https://developer.apple.com/forums/topics/privacy-and-security Prioritize user privacy and data security in your app. Discuss best practices for data handling, user consent, and security measures to protect user information. https://developer.apple.com/forums/thread/763612 Apple is Delaying the Review of a Critical iOS 17 Vulnerability to Avoid Official Acceptance and Bounty Payment Hamed Hamedi, a security researcher, has revealed that Apple is prolonging the review process of a serious security vulnerability in the iCloud lock screen, which he discovered in iOS 17. According to Hamedi, he has submitted all the necessary evidence, including multiple videos and detailed explanations, to Apple's security team. However, despite the passage of time and providing precise information, Apple has been stalling the process by asking repetitive questions and requesting a... Thu, 12 Sep 2024 23:42:38 GMT Hamedfactorial https://developer.apple.com/forums/thread/763476 In macOS Sequoia, I want to open programmatically the Local Network pane in Settings > Privacy & Security. But I can't find the pane ID. Tue, 10 Sep 2024 13:19:19 GMT Vika https://developer.apple.com/forums/thread/763467 Does chaging TeamID, also chages identifierForVendor? Tue, 10 Sep 2024 09:02:47 GMT baygazin https://developer.apple.com/forums/thread/763437 Halo, I want to ask, i have an application. I get keychain value from i click apps launch but this case after i launch my apps keychain failed retrieve and my apps can't access this value after that the value change to nil. How to solve this problem ? Tue, 10 Sep 2024 03:07:21 GMT Arie1994 https://developer.apple.com/forums/thread/763332 Is it possible to run multiple instance of an app at the same time such that each instance is running in its own sandbox environment? For eg- Each app should have it's own ~/Library and other shared directories. Maybe something like chroot, but I am not sure it would be possible. And by sandbox I really mean isolation, not necessarily macOS App Sandbox. Sat, 07 Sep 2024 12:17:54 GMT nangalvivek https://developer.apple.com/forums/thread/763278 I am unable to create SecKey from serverPublic key. I get the below error Error Domain=NSOSStatusErrorDomain Code=-50 "EC public key creation from data failed" UserInfo={numberOfErrorsDeep=0, NSDescription=EC public key creation from data failed} My code looks like this so far. Not sure what is going wrong. let attributes: [String: Any] = [ kSecAttrKeyType as String: kSecAttrKeyTypeEC, kSecAttrKeyClass as String: kSecAttrKeyClassPublic, kSecAttrKeySizeInBits as String: 256 ] let serverP... Fri, 06 Sep 2024 00:24:06 GMT Raj856 https://developer.apple.com/forums/thread/763229 Hello. I recently transferred an app from my dev account to a different one. I'm trying to follow these instructions to generate transfer IDs, and am stuck on Step 1 (creating an access token). I keep getting {'error': 'invalid_client'}. Here's the python script I'm using to generate the access token: TEAM_ID = "..." KEY_ID = "..." KEY_FILE = "key.p8" CLIENT_ID = "com.myapp.bundle" def get_access_token() -> str: client_secret = get_client_secret() print(f"client secret: {client_secret}") url = "https://appleid.apple.com/auth/token" req_headers = {"Content-Type": "applicati... Wed, 04 Sep 2024 21:18:26 GMT sou17 https://developer.apple.com/forums/thread/763179 Hey all, I'm encountering persistent issues while attempting to migrate users for an app transfer using Sign In with Apple. I hope to get some insights or solutions from those who might have faced similar challenges. Context: We're transferring an app from one developer account to another. The app previously only had Sign In with Apple configured for iOS, not for web. We're now trying to set up the user migration process as part of the transfer. Current Setup: Old App Bundle ID: old.bundle.id24 Old Team ID: 123456789 New Team ID: 234567890 Issue: When attempting to generate transfer identifie... Tue, 03 Sep 2024 21:20:14 GMT dabudage https://developer.apple.com/forums/thread/763186 Hey all, I'm encountering persistent issues while attempting to migrate users for an app transfer using Sign In with Apple. I hope to get some insights or solutions from those who might have faced similar challenges. Context: We're transferring an app from one developer account to another. The app previously only had Sign In with Apple configured for iOS, not for web. We're now trying to set up the user migration process as part of the transfer. Current Setup: Old App Bundle ID: old.bundle.id24 Old Team ID: 123456789 New Team ID: 234567890 Issue: When attempting to generate transfer identifier... Tue, 03 Sep 2024 21:17:00 GMT polarstudios https://developer.apple.com/forums/thread/763171 "Sign in with Apple" logo - how to make personalized for MacOS using my customized logo for the specific application? Tue, 03 Sep 2024 13:31:53 GMT advancecoder56 https://developer.apple.com/forums/thread/763120 Hello Apple Developer, I have some questions regarding slow keychain access. We recently launched a product, and users with certain specific device models have reported slow performance. I'm not sure what's causing this issue and would appreciate your help in analyzing it.When using keychain groups, I didn’t specify a group, and on some devices, the queries are particularly slow. I'm unsure of the reason for this.I’m using kSecAttrTokenIDSecureEnclave, and each time I execute SecItemCopyMatching or SecItemDelete, the operation is particularly slow, taking around 2 seconds.It’s strange that whe... Mon, 02 Sep 2024 10:30:07 GMT Zning https://developer.apple.com/forums/thread/763119 I am trying to understand the mechanics of how iOS/iPadOS apps work on macs with Apple Silicon. In