The Certification Authority (CA) for Apple Push Notification service (APNs) is changing. APNs will update the server certificates in sandbox on January 20, 2025, and in production on February 24, 2025. All developers using APNs will need to update their application’s Trust Store to include the new server certificate: SHA-2 Root : USERTrust RSA Certification Authority certificate. To ensure a smooth transition and avoid push notification delivery failures, please make sure that both old and new server certificates are included in the Trust Store before the cut-off date for each of your application servers that connect to sandbox and production. At this time, you don’t need to update the APNs SSL provider certificates issued to you by Apple.

Hello, I'm using Apple Wallet passes with a custom backend for distributing and updating them, as described in the documentation (https://developer.apple.com/documentation/walletpasses). I'm sometimes seeing a behaviour where the device does not download an updated pass even though the push notification for informing about the changes has been successfully sent (I've received a success response from APNs). APNs documentation says that it should retry sending the notification if the device is not reachable, but in the cases I'm describing here, the request from the device to fetch the updated pass never arrives. I don't have the apns-expiration header set. Also, I've checked the load balancer and firewall logs, etc. and there are no traces of the requests. Any thoughts on what might be the issue here? Or how to debug this further?

I am trying to build a chat app. I am using FCM to deliver messages to my app accompanied by some custom data like the new message_data, deleted message_id and so on; each message will need to run the app in the background to do some background processing and local database syncing. This continuous background processing is clearly not acceptable as APNs imposes a per-device limit on background push notifications . I am asking how can I push messages and actions payload without being throttled ?

For devices running iOS 18 and iPadOS 18 or later, you can add input-push-token: 1 to your payload to start a Live Activity and receive a new push token. After you receive a new push token, you can use it to send updates to a Live Activity. I read from https://developer.apple.com/documentation/ActivityKit/starting-and-updating-live-activities-with-activitykit-push-notifications#Start-new-Live-Activities-with-ActivityKit-push-notifications that I can start a live activity from CUSTOM SERVER by the start token I get from MyApp.Does that paragraph means my CUSTOM SERVER can receive a new token from aps? If not, how can update the live activity started by Push-Notification when MyApp doesn't alive? And what "input-push-token: 1 " can do, when I put it in the payloads?

I'm facing an issue delivering VoIP push notifications to user devices. It's pretty random, sometimes notifications are delivered and sometimes not. I've had a call with the user to understand and narrow down the issue, including testing delivery of pushes to their device token via Push Notification Console as described here: https://developer.apple.com/documentation/usernotifications/testing-notifications-using-the-push-notification-console#4181180. I asked a user to use Wi-Fi first and tried delivering around 10 pushes via console and 2 of them were lost while the rest was delivered. I asked a user to use cellular and tried delivering also around 10 pushes and most of them were lost and only few of them were delivered. Production environment was used to deliver pushes hence I cannot see delivery log and so I have no visibility over a reason why push wasn't delivered. I wanted to file a code-level support ticket to get help however I need to supply a sample xcode project which in this particular case doesn't make any sense as I'm using Apple's Push Notification Console tool and it delivers pushes in some cases while doesn't deliver it in other cases. I'm pretty familiar with all potential reasons why push might not be shown on device, including app early crashes, not reporting a call to CallKit etc. => although you never know, I'm pretty sure it's not our case. How can I get support on investigating specific user device token delivery issues like in the case I described above? I have device token and push console records but it's not clear how to get support on that. Thank you!

