.main.async { self.user = user self.isLoggedIn = true self.saveUserLocally(user) print("✅ User saved to CloudKit: \(user.fullName), \(user.email)") } } catch { DispatchQueue.main.async { self.errorMessage = "Error saving user: \(error.localizedDescription)" print("❌ CloudKit Save Error: \(error.localizedDescription)") } } } } // ✅ Fetch User from CloudKit func fetchUser() { let userIdentifier = KeychainHelper.shared.retrieve(forKey: "userIdentifier") let savedEmail = KeychainHelper.shared.retrieve(forKey: "savedEmail") print("🔍 Debug - Retrieved from Keychain: userIdentifier=\(userIdentifier ?? "nil"), savedEmail=\(savedEmail ?? "nil")") guard let userIdentifier = userIdentifier else { print("⚠️ No stored userIdentifier in Keychain. User needs to sign in.") return } let predicate = NSPredicate(format: "userIdentifier == %@", userIdentifier) let query = CKQuery(recordType: "User", predicate: predicate) Task { [weak self] in guard let self = self else { return } do { let results = try await self.database.records(matching: query, resultsLimit: 1).matchResults if let (_, result) = results.first { switch result { case .success(let record): DispatchQueue.main.async { let fetchedUser = User(record: record) self.user = User( fullName: fetchedUser.fullName, email: savedEmail ?? fetchedUser.email, userIdentifier: userIdentifier ) self.isLoggedIn = true self.saveUserLocally(self.user!) print("✅ User loaded from CloudKit: \(fetchedUser.fullName), \(fetchedUser.email)") } case .failure(let error): DispatchQueue.main.async { print("❌ Error fetching user from CloudKit: \(error.localizedDescription)") } } } } catch { DispatchQueue.main.async { print("❌ CloudKit fetch error: \(error.localizedDescription)") } } } } // ✅ Save User Locally private func saveUserLocally(_ user: User) { if let encoded = try? JSONEncoder().encode(user) { UserDefaults.standard.set(encoded, forKey: "savedUser") UserDefaults.standard.set(user.fullName, forKey: "savedFullName") UserDefaults.standard.set(user.email, forKey: "savedEmail") print("✅ User saved locally: \(user.fullName), \(user.email)") } else { print("❌ Local Save Error: Failed to encode user data") } } // ✅ Retrieve Previously Saved Name private func retrieveSavedName() -> String { return UserDefaults.standard.string(forKey: "savedFullName") ?? "Unknown" } // ✅ Retrieve Previously Saved Email private func retrieveSavedEmail() -> String { return KeychainHelper.shared.retrieve(forKey: "savedEmail") ?? UserDefaults.standard.string(forKey: "savedEmail") ?? "No Email" } // ✅ Sign Out func signOut() { isLoggedIn = false user = nil UserDefaults.standard.removeObject(forKey: "savedUser") print("🚪 Signed Out") } }

Hi Team, I have created multiple certificates for macOS application. Below are the certificates created- Apple Development Certificate DeveloperID Installer Certificate Apple Distribution Certificate others certificates Later, I have imported the all these above certificates in keychain-access. Now, I tried to compile the code through Xcode. I am getting error for code signing certificate. Warning: unable to build chain to self-signed root for signer "Apple Development: Amit (M2WMF2YERI)” .... Command CodeSign failed with a nonzero exit code When I checked the TeamID of User(Amit) I can see that his current TeamID is [P8ZW3W9R2Q]. There is mismatch of teamID in apple development certificate generation. Note- All certificates are generated with current TeamID[P8ZW3W9R2Q] of user (Amit) except Apple Development certificate which has been generated with TeamID [M2WMF2YERI] which is generated with old TeamID of user (Amit). I attempted to generate the apple development certificate multiple times but it is getting generated with old TeamID TeamID[M2WMF2YERI] of user(Amit)
 Summary- While creating a developer certificate using apple developer account and mapping it in keychain, the certificate is being generated with old apple account details (Inactive) instead of the current one. This is causing issues when using the certificate in keychain. If anyone has encountered this issue, how it was resolved?

Hello, I am currently implementing a biometric authentication registration flow using WebAuthn. I am using ASAuthorizationPlatformPublicKeyCredentialRegistrationRequest, and I would like to know if there is a way to hide the "Save to another device" option that appears during the registration process. Specifically, I want to guide users to save the passkey only locally on their device, without prompting them to save it to iCloud Keychain or another device. If there is a way to hide this option or if there is a recommended approach to achieve this, I would greatly appreciate your guidance. Also, if this is not possible due to iOS version or API limitations, I would be grateful if you could share any best practices for limiting user options in this scenario. If anyone has experienced a similar issue, your advice would be very helpful. Thank you in advance.

