I applied over a month ago and haven't heard back to the Apple Small Business Program. What should I do to speed things up?

We intend to sell in india markets. In india our tax compliance is GSTIN which is also highlighted in your "Provide tax information for alternative payment options" section. We will not be making any sale outside India and hence are not liable for any tax compliance or withholding of tax outside india. Please guide us on how we should fill the tax forms.

We install two in-house apps. The first app is installed using the standard in-house method, while the second app is installed via MDM commands. Both apps share the same Team ID and use Keychain sharing to exchange data. However, when the MDM profile is deleted and the second app is removed, the first app intermittently encounters issues and does not function properly. However, when the MDM mobileconfig is reinstalled and the second app is installed again, the first app that was not functioning starts working properly. We have thoroughly reviewed the logs but have not been able to find a solution. Your assistance would be greatly appreciated. We have extracted and attached the device logs that were generated during the error occurrence. log.log

Hi, Is there a method to hide individual items in System Settings that is not Deprecated? It needs some of the settings set and hidden for the end user. I found the DisabledSystemSettings key however it is marked as Deprecated and does not include all the new items, especially those related to Apple Intelligence. Is there any method other than “Restrictions” that does not hide and only set individual settings ? It needs to hide items in system settings :)

Last year I used the iOS Distribution Managed Certificate (Enterprise Program) to sign an App and to distribute it internally. The Cert is still valid until May 2026. But its associated Provisiong Profile (which is not visible in the Apple Portal, but within Xcode when you export your archive) expired last week. Until then it was impossible for me to somehow force renew the profile and that lead to the fact that my app was not usable for a day, because the renewal was done after the expiration of the old one. Whats the whole point of the managed signing if can't influence the provisioning update. To be clear: I don't speak about the certificate - just about the profile. Or am I using it wrong?

Hello All, I am currently attempting to get application config working with enterprise apps but it seems as though the asset config is not applying at all. While the asset and application install correctly it does not seem that the config is read at all judging from the status message returned. "StatusItems" : { "app" : { "managed" : { "list" : [ { "name" : "apps", "config-state" : { "app-config-state" : { "state" : "unknown" } }, "identifier" : "app.identifier", "version" : "3.2", "short-version" : "3.2.0", "state" : "managed", "declaration-identifier" : "dec-identifier" } ] } } }, "Errors" : [ ] } The asset file being sent down is as follows: <!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd"> <plist version="1.0"> <dict> <key>Config 1</key> <string>Value 1</string> <key>Config 2</key> <string>Value 2</string> <key>Config 3</key> <string>Value 3</string> </dict> </plist> This is the config report being sent back by the device after everything has been fetched: "StatusItems" : { "management" : { "declarations" : { "activations" : [ { "active" : true, "identifier" : "group.activation.payload", "valid" : "valid", "server-token" : "56792E4AE25C3286640B45E6BD265AE97545B2B87F90A6355919FD8B2E3C3AB3" } ], "configurations" : [ { "active" : true, "identifier" : "app.install", "valid" : "valid", "server-token" : "34D7ACECAE16EE9EEAC0630FF2FF85524FFBB5BA3CB18CFB6296FBC860368C85" }, { "active" : true, "identifier" : "ios.policy.subscription.list", "valid" : "valid", "server-token" : "376913E11BE7D26EC745B3B68C6FA94C4FC061B1B736D143EBE0F12FF73ADFF8" } ], "assets" : [ { "active" : true, "identifier" : "app.config.reference", "valid" : "valid", "server-token" : "1CFBE30EB56309005F742D667B80242E6A3CDC08ED228D0BC5F87749C6BBAB77" } ], "management" : [ ] } }, "app" : { "managed" : { "list" : [ { "state" : "downloading", "declaration-identifier" : "app.install", "identifier" : "app.identifier", "name" : "apps", "config-state" : { "app-config-state" : { "state" : "unknown" } } } ] } } }, "Errors" : [ ] } Additional info would be useful, though a sysdiagnosis will be submitted to feedback as well. Config did apply correctly when sending down through Install application command