I have a flutter app which receives bot alert and silent notifications. The alert notifications are received properly whilst the silent ones do not trigger any function. My app is based on OneSignal but for the testing i am also trying to directly send the notifications using the APN console. Using either alert or background type notification I am using real device (iPhone XR) The background modes are set to "Background fetch" and "Remote notifications" The token is valid as i am getting alert notifications. The app has notification permissions. The didReceiveRemoteNotification never gets triggered (for alert or silent types) When sending alert notification i do see the printout of "willPresent notification" Here is my AppDelegate.swift code. @objc class AppDelegate: FlutterAppDelegate { override func application( _ application: UIApplication, didRegisterForRemoteNotificationsWithDeviceToken deviceToken: Data ) { // Log device token to ensure correct registration let tokenParts = deviceToken.map { data in String(format: "%02.2hhx", data) } let token = tokenParts.joined() print("Device Token: \(token)") } override func application( _ application: UIApplication, didFinishLaunchingWithOptions launchOptions: [UIApplication.LaunchOptionsKey: Any]? ) -> Bool { // Request full notification permissions UNUserNotificationCenter.current().requestAuthorization( options: [.alert, .badge, .sound, .provisional, .criticalAlert] ) { (granted, error) in print("Notification Authorization Granted: \(granted)") if let error = error { print("Notification Authorization Error: \(error.localizedDescription)") } // Always attempt to register for remote notifications DispatchQueue.main.async { UIApplication.shared.registerForRemoteNotifications() } } // Set notification center delegate UNUserNotificationCenter.current().delegate = self GeneratedPluginRegistrant.register(with: self) return super.application(application, didFinishLaunchingWithOptions: launchOptions) } // Add this method to handle foreground notifications override func application( _ application: UIApplication, didReceiveRemoteNotification userInfo: [AnyHashable: Any], fetchCompletionHandler completionHandler: @escaping (UIBackgroundFetchResult) -> Void ) { print("🔔 FULL didReceiveRemoteNotification CALLED") print("Full Payload: \(userInfo)") // Detailed logging of APS dictionary if let aps = userInfo["aps"] as? [String: Any] { print("APS Dictionary: \(aps)") print("Content Available: \(aps["content-available"] ?? "Not Found")") } // Explicit silent notification check if let aps = userInfo["aps"] as? [String: Any], let contentAvailable = aps["content-available"] as? Int, contentAvailable == 1 { print("✅ CONFIRMED SILENT NOTIFICATION") // Perform any background task here completionHandler(.newData) return } print("❌ Not a silent notification") completionHandler(.noData) } override func application( _ application: UIApplication, performFetchWithCompletionHandler completionHandler: @escaping (UIBackgroundFetchResult) -> Void ) { print("🔄 Background Fetch Initiated") // Perform any background fetch tasks completionHandler(.newData) } override func userNotificationCenter( _ center: UNUserNotificationCenter, willPresent notification: UNNotification, withCompletionHandler completionHandler: @escaping (UNNotificationPresentationOptions) -> Void ) { let userInfo = notification.request.content.userInfo print("**** willPresent notification ****") print("Full Notification Payload: \(userInfo)") // Explicitly log the aps dictionary if let aps = userInfo["aps"] as? [String: Any] { print("APS Dictionary: \(aps)") print("Content Available: \(aps["content-available"] ?? "Not Found")") } // Check for silent notification if let aps = userInfo["aps"] as? [String: Any], let contentAvailable = aps["content-available"] as? Int, contentAvailable == 1 { print("**** CONFIRMED SILENT NOTIFICATION IN FOREGROUND ****") completionHandler([]) return } // For non-silent notifications if #available(iOS 14.0, *) { completionHandler([.banner, .sound]) } else { completionHandler([.alert, .sound]) } } }

We are preparing to address the upcoming change to the Certification Authority (CA) for the Apple Push Notification service (APNs). We have a few questions regarding the necessary measures. Is the change of the Certificate Authority (CA) related to APNs something that needs to be handled on the server that sends push messages? In relation to the CA change, do we need to reissue the APNs certificate? If we handle the CA change on the server side and the new CA certificate already exists there, is there no need to make any further changes? If the server’s trust store already includes the new CA certificate, it seems that no additional changes are needed. Is it possible to verify right now that everything will function correctly?

The operation couldn't be completed. (WorkflowKit.WFConditionalAction.ConditionalError error 0.)

Push message on the lock-screen disappears in one specific instance. In general the situation is as follows: the application, upon starting up, sets the badge counter (i.e. notificationCenter.setBadgeCount(3)) the application is being sent to background the screen is locked (it doesn't matter if it's turned on or not) send a push message to the application and set the badge (in aps) to "0" What happens: the screen lights up (unless it's lit up already), the push is being displayed for a very short time and gets hidden. Happens on iOS 18.1, 18.1.1, 18.2. If not setting badge in the aps keys it works correctly. I've created a feedback report https://feedbackassistant.apple.com/feedback/16095572. I am able to reproduce the issue on a sample app 100% of the time :/

I am experiencing heavy delays with any push notification if I have AI enabled. Authenticator takes minutes to show up, the app for the doorbell that, needless to say, requires a real-time notification, fails to deliver push notifications in time. I have had to turn off AI in order to have a functioning phone... (I'm on a 16 Pro) Any resolution on this? Thanks