Hello, I am currently working on implementing credential registration for biometric authentication using WebAuthn in an iOS app. I am using ASAuthorizationPlatformPublicKeyCredentialProvider to create a credential registration request based on the data retrieved from the WebAuthn options endpoint. At the moment, I am only using user.id, user.name, and challenge from the options response, and I am unsure how to utilize the other fields effectively. I would greatly appreciate advice on how to use the following fields: **Fields I would like to use: ** rp (Relying Party) I am retrieving id and name, but I am not sure how best to pass and utilize these fields. Is there an explicit way to use them? authenticatorSelection How can I set requireResidentKey and userVerification in ASAuthorizationPlatformPublicKeyCredentialRegistrationRequest? Also, what are the specific benefits of using these fields? timeout Is there a way to reflect the timeout value in the credential registration request, and what would be the best way to handle this information in iOS? attestation The attestation field can contain values such as none or direct. How should I reflect this in the credential registration request for iOS? I would appreciate a sample implementation or guidance on the benefits of setting this field. extensions If I want to customize the authentication flow using the extensions field, how can I appropriately reflect this in iOS? For instance, how can I utilize extensions like credProps? pubKeyCredParams Regarding pubKeyCredParams, which is a list of supported public key algorithms, I am unsure how to use it to select an appropriate algorithm in iOS. How should I incorporate this information into the request? excludeCredentials I understand that setting excludeCredentials can prevent duplicate registration, but I am not sure how to use past credential information to set it effectively. Any advice on this would be appreciated. **Current Code ** Currently, I have implemented the following code, but I am struggling to understand how to add and configure the fields mentioned above. let publicKeyCredentialProvider = ASAuthorizationPlatformPublicKeyCredentialProvider( relyingPartyIdentifier: "www.example.com" ) let registrationRequest = publicKeyCredentialProvider.createCredentialRegistrationRequest( challenge: challenge, name: userId, userID: userIdData ) let authController = ASAuthorizationController(authorizationRequests: [registrationRequest]) authController.delegate = self authController.presentationContextProvider = self authController.performRequests() In addition to the above code, I would be grateful if anyone could advise on how to configure fields like rp, authenticatorSelection, attestation, extensions, and pubKeyCredParams as well. Furthermore, I would appreciate any insights into the benefits of setting each of these fields in iOS, and any security considerations to be aware of. If anyone has experience with this, your guidance would be extremely helpful. Thank you very much in advance!

I use icloud apps on windows. This image says "Authentication failed". I have done below. Reinstall Logout & Signin About My PC AMD Ryzen 5 5625U AMD Radeon Graphics 8.0GB Memories 256GB SSD Microsoft Windows 11 Version 23H2 (OS Build 22631.4249) (Licensed) About My iPad iPad mini 3 64GB iOS 12.5.7(Latest) Please help me... Maybe this letters has mistakes because I'm Japanese.

Hello, I'll describe an issue I just reported as FB15286954, hoping to see your thoughts on it / what might've gone wrong. Earlier today, I created an account for a website on my iPhone running the release version of iOS 18.0 using Safari, then added 2FA via the Passwords app. I logged in, checked that it works, then closed Safari and did something else (not much on my phone). In the meantime the phone shut down due to low battery. When I charge it again, and open the Passwords app, I come to find out that the verification codes for this website are gone… What could've gone wrong? I was prompted by the website to save a code to check that 2FA was properly configured, so I think I saved it properly in the app (by the way, the password was still there, properly saved). I assume there was a syncing error between iCloud and my iPhone due to low battery? Is there any way to recover the verification codes? I'll try to reclaim the account through the website's support channels, but I'm wondering if I could still retrieve it somehow.

I'm studying sharing through this link. I followed the first steps by changing the bundle identifier of the project, the tests and placing my own container in the config and in the info.plist. https://github.com/apple/sample-cloudkit-zonesharing The app appears and in the log it appears that it has managed to access my iCloud, but when I click on share and share something, the following message appears in the console, on the simulator and on the iPhone: "No options were found, providing default value for access type" "No options were found, providing default values ​​for permissions" "connection invalidated" And finally, when I click on the shared link, the following message appears: "Item unavailable The owner stopped sharing, or you don't have permission to open it."

Hi Team, Exporting the archive through the Jenkins pipeline (executing commands on a Mac EC2 instance as a Jenkins agent) isn't working, while exporting directly from the Mac terminal successfully generates the IPA file. What might be the cause? When we execute it on directly Mac terminal, it asks Keychain password first time & after that it automatically generates IPA file. Note : We are using below working command to open keychain access. security unlock-keychain -p "my_password" /Users/ec2-user/Library/Keychains/login.keychain-db Export command : xcodebuild -exportArchive -archivePath $PWD/build/Archive/MyApp.xcarchive -exportPath $PWD/build/IPA -exportOptionsPlist ../../Dev_exportOptions.plist -allowProvisioningUpdates Current details: Node version : node-v18.17.0-darwin-arm64 Npm version : 9.6.7 Ionic version : 5.2.6 Xcode version : 15.4 Macos : Sonoma 14.6.1