Recently, we have encountered some users who have been unable to open the enterprise signature application after upgrading to version 18.3.2, without an IPS file. Through system logs, we found that signature verification has occurred SecKeyVerifySignature failed: Error Domain=NSOSStatusErrorDomain Code=-50 "rsa_pub_crypt failed, ccerr=-7" UserInfo={numberOfErrorsDeep=0, NSDescription=rsa_pub_crypt failed, ccerr=-7} Waiting for the information, I will provide the obtained system logs below. The application package name that crashed is com. mobile. moa aa.txt new

My company signed the application with enterprise certificate, the Provisioning Profile expired on March 20, 2025. Some iPhones didn't update the application before the expiration. We have update the Provisioning Profile and repackaged application. However, these iPhones still can't use the application after reinstalling the new ipa. After opening the application, the screen is blank and then flashes back without any error prompt. Restarting iPhone didn't help.

Hello Developers, We are encountering a consistent Kernel Panic issue on an iPhone device after sending a "Clear Passcode" command via our MDM solution. We're looking for insights or confirmation if others have experienced similar behavior. Device & Environment Details: Device: iPhone13,2 (iPhone 12 Pro) OS Version: iPhone OS 18.3.2 (Build 22D82) (Please note this appears to be a future/beta build identifier) Action Triggering Panic: Sending MDM ClearPasscode command. Roots Installed: 0 (Device is not jailbroken) Incident ID: 4B41C0AE-EE93-4051-BEE4-AB98438C10F0 Panic Log Summary: The kernel panic log clearly indicates the issue originates from the Secure Enclave Processor (SEP). The key panic string is: panic(cpu 3 caller 0xfffffff02357bc1c): SEP Panic: :sks /sks : 0x1000b15fc 0x0003ad60 0x0003ad44 0x100028698 0x10002cae4 0x10002a908 0x10002bc10 0x100045330 [hgggrhlvs] Panic app vers: 1827.80.10 Panic app UUID: 4C066E88-EB93-33C3-BCA7-C5F5474831CC ... Root task vers: AppleSEPOS-2772.80.2 Root task UUID: A39D6C5D-D07D-33EE-85A3-9105A8D93CE2 ... sks /sks 0x329cc/0x326e0/0x1314131413141314 ert/BOOT Use code with caution. The SEP Panic and reference to :sks /sks strongly suggest an issue within the Secure Key Store subsystem of the SEP. The panic occurred on CPU core 3. The kernel backtrace points to the com.apple.driver.AppleSEPManager kernel extension as the immediate caller in the main kernel that initiated the panic process after receiving the signal from the SEP. Analysis/Interpretation: Based on the log, it appears that the MDM ClearPasscode command, which necessarily interacts with the SEP's Secure Key Store via the AppleSEPManager driver, triggered an internal fault or bug within the SEP firmware (AppleSEPOS). This SEP-level panic subsequently caused the main iOS kernel to panic. Questions: Has anyone else encountered similar SEP panics, specifically involving the SKS subsystem, particularly after issuing MDM commands like ClearPasscode on iOS 18.x builds (especially 18.3.2 / 22D82)? Is this a known issue in this specific iOS/SEP firmware version? Are there any suggested workarounds for clearing passcodes via MDM on affected devices/OS versions, or any further diagnostic steps recommended? We appreciate any insights or shared experiences the community might have on this issue. Thank you.

Hi Team, After agreeing the Paid In-app purchase agreements, i have been asked to fill the tax forms of US Certificate of foreign status of beneficial owner and US substitute form W-8BEN-E. Being an Indian Ed-tech company, we would like to know how should we approach this. Any help or support page or video on this can make our life easier. Thanks Team ACEplus.

Hello, I am currently attempting to use declarative management to install enterprise application, however I am running into errors. Initially the device was failing to unpac the initial manifest it downloaded. After pulling logs from the device it was revealed that the manifest must include the bundle-version for it to parse as valid. Adding this has allowed for the ipa to be fetched from the server however there is a secondary issue. The application is on the device but is unable to be opened due to the device being unable to validate its integreti. Any additional information would be useful. For completion the working manifest will be pasted below. It should be noted that the manifest below does work when requesting application installs through MDM commands. <***> <items type="array"> <dict> <assets type="array"> <dict> <kind type="string">software-package</kind> <url type="string">https://domain/web/mdm/ios/enterpriseipa/bundle.id</url> </dict> </assets> <key type="dict" name="metadata"> <bundle-identifier type="string">bundle.id</bundle-identifier> <kind type="string">software</kind> <subtitle type="string">app</subtitle> <title type="string">app</title> <bundle-version type="string">x.x.x</bundle-version> </key> </dict> </items> </***> </plist>