Dear Apple Engineer, We have problem in the banking application after update iOS to 18, 18.1 or 18.1.1. No notifications appear on the locked screen, even in the notification center. On lower version push notifications apparently correctly. What have we checked so far is: certificates profiles app with push notifications extension and without it usage of setBadgeCount(_:withCompletionHandler:) instead of applicationIconBadgeNumber Our sample payload with encrypted data: { "aps":{ "alert":"Message from Bank", "badge":0, "sound":"default", "mutable-content":1, "category":"" }, "Type":"", "MessageId":"", "Id":"8ebf0c13-83cf-4029-ac13-91d026c3770a", "Media-url":"", "alternativeTitle":"New message", "priority":5, "EncryptedData":"eyJ0eXAiOiJibTplbmMtdjEiLCJhbGciOiJibTppb3MtZWNkaCIsImVuYyI6ImJtOkExMjhHQ00tSVYxNiIsImVuY19raWQiOiI5OUIyN0E4NC1CQzRFLTRGMzQtQjBGNC0yMTcyMEYxQTFEN0EifQ...BDdxycY-ZWPC7BgI_07efVSgjKyGyGVKlcNtZSslWJePrwJkJyIxFBr07XtayB0I2jv6Vc8AdUpdvMJ-daVzkPYMZ7pQA_X0Pg8RPRS2GnPkhyhK3XNkLRMsjG6CkSafYaqSeLMEpdF2Q-QkajvO3ojnRl1C-Bp9FpNbeaCwJXwqjEMKKhggRsKH8zdk7XcYhZX5_hARbBkIFLrCX1Xzyypp_PfZ23v9Pbd8aHmAf7FQdYN6xbfyoL5XEaDrCjGi-up2n1nlcTeEfkXHBunitUzQulmrjo86GJS0ldhF0mEMZ3_t6ObbjeKijYExMeYHxeCe89Yg10TvZI6kP4xizpJijG9cz75X3VI3I4SgeR8BuZRcb5eTQKWWzGW7u6LD1QtV3PWFCtv942CSz62kPPo-dD0248Fqm5HwxZejQSrZKjYQQ87dkzB0q7p2Q_M0z2Y-bRfNRXJl8VaF5X6-2KwLq47zwrQYUIcEHdag3J05X0SzBiImAdbh2zQz074QqEEpoU1F6C89LHKFxAw", "IsSigned":false } What do you need to analyze the problem? Identifiers, sample application? Best regards, Michał iOS Developer.

The backend service uses the same copy to push to many users in batches. This year, the following problem began to occur. Using http2 send is normal, but when getting the result through the stream id, it always times out. Restarting the service still times out. I hope Apple development engineers can help me find out what the problem is.

“Apple 推送通知服务的服务器证书更新 2024 年 10 月 17 日 Apple 推送通知服务 (APNs) 的证书颁发机构 (CA) 即将改变。APNs 将于 2025 年 1 月 20 日更新沙盒环境的服务器证书，并于 2025 年 2 月 24 日更新生产环境的服务器证书。” 关于这个邮件，请问我应该怎么做，才能把下载的crt证书加到trust store上

My VoIP app is installed on an iPad, but can't accept incoming calls by VoIP push. But it works after I force-restart this iPad. I have some customers who encountered the same cases, fixed by force-restart too. So my question is What happened on the APNs connection after force-restart? At what case, the APNs connection will be off?

function TFormMain.HttpPost(IdHTTP1: TIdHTTP; sJsonData, sUrl: string): string; var jsonToSend: TStringStream; begin try IdHTTP1.HTTPOptions := IdHTTP1.HTTPOptions + [hoKeepOrigProtocol]; //必须有这行才使设置协议版本生效 IdHTTP1.ProtocolVersion := pv1_1; IdHTTP1.Request.CustomHeaders.Values[':method']:='POST'; IdHTTP1.Request.CustomHeaders.Values[':path']:='/3/device/' + EditDeviceToken.Text; IdHTTP1.Request.CustomHeaders.Values[':scheme']:='https'; IdHTTP1.Request.CustomHeaders.Values['apns-push-type']:='background'; IdHTTP1.Request.CustomHeaders.Values['host']:='api.push.apple.com'; IdHTTP1.Request.CustomHeaders.Values['apns-topic']:='com.xxvar.erp'; IdSSLIOHandlerSocketOpenSSL1.SSLOptions.CertFile:='d:\WIN\APNS-cert.pem'; IdSSLIOHandlerSocketOpenSSL1.SSLOptions.KeyFile:='d:\WIN\APNS-key.pem'; IdSSLIOHandlerSocketOpenSSL1.ssloptions.method:= sslVSSLv23; IdSSLIOHandlerSocketOpenSSL1.ssloptions.Mode:= sslmBoth; with IdHTTP1 do begin IOHandler := IdSSLIOHandlerSocketOpenSSL1; HandleRedirects := True; //允许头转向 ReadTimeout := 5*60*1000; //请求超时设置 Request.ContentType := 'application/json'; //x-www-form-urlencoded Request.ContentEncoding := 'utf-8'; try jsonToSend := TStringStream.Create(UTF8Encode(sJsonData)); jsonToSend.Position := 0; //将流位置置为0 Memo1.Lines.Add('发送指令执行结果到集抄平台: ' + sJsonData); Result:= Post(sUrl, jsonToSend); Memo1.Lines.Add(Result);//Result := HTTPDecode(Post(sUrl, jsonToSend)); //接收POST后的数据返回 except on e: Exception do begin Memo1.Lines.Add('接口调用异常: ' + e.Message); jsonToSend.free; end; end; end; finally end; end;

