After reading and searching, apple MDM client - MDM server interaction seems to be:
When Server wants do sth on devices, it sends a notify to APNS (with device token & AppID for APNS to know which devices and application need to receive notification).
APNS send notify to provided app on provided device
when receive notify from APNS, Apple-MDM-client will connect to server, get command and do the command task on devices.
My questions are:
The application that registered for APNS is my application (MY_APP, not Apple-MDM-client). That means the one which receive notification is my MY_APP. Then how Apple-MDM-client know about the notification in order to connect to MDM server?
The solution can be: MY_APP receive notification, then connect to server, get command and push received commands to Apple-MDM-client, tell Apple-MDM-client do the task. If this approach is correct, how MY_APP can communicate to Apple-MDM-client?
There must be API for that purpose but I can not find it via google...
Please take a look at my answer for your original question:
How does MDM in IOS really work?
MDM is clientless protocol. Your MY_APP is not involved in MDM protocol.
What happens is:
Your server send push notification using device token, topic and PushMagic.
This is a little bit unusual push notification, because you don't specify AppID
(Check "Structure of MDM Messages" section in the MDM documentation
This push message goes directly built-in MDM client
MDM client will go and talk to server (to get new commands)
As you can see your app isn't involved in MDM at all.
I would like to enforce Victors answer(because answers to Apple's MDM are so few on the internet)!
Again, in MDM protocol the is no application that has to subscribe to Apple's push notification service, the iOS is the client here. He will be dealing with handling the requests from APNS, but for this to happen the device must have a special kind of configuration profile installed, named an enrollment profile, which is like a normal configuration profile with two payloads in it: an MDM payload, and a Certificate payload, and thats it! After the user install is, the iOS client is ready to receive requests from APNS.
Related
I am trying to determine what I need to do with respect to the combination of APNS endpoint (e.g., development or production), Xcode, and Apple Push certificates in order to test push notifications while in development. I feel like I've tried every possible combination, but I must be missing something ...
Background
When using Apple's HTTP/2 APNS endpoints from my "dispatch" server, my app/device does not receive pushes, and I receive a BadDeviceToken response from Apple.
Using the exact same .p12 certificate and deviceToken with the Pusher macOS testing app (which uses legacy APNS endpoints), the pushes successfully deliver.
To complicate this further ...
When using Apple's HTTP/2 APNS endpoints from my "dispatch" server for PassKit pushes, my pass/device does receive pushes.
So ...
Point #3 tells me that my "dispatch" server must be configured properly, because pushes to the Apple Wallet pass cause a response (e.g., I can see follow-on requests to my server's endpoints from the Wallet / the pass).
That said, Apple Wallet is a "Production" app. I suspect that, because my app (from Point #1) is non-production/development, something is different.
.
Question
Has anyone been able to successfully receive -- in Xcode -- push notifications sent to Apple's api.development.push.apple.com endpoint? Can you outline the steps you performed (which certificate from developers.apple.com, etc.)? Thank you!
You should be able to send development push from server:
You need to connect to api.development.push.apple.com:443 instead of api.push.apple.com:443. You can use production certificate for both.
Sending push to production server can not work with development builds - only with a build that is exported with AppStore configuration, but you can't debug those (at least not with Xcode)
If you need to check whether the production endpoint works, you can use testflight
Set development certificate from apple developer portal.
Use either production/test server for communicating with APNS.
Edit your target scheme as follows :
This will ensure that when push notification arrives, control will itself fall in the code. It might seem confusing. But here it is how it works :
- Install app on device and stop the Run process from Xcode.
- Place a breakpoint on didReceiveRemoteNotification.
- Send a push notification to device.
- Xcode will itself start the app and control will go to the above function.
The apple documentation mentions there is no restriction on multiple provider notifications servers to send push notification to iOS devices.
Is it possible, the same device token can be used in two different provider servers deployed in 2 different network,to send push notifications to same app at any moment.
Will Apple APNS, allow 2 different provider servers, use same device key to send notification from each to same app in one device?
Yes you can have multiple Gateways (SNS, Urban Airship, PushIO, etc.) connected to one platform provider (APNS, GCM, Amazon, etc.), the most important thing is the token/registration ID (specific to a device and an Application) and the certificate if you are using APNS.
Many people ask how the feedback sent by the platform provider is handled in this case.
Since feedback is idempotent, it should work without problem for different gateways; tokens saved on each Gateway can be handled in the backend application. If for example APNS sends a feedback to SNS saying that an endpoint is no longer valid (maybe because the user has uninstalled the Application), the token can directly be updated/removed from all the other Gateways. You can also leave it as it is and wait for the feedback sent by APNS to other gateways when they send notifications to the endpoint, and then update your endpoints list accordingly in those gateways.
The most important thing to note here is that feedback is idempotent, if SNS sends a push notification to an endpoint and receive a feedback, another gateway that sends a push notification to the same token will receive the same feedback.