Our organization is deploying passwordless authentication. Instead of using a password, employees must use the Microsoft Authenticator app to complete the login process. Unfortunately, employees with passwordless authentication can't complete the login on the Wi-Fi Captive portal with SAML authentication. The reason is that when an employee switches to the Microsoft Authenticator app, the Apple CNA (Apple Network Captive Assistant) disappears. As a result, the authentication process breaks. According to the https://developer.apple.com/news/?id=q78sq5rv source, iOS 14+ devices support the RFC-8908 standard. Unfortunately, we couldn't find a reliable source on how this feature works on iOS devices. The question is: Is it possible to automatically forward Wi-Fi clients to the SAML authentication portal in the default browser app (for example, Safari) after connecting an employee to Wi-Fi?

Hi I am trying to develop Apple MDM solution as a vendor. I got the Vendor certificate from apple developer portal. When I was trying to generate the csr and upload to Portal (https://identity.apple.com/pushcert/) It says Invalid Certificate Signing Request. I had also tried to follow documentation (https://developer.apple.com/documentation/devicemanagement/setting-up-push-notifications-for-your-mdm-customers) but still the same error. Can anyone please guide how to generate the csr.

We have an office application used internally within our enterprise. The Provisioning Profiles (PP) for the app were about to expire, so we updated the PP and released a new version. However, we've encountered an issue where some users did not update their phones in time. After the app expired, they found it unusable and downloaded the new version, but the newly downloaded app also crashes on launch. Restarting the phone does not resolve the issue, and this primarily occurs on iOS 18.3.2. What could be the cause of this problem, and how should we address it?

We have an office application used internally within our enterprise. The Provisioning Profiles (PP) for the app were about to expire, so we updated the PP and released a new version. However, we've encountered an issue where some users did not update their phones in time. After the app expired, they found it unusable and downloaded the new version, but the newly downloaded app also crashes on launch. Restarting the phone does not resolve the issue, and this primarily occurs on iOS 18.3.2. What could be the cause of this problem, and how should we address it?

VPP API v2 returns 9609 "Unable to find the registered user." when I disassociate assets from an existing user. Repro step: 1. Create user POST https://vpp.itunes.apple.com/mdm/v2/users/create { "users": [ { "clientUserId": "client-1", "managedAppleId": "valid managed apple id" } ] } => user is associated 2. Retire user POST https://vpp.itunes.apple.com/mdm/v2/users/retire { "users": [ { "clientUserId": "client-1" } ] } => user is retired 3. Recreate user with the same clientUserId POST https://vpp.itunes.apple.com/mdm/v2/users/create { "users": [ { "clientUserId": "client-1", "managedAppleId": "valid managed apple id" } ] } => user is associated 4. Associate asset POST https://vpp.itunes.apple.com/mdm/v2/assets/associate { "assets": [ { "adamId": "408709785" } ], "clientUserIds": [ "client-1" ] } => asset associated 5. Disassociate asset POST https://vpp.itunes.apple.com/mdm/v2/assets/disassociate { "assets": [ { "adamId": "408709785" } ], "clientUserIds": [ "client-1" ] } => {"errorNumber":9609,"errorMessage":"Unable to find the registered user."} Notes associate API works fine with the same payload. disassociate work with v1 API.

Recently, we have encountered some users who have been unable to open the enterprise signature application after upgrading to version 18.3.2, without an IPS file. Through system logs, we found that signature verification has occurred SecKeyVerifySignature failed: Error Domain=NSOSStatusErrorDomain Code=-50 "rsa_pub_crypt failed, ccerr=-7" UserInfo={numberOfErrorsDeep=0, NSDescription=rsa_pub_crypt failed, ccerr=-7} Waiting for the information, I will provide the obtained system logs below. The application package name that crashed is com. mobile. moonew

I found a new Payload attribute LegacyAppConfigAssetReference in AppManaged introduced in iOs 18.4 beta. So I tried it, however no configuration is discoverted in the installed app. -- configuration { "Identifier": "8c2af0b6-5ae0-5927-a1cd-bab5e4148bb8", "Type": "com.apple.configuration.app.managed", "Payload": { "InstallBehavior": { "Install": "Required", "License": { "Assignment": "Device", "VPPType": "Device" } }, "AppStoreID": "535886823", "LegacyAppConfigAssetReference": "ac35558f-aefc-5faf-8f64-1faaff993b96" }, "ServerToken": "2abdc89492d89ca1a213ca61318ae0651c2b8de660c2847a44a3fb8ad9d9a8ad" } -- declaration/asset/ac35558f-aefc-5faf-8f64-1faaff993b96 { "Identifier": "ac35558f-aefc-5faf-8f64-1faaff993b96", "Type": "com.apple.asset.data", "Payload": { "Reference": { "DataURL": "https://i3-oreore-ios-mdm.azurewebsites.net/asset_files/eyJpZCI6IjNkOTg2YWVjNzQ1MWJiYWZlZjJmZGU1NmZmYmJlYjdkLnBsaXN0Iiwic3RvcmFnZSI6InN0b3JlIiwibWV0YWRhdGEiOnsiZmlsZW5hbWUiOiJFbmNvZGVkQ2hyb21lUG9saWN5RXhhbXBsZS5wbGlzdCIsInNpemUiOjMyMjUsIm1pbWVfdHlwZSI6ImFwcGxpY2F0aW9uL29jdGV0LXN0cmVhbSJ9fQ", "ContentType": "application/plist" } }, "ServerToken": "7433f7c0c991a1943636ff7bd8949e88738c684ecbde347ac8a9c5b5c19dda14" } -- And the data type of the managed app configuration is application/plist http https://i3-oreore-ios-mdm.azurewebsites.net/asset_files/eyJpZCI6IjNkOTg2YWVjNzQ1MWJiYWZlZjJmZGU1NmZmYmJlYjdkLnBsaXN0Iiwic3RvcmFnZSI6InN0b3JlIiwibWV0YWRhdGEiOnsiZmlsZW5hbWUiOiJFbmNvZGVkQ2hyb21lUG9saWN5RXhhbXBsZS5wbGlzdCIsInNpemUiOjMyMjUsIm1pbWVfdHlwZSI6ImFwcGxpY2F0aW9uL29jdGV0LXN0cmVhbSJ9fQ HTTP/1.1 200 OK Accept-Ranges: bytes Cache-Control: max-age=31536000 Content-Length: 3225 Content-Type: application/plist Date: Tue, 18 Mar 2025 22:59:40 GMT X-Content-Type-Options: nosniff <?xml version="1.0" encoding="UTF-8"?> <!DOCTYPE plist PUBLIC '-//Apple//DTD PLIST 1.0//EN' 'http://www.apple.com/DTDs/PropertyList-1.0.dtd'> <plist version="1.0"> <dict> <key>EncodedChromePolicy</key> <string>PD94bWwgdmVyc2lvbj0iMS4wIiA/PjwhRE9DVFlQRSBwbGlzdCAgUFVCTElDICctLy9BcHBsZS8vRFREIFBMSVNUIDEuMC8vRU4nICAnaHR0cDovL3d3dy5hcHBsZS5jb20vRFREcy9Qcm9wZXJ0eUxpc3QtMS4wLmR0ZCc+PHBsaXN0IHZlcnNpb249IjEuMCI+PGRpY3Q+PGtleT5BdXRvRmlsbEVuYWJsZWQ8L2tleT48ZmFsc2UvPjxrZXk+Q29va2llc0FsbG93ZWRGb3JVcmxzPC9rZXk+PGFycmF5PjxzdHJpbmc+aHR0cDovL3d3dy5leGFtcGxlLmNvbTwvc3RyaW5nPjxzdHJpbmc+WyouXWV4YW1wbGUuZWR1PC9zdHJpbmc+PC9hcnJheT48a2V5PkNvb2tpZXNCbG9ja2VkRm9yVXJsczwva2V5PjxhcnJheT48c3RyaW5nPmh0dHA6Ly93d3cuZXhhbXBsZS5jb208L3N0cmluZz48c3RyaW5nPlsqLl1leGFtcGxlLmVkdTwvc3RyaW5nPjwvYXJyYXk+PGtleT5Db29raWVzU2Vzc2lvbk9ubHlGb3JVcmxzPC9rZXk+PGFycmF5PjxzdHJpbmc+aHR0cDovL3d3dy