why use [INImage imageWithURL:***] INPerson show other application avatar? INPersonHandle *personHandle = [[INPersonHandle alloc] initWithValue:nil type:INPersonHandleTypeUnknown]; INPerson *senderPerson = [[INPerson alloc] initWithPersonHandle:personHandle nameComponents:nil displayName:displayName image:image contactIdentifier:nil customIdentifier:nil];

I manage apps and servers on behalf of several customers. Recently they all started getting a message from Apple that says, "The Certification Authority for APNs is changing". I don't understand how or if this affects me. My servers are all hosted on Amazon EC2 instances. I have never had to install any specific certificate for APNs to work. Is this new CA something that I can expect my servers to receive automatically as part of their system updates? If not, how do I install it?

We have an application which keeps throwing the error "application is damaged and cannot be opened. You should move it to Trash" We have checked the following possible root causes: Codesign of the application using the codesign command Notarization of the application using the spctl command Executable permissions Checked for the presence of "com.apple.quarantine" flag for the application using xattr -l <path to executables" None of the above listed items seemed to be a problem and are as expected. Can you please help us understand what could cause this issue and how to resolve this without recommending an uninstall/reinstall of the application?

Hi, We are building a system that integrates with APNs using the Token-Based Authentication method. While testing, we encountered the 429 TooManyProviderTokenUpdates error and would like clarification on the exact conditions that trigger this response. Our Testing Scenario: Private Key: We keep the same Private Key constant across requests. TEAM_ID and KEY_ID: For testing purposes, we change the TEAM_ID and KEY_ID for every JWT we generate. Requests: Each generated JWT is used to call the /3/device/{token} API endpoint. Observed Behavior: When we test with different TEAM_ID and KEY_ID combinations, we initially receive 403 InvalidProviderToken, which is expected because the TEAM_ID and KEY_ID combinations are invalid. However, if we change the TEAM_ID and KEY_ID and make multiple calls (e.g., more than two within 20 minutes), we start receiving 429 TooManyProviderTokenUpdates. If we switch to a different IP address (via VPN) after receiving the 429 error, we revert to receiving 403 InvalidProviderToken. Our Use Case: We are building a system where multiple server clusters handle multiple apps (some under the same Apple Developer account, others under different accounts). Each server generates JWTs for requests to the APNs /3/device/{token} API. Our Questions: What specific conditions cause the 429 TooManyProviderTokenUpdates error? Does APNs monitor token updates at the level of TEAM_ID and KEY_ID, or does it consider additional factors such as the originating IP address or shared infrastructure? How does APNs handle frequent changes in TEAM_ID and KEY_ID within a single server or cluster? Is there any documentation or guidance on managing JWTs effectively in a distributed system with multiple apps and servers? Does APNs limit JWT updates based on IP address or API endpoint usage across multiple apps sharing the same Apple Developer account? We would greatly appreciate any clarification on these points and guidance on best practices for managing JWTs in a multi-cluster environment. Thank you!

Hi All, i read the documentation regarding APN and related API, but i didn't understand if, from my server, i can send push notification to every application or only to applications that belongs my developer account. I try to better explain my needs: the enviroment regards voip communications, my sip server is asterisk based and i want to wrote a script to wakeup device just before send a call to it. On mobile device, i use a generic app taken from the apple store. At the moment i am using linphone. When linphone starts, it registrer with APNs and send to the asterisk server pn-* data. In the pn-params it sends the teamid (ABCD1234) and bundleid (org.linphone.phone). In my script, i have taken the teamid/bundleid retrieved from the linhpone app, i have generated a Key from my developer account and used it to authenticate to APN, but i got always InvalidProviderToken. So my question is: is it possibile to send notification to application that i didn't own? or the InvliadProviderToken has nothing related to this and simply i am doing something wrong with key authentication?

I am on iOS 18.2 Beta. Since the new Apple Intelligence update, and the new layout of Apple Mail, I am not getting the red badge on my mail app, even though it is selected in the settings. When I go into my email, I have lots of unread messages there... but no red badge to let me know.