I am a simple mac seller ,i buy broken laptops from people and repair them to sell so one day one my customer asked to show him video of 4 my laptops after he got only video all became iCloud LOCK Summary - my case numbers are 102302104385 + Case Number: 102309395011 my story is simple the customer asked me about video of the Macbook , because as he told me  , he was need a confirmation about how are laptops are looks like   i do not see any suspicious action here  , customer just want me to show him the laptop like online   So i did it - just send him video - and that is all  then he asked to send video about 3 more Macbooks after it he asked me to Use Erase All Content and Settings so i was sure that there will be no problem  - because i just replaced the motherboard    two weeks ago - so what can be wrong    so when i did it - the Macbook asked if the apple server let him activation  and it was refused   Somehow person who get the video about laptop did a copy of a signal that apple laptop send to apple activation server  and connected  it to his apple id  and after it enabled FMI FMD  - but all time my laptops was turned off But i have video confirmation in my cases that all laptops are without any Apple Id and have new and fresh mac os so after it i was not able to pass the activation because i was scammed and unknown person connected 4 my laptops to unknown account , so after that i was not able to pass the activation  so in fact they are all bricked now   he asked me to pay 1000 $ i told apple about it and they  answer me that it is just my fairy tail and it is not possible   i told them that there is a hole in security and identification of apple devices during enabling FMI FMD  but as i see they do not care - i think it must about 100 same cases  or 1000 - maybe after it they will take care about it  so now i wonder if there any more victims who have the same problem  ? or check here at youtube ServisTT also i and apple support did full apple diagnostic about all devices - i want apple to compare mac addresses and other mac information with the signal that was emulated with the scammer to prove my words - because the scammer was at different location and his emulation device or software was different between my original one macbook Steps to reproduce https://www.youtube.com/watch?v=58AgEcZvrYg&t=98s or check here at youtube ServisTT Expected results i want apple to compare mac addresses and other mac information with the signal that was emulated with the scammer to prove my words - because the scammer was at different location and his emulation device was different between my original one also if you find out that he used Hardware UUID - so why not to mask it or hide or make enable to see only with the password 
 Actual results NO ONE TRUST ME AND NO ONE WANT TO HELP ME

Hello Everyone, This is regarding recent upgrade issue on my iPhone. I am still struggling to get access to my iCloud storage data for iMessages, Notes with password, Health related stats, etc. I would like to explain chronology of the entire event. There was a recent IOS 17.4.1 update came on April 07th, 2024. I clicked on the update but nothing happened then suddenly my phone passcode wasn’t working. I restarted my phone then the phone was not even accepting my face id. I went to the Apple store. Apple support team have requested me to reset (erase entire data) iPhone which I had already done on next day. I had no others options actually. My phone passcode was not working in reality due to iso update because I haven’t changed my passcode since more than a year. It is also not due to iPhone screen issue which apple team was saying to me initially. Unfortunately, my Apple ID credentials wasn’t working after phone reset so I had to put my Apple ID on recovery mode which took almost 15days to recover even though process is automated as per apple support team which they can’t reduce it. I understand that they are doing for privacy reason but who wants such privacy when even owner can’t access his own account for 15days. I offered them to verify my personal details such as email ID, phone number, passport number and any other details which they can use to expedite the process but they didn’t help on this. At end of the recovery (after 15days), they used same details i.e. my email ID and SMS on my registered number to verify. I don’t understand their logic but if they can take 2-3 business working days for same process then it makes sense to wait rather than 15days. After I regained access to my apple id, I have restored everything using my iCloud storage. I observed that few applications such as contacts, WhatsApp, etc. are restored properly but some of the applications such as iMessage, Notes (specifically locked notes), health data were not restored. iMessage are not synchronizing with iCloud storage when I tried to do it manually too in setting >> apple id>> iCloud >> show all >> messages in iCloud >> sync now. Nothing happens after clicking on it. Locked notes are still showing an error message “Can’t view Note. ‘This note can’t be viewed because encryption key wasn’t found in iCloud keychain. Resetting your end-to-end encrypted data can cause this’”. I have never used custom password to lock note instead I was using Face ID earlier to lock or unlock some of notes. All these things are happening because it is asking for old iPhone passcode to connect with iCloud storage while resetting my iPhone. I am trying to enter all the previous passcodes. a. When I entered correct passcode, then there is no error but still applications are not synchronizing with iCloud storage. b. When I enter incorrect passcodes (multiple passcodes but one at a time) then it gives an error “Verification failed”. It means it is detecting correct passcode as per above point. There is some issue with passcode synchronization with iCloud storage. I have opened a case with apple support team but meanwhile If any one of you had faced similar problem, then kindly suggest ways to me so I will regain access to some important personal information which are present in my iCloud storage. I would like to inform everyone that don’t rely completely on single brand or product. Take multiple backups may be on personal laptops, SSDs, etc. I learnt a lesson that even apple products, software & services are not reliable so think before buying costly products just for sake of brand name.

get the password from keychain, encountered an exception， password lost and the reason of the exception is Error Domain=com.samsoffes.sskeychain Code=-25300 ", I want to know why this happens and the possibility of it