5leGFtcGxlLmNvbTwvc3RyaW5nPjxzdHJpbmc+WyouXWV4YW1wbGUuZWR1PC9zdHJpbmc+PC9hcnJheT48a2V5PkRlZmF1bHRDb29raWVzU2V0dGluZzwva2V5PjxpbnRlZ2VyPjE8L2ludGVnZXI+PGtleT5EZWZhdWx0UG9wdXBzU2V0dGluZzwva2V5PjxpbnRlZ2VyPjE8L2ludGVnZXI+PGtleT5EZWZhdWx0U2VhcmNoUHJvdmlkZXJFbmFibGVkPC9rZXk+PHRydWUvPjxrZXk+RGVmYXVsdFNlYXJjaFByb3ZpZGVyS2V5d29yZDwva2V5PjxzdHJpbmc+bWlzPC9zdHJpbmc+PGtleT5EZWZhdWx0U2VhcmNoUHJvdmlkZXJOYW1lPC9rZXk+PHN0cmluZz5NeSBJbnRyYW5ldCBTZWFyY2g8L3N0cmluZz48a2V5PkRlZmF1bHRTZWFyY2hQcm92aWRlclNlYXJjaFVSTDwva2V5PjxzdHJpbmc+aHR0cDovL3NlYXJjaC5teS5jb21wYW55L3NlYXJjaD9xPXtzZWFyY2hUZXJtc308L3N0cmluZz48a2V5Pk1hbmFnZWRCb29rbWFya3M8L2tleT48YXJyYXk+PGRpY3Q+PGtleT5uYW1lPC9rZXk+PHN0cmluZz5Hb29nbGU8L3N0cmluZz48a2V5PnVybDwva2V5PjxzdHJpbmc+Z29vZ2xlLmNvbTwvc3RyaW5nPjwvZGljdD48ZGljdD48a2V5Pm5hbWU8L2tleT48c3RyaW5nPllvdXR1YmU8L3N0cmluZz48a2V5PnVybDwva2V5PjxzdHJpbmc+eW91dHViZS5jb208L3N0cmluZz48L2RpY3Q+PC9hcnJheT48a2V5PlBhc3N3b3JkTWFuYWdlckVuYWJsZWQ8L2tleT48dHJ1ZS8+PGtleT5Qb3B1cHNBbGxvd2VkRm9yVXJsczwva2V5PjxhcnJheT48c3RyaW5nPmh0dHA6Ly93d3cuZXhhbXBsZS5jb208L3N0cmluZz48c3RyaW5nPlsqLl1leGFtcGxlLmVkdTwvc3RyaW5nPjwvYXJyYXk+PGtleT5Qb3B1cHNCbG9ja2VkRm9yVXJsczwva2V5PjxhcnJheT48c3RyaW5nPmh0dHA6Ly93d3cuZXhhbXBsZS5jb208L3N0cmluZz48c3RyaW5nPlsqLl1leGFtcGxlLmVkdTwvc3RyaW5nPjwvYXJyYXk+PGtleT5Qcm94eUJ5cGFzc0xpc3Q8L2tleT48c3RyaW5nPmh0dHA6Ly93d3cuZXhhbXBsZTEuY29tLGh0dHA6Ly93d3cuZXhhbXBsZTIuY29tLGh0dHA6Ly9pbnRlcm5hbHNpdGUvPC9zdHJpbmc+PGtleT5Qcm94eU1vZGU8L2tleT48c3RyaW5nPmRpcmVjdDwvc3RyaW5nPjxrZXk+UHJveHlQYWNVcmw8L2tleT48c3RyaW5nPmh0dHA6Ly9pbnRlcm5hbC5zaXRlL2V4YW1wbGUucGFjPC9zdHJpbmc+PGtleT5Qcm94eVNlcnZlcjwva2V5PjxzdHJpbmc+MTIzLjEyMy4xMjMuMTIzOjgwODA8L3N0cmluZz48a2V5PlNlYXJjaFN1Z2dlc3RFbmFibGVkPC9rZXk+PHRydWUvPjxrZXk+VHJhbnNsYXRlRW5hYmxlZDwva2V5Pjx0cnVlLz48a2V5PlVSTEJsYWNrbGlzdDwva2V5PjxhcnJheT48c3RyaW5nPmV4YW1wbGUuY29tPC9zdHJpbmc+PHN0cmluZz5odHRwczovL3NzbC5zZXJ2ZXIuY29tPC9zdHJpbmc+PHN0cmluZz5ob3N0aW5nLmNvbS9iYWRfcGF0aDwvc3RyaW5nPjxzdHJpbmc+aHR0cDovL3NlcnZlcjo4MDgwL3BhdGg8L3N0cmluZz48c3RyaW5nPi5leGFjdC5ob3N0bmFtZS5jb208L3N0cmluZz48L2FycmF5PjxrZXk+VVJMV2hpdGVsaXN0PC9rZXk+PGFycmF5PjxzdHJpbmc+ZXhhbXBsZS5jb208L3N0cmluZz48c3RyaW5nPmh0dHBzOi8vc3NsLnNlcnZlci5jb208L3N0cmluZz48c3RyaW5nPmhvc3RpbmcuY29tL2JhZF9wYXRoPC9zdHJpbmc+PHN0cmluZz5odHRwOi8vc2VydmVyOjgwODAvcGF0aDwvc3RyaW5nPjxzdHJpbmc+LmV4YWN0Lmhvc3RuYW1lLmNvbTwvc3RyaW5nPjwvYXJyYXk+PC9kaWN0PjwvcGxpc3Q+</string> </dict> </plist> Please note that this example plist is the same content as is described here: https://www.chromium.org/administrators/ios-mdm-policy-format/ After applying the declaration, the app GoogleChrome is successfully installed but no managed app configuration seems applied. MDMAppManagement.plist in the sysdiagnose is like below: plutil -p logs/MCState/Shared/MDMAppManagement.plist { "metadataByBundleID" => { "com.google.chrome.ios" => { "Attributes" => { "Removable" => 0 } "flags" => 1 "source" => "Declarative Device Management" "state" => 7 } "com.microsoft.skype.teams" => { "Attributes" => { "Removable" => 0 } "flags" => 1 "source" => "Declarative Device Management" "state" => 7 } } } I also tried with our private apps and not applied... How can we use this feature or check the configuration is applied? Thank you,

In the RequestRequiresNetworkTether property, the definition of “network-tethered” is unclear, and there seems to be a discrepancy between the actual behavior and the description in the documentation. We would like to clarify the definition of the connection state that “network-tethered” means and the specific behavior requirements when the property is set to true. Explanation of the document The description “If true, the device must be network-tethered to run the command. I was not sure whether it refers to “network connection” or “tethered communication” as the Japanese translation. Actual operation verification results The error message was “The device is not tethered. (MDMErrorDomain:12081)”. Error occurs when only carrier communication is used The following connection conditions work normally (as in the case of false) Wifi communication Combination of carrier communication and Wifi communication Tethering communication Combination of carrier communication and tethering communication Tethering connection (both parent and child devices) Inconsistencies Although the document description could be interpreted as a simple network connection requirement, actual operation is limited only to carrier communications alone Error message uses language regarding tethering, but actual tethering connection works fine

Hi,team: I need to distribute an mdm configuration file containing the "ServiceManagementManagedLoginItems" service to a large number of company-supervised computers, where com.apple.servicemanagement only supports macOS 13.0+. However, I cannot effectively distinguish whether the device system where the mdm configuration file needs to be installed is greater than 13. Can I directly install the mdm configuration file on all devices? Will installing the mdm configuration file on devices less than 13 have any impact on the system or other configuration items in mdm? The description link of ServiceManagementManagedLoginItems is: https://developer.apple.com/documentation/devicemanagement/servicemanagementmanagedloginitems