I am developing an MDM solution. I have successfully installed profile on the device. Checked in the device on the server and got PushMagic and Token as PUT messages.
Now I am sending MDM payload before sending the command, but the device is not polling for the command as I can see in the IPCU console. How can I test if the payload is getting to the APNS server and if the APNS server is sending the push notification to the device? Is there any status code I get after sending the message to APNS? What is the correct length of the Token(I am getting 44 characters, and I am doubtful about the integrity of that).
Related
I'm currently implementing push notifications from our backend server to our app (macOS Catalina & iOS - same code base), using Apple Push Notifications & the token based way of authentication (generating JWT from keyId, teamId, ... & signing it with the private key generated in the Apple developer console) to send pushes to APN service.
The problem I am facing is that I can successfully send "alert" notifications (status 200, with header apns-push-type: alert) and receive them on my iOS and MacOS device (the push notifications appear successfully in production and sandbox mode) but for some reason, "silent" pushes (with header apns-push-type: background) are only received on my iOS device (iPhone), but not on my Mac (didReceiveRemoteNotification(...) in AppDelegate is never called).
What I have done so far:
Made sure APN request header is correctly configured for silent push: apns-push-type: background
Made sure to have the correct APN topic header: apns-topic: my.bundle.id (this is different for sandbox/production)
Added the "semi-required" priority header: apns-priority: 5 (only when delivering background pushes)
Verified that the created JWT is valid and used in the APN auth header: authorization: mytoken (this must be the case, otherwise APN service would not respond with status 200)
Confirmed that my application has the correct entitlements & capabilities defined in Xcode (my reasoning: this must be the case, otherwise 'alert' push notifications would also not work)
Double checked that push notifications for the Mac app are allowed/enabled (checked system settings)
Made sure the device token im sending the push to is actually from the device intended to receive the push (e.g. my MacBook)
Checked that the private key I'm using to sign the JWT has the APN capability
Tested while the Mac app is running but not in focus & also when in focus
The APNs requests I am performing to send the push are:
Sandbox: POST https://api.sandbox.push.apple.com/3/device/{deviceToken}
Production: POST https://api.push.apple.com/3/device/{deviceToken}
The payload (JSON) I'm sending to APN service in the request body looks as follows:
{
"aps": {
"content-available": 1 # defines push as "silent"
},
"data": { #some key-value pairs here }
}
In any case (both production & sandbox, both with the device token of iOS and macOS), my request to APN returns with a status code 200. My MacBook is running Catalina 10.15.3. What am I possibly doing wrong here or is that something that is simply not supported for Catalyst apps?
Wow doozy question. I'm reasonably familiar with APNs headaches but something popped out at me from the latest docs:
Additionally, the notification’s POST request should contain the
apns-push-type header field with a value of background, and the
apns-priority field with a value of 5. The APNs server requires the
apns-push-type field when sending push notifications to Apple Watch,
and recommends it for all platforms. For more information, see Create
and Send a POST Request to APNs.
Does the priority 5 thing make a difference?
Also my usually attempt to fix these problems is to test in an archive as opposed to an Xcode build. AFAIK the prod push server can only send to App Store, ad-hoc, enterprise, or testflight builds, so