This is my experience while working with APNS, this is like a checklist, before you start testing notification in any environment,
Certificates will decide server can connect to APN or not.
According to the certificate you have for ex. dev certificate or production
certificate, point to respective APNS sandbox.
Production Sandbox:-
Hostname: gateway.push.apple.com ,
Port: 2195
Development environment:-
Hostname: gateway.sandbox.push.apple.com ,
Port: 2195
There is no restriction that production certificate can be used in only one server or in only one network. The same production certificate can be used in multiple boxes or multiple networks to send notification to same app on a device.
Most important is checking Firewall is blocking connectivity from your network to APNS Dev or Production. So do a telnet to both production and dev environment APNS. The connection should not be blocked.
If firewall is blocking connectivity to APNS, the server code will throw "Connection Refused" or "Connection Closed" exception while sending push notification.
This is the most weird behavior I saw with APNS and certificate, because of which I lost 2-3 days. I experienced below depending upon the case,
Server is pointing to APNS Dev environment, certificate is
"Production", while sending notification to APNS, SOMETIMES
server will throw "Socket Closed Exception".
Server is pointing to APNS Dev environment, certificate is "Production", while sending notification to APNS, server logs says
notification sent to APNS, but device will not receive the
notification.
:) If you have done wrong configurations, you should be lucky to get "Socket Closed Exception".
If all the configurations are correct(for ex credentials, firewall), correct certificate and pointing to right APNS environment, the device will defiantly get a push notification. Push notification will work like a charm. It will be instant .
Hope this checklist will help in your implementation and sanity checks.
I am using message chat service in my application by service request and response. But problem is that when sender sending message to receiver end receiver did'nt get any notification about the send message.
Just tell me what is the best option to respond the notification to the receiver.
Can it possible without using apple push notification service.
Adding my answers below if someone comes later with the exact same question.
If app is in foreground and user is doing live chatting you can use any of the lightweight messaging protocol(like MQTT/XMPP) to notify about new message. In this case better to put message as a payload itself for instant messaging.
For reference you can check out sample code here how to do it with MQTT.
But you should debug why your notification is not working. There are few checkpoints I can see:
1) Check your device tokenId you are storing on your application server.(In case of APNS it should be of 64 char length).
2) Check if push notification is enabled for you application in apple developer member center.
3) Check your SSL certificate used by your application server is proper. here is the simple step by step guide to get SSL cert.
https://blog.applozic.com/get-your-apple-push-ssl-certificate-abebf1edb338#.v7xu5cn0k
4) Make sure your code signing cert type is matching with apple push SSL certificate.Like if you are signing your code with developer certificate, apple push ssl cert should be of development one (not distribution).
Hope this might help others.
APNS is not for CHAT Use XMPP or MQTT. for both you will require a server side implementation.
For XMPP you can use use XMPPFramework. and for MQTT you can use Mosquito.
first you have to seen the all properties of the push notification like token id is right or not. is your appid enable the push notification service or not.
I developed a web API for my mobile app use it.
This API was developed with Django, and I'm using the django-push-notifications lib to handle the push notifications.
The push notifications were working fine for all the devices, until it stopped working for few of them, which worked at some point, for no apparent reason.
I already debugged the server and I can see the messages being sent to APNS and on the correct format. Also reviewed the certificates, and all is working as it should. I'm using the production certificate sending to the appropriate server.
I'm sure that this is not a problem with certs, since some other phones receive the notifications.
Where should I start looking for the problem now?
Thanks.
They are not reliable! There is no guarantee that push notifications will actually be delivered, even if the APNS server accepted them.
As far as your server is concerned, push notifications are fire-and-forget; there is no way to find out what the status of a notification is after you’ve sent it to APNS. The delivery time may also vary, from seconds up to half an hour.
Also, the user’s iPhone may not be able to receive push notifications all the time. They could be on a WiFi network that does not allow connections to be made to APNS because the required ports are blocked. Or the phone could be turned off.
See this link
Are you sure that those some devices does't have a development version of app ?
Try to generate a combined p12 certificate of apn development certificate and apn production certificate , than try to call gateway.push.apple.com and gateway.sandbox.push.apple.com separately.
Am attempting to add push notifications to an application that I have created. I followed the apple guide and am able to register the device for post notifications receiving a devicetoken value from APNS. The trouble occurs when I attempt to send data to the APNS to send, I always have my connection refused.
The only thing that i have done that is non standard is that the private key for the push notification certificate was created by a non-team agent (but through the Team agents account). Does anyone know if the team agent has to generate the private key for the push notification?
If you are using Ad Hoc prov. profile, don't use sandbox apns, use the production server.
Both team agents and admins should have their private keys on their machines, they should be able to create the necessary certificates.
Is there a reason that you want to setup your own push notification server? You can just use Urbanairship which provides free push notification services.
If you still need to set up your own server, info on generating your certificates can be found here. Make sure that you're connecting to the right push server on Apple's side. There are different server's for debugging and production purposes.