particular, I'd like to understand the runtime environment of these apps. I installed one to test it on a mac. I ran codesign --entitlements on a mac, on an iOS app downloaded form the mac app store. I was very surprised to see the sandbox entitement was NOT present. On iOS all apps are sandboxed, so I was very surprised to see that the macOS translation was not sandbox. This seems like a significant weakening of the security. Can anyone shed some light on that? Mon, 02 Sep 2024 10:07:45 GMT devfunshark https://developer.apple.com/forums/thread/763112 This is a continuation of https://developer.apple.com/forums/thread/760861 Still a mixed Qt/C++/ObjC app, developed with Qt Creator. The gist ist that I can call Sign in With Apple and authorise, but once the Authorisation Window/Panel goes away, the app is blocked. PBSigninWithApple:: PBSigninWithApple() { myImpl = [[PBSigninWithApple alloc] initWithOwner:this]; } - (id)initWithOwner:(PBSigninWithApple *) owner { self = [super init]; myOwnerSIWA = owner; ASAuthorizationAppleIDProvider *appleIDProvider = [ASAuthorizationAppleIDProvider new]; ASAuthorizationAppleIDRequest *request = appleIDPr... Mon, 02 Sep 2024 06:52:18 GMT Peter Bruells @CeWe https://developer.apple.com/forums/thread/763097 We did an app transfer in mid-August as part of our process to incorporate the business. We have approximately 100,000 users who have logged in with their Apple IDs, and as part of the transfer process, we followed the documentation below to transfer the account information. https://developer.apple.com/documentation/sign_in_with_apple/bringing_new_apps_and_users_into_your_team During the identifier exchange process, an invalid_request error occurred for approximately 10,000 users. https://developer.apple.com/documentation/sign_in_with_apple/bringing_new_apps_and_users_into_your_team#3559300 W... Mon, 02 Sep 2024 02:24:28 GMT banira https://developer.apple.com/forums/thread/763093 I am in the process of creating a multiplatform app with a shared code base using swiftUI for iOS and mac. This app has a widget extension target for both iOS and mac and a helper app for mac only. I am trying to share data and userdefaults between the main app and the widget extension for ios, and for the mac share data between the main app, widget extension and the helper app. I have setup an app group container to share data between all targets. However this is only working on iOS. The app group capability is not extended to macOS. I have been researching for weeks now and all the answers... Sun, 01 Sep 2024 19:33:27 GMT DejiApps https://developer.apple.com/forums/thread/763034 The user migration API (https://appleid.apple.com/auth/usermigrationinfo) is inconsistent when we call it with the correct parameters and tokens to retrieve new user subs/emails for users made under a previous Entity before completing an Entity Transfer: 65% of our requests return with no new sub or email and we receive an {'error': 'invalid_request', 'email_verified': False} response back from the API when sending it our transfer subs. 34% of our requests succeed in getting a sub but no new private relay email from the same API with the same parameters- isn't it always supposed to return an ... Fri, 30 Aug 2024 15:01:09 GMT str-ccoppoletti https://developer.apple.com/forums/thread/763029 How to install root trusted certificate via SSH ? I already read that SecTrustSettingsSetTrustSettings requires user interaction. That mean that it requires user login and password be entered. But is it possible to move that authetification to command line, outside UI session? I made a sample tool that try to do this. https://github.com/DanilKorotenko/certificateTool Accordingly to the documentation: https://developer.apple.com/library/archive/documentation/Security/Conceptual/authorization_concepts/02authconcepts/authconcepts.html#//apple_ref/doc/uid/TP30000995-CH205-CJBJBGAA If the timeout ... Fri, 30 Aug 2024 10:40:48 GMT DanilKorotenko https://developer.apple.com/forums/thread/763011 Hello, I'm developing an SDK that will allow iOS devices (iOS 13+) to connect to AWS IoT Core using Native C. The endpoint requires a mutual TLS handshake to connect. I have been able to successfully import a Certificate and Private Key into the keychain and generate a SecIdentityRef that combines the cert/key pair which I believe is necessary to establish a TCP TLS nw_connection. I've searched around and while I can find the individual pieces related to creating a TLS connection, I can't seem to find any that show how things go together. The goal would be to use nw_connection_create(endpoint... Thu, 29 Aug 2024 22:06:36 GMT SbsteveKim https://developer.apple.com/forums/thread/762984 In AuthorizationServices support for displayName exists in: class ASAuthorizationSecurityKeyPublicKeyCredentialProvider func createCredentialRegistrationRequest( challenge: Data, displayName: String, name: String, userID: Data ) -> ASAuthorizationSecurityKeyPublicKeyCredentialRegistrationRequest but is not supported in the corresponding class: class ASAuthorizationPlatformPublicKeyCredentialProvider func createCredentialRegistrationRequest( challenge: Data, name: String, userID: Data ) -> ASAuthorizationPlatformPublicKeyCredentialRegistrationRequest I was unde... Thu, 29 Aug 2024 18:16:24 GMT camc https://developer.apple.com/forums/thread/762996 I've created a p256 ec key in the SE, stored it in the keychain, and have a X.509 certificate for that key, now I want to create and store a SecIdentity item in the keychain on iOS. SecIdentityCreateWithCertificate is available on macOS only., so that is not an option. How am I supposed to create a SecIdentity without having that call available? Thu, 29 Aug 2024 14:42:58 GMT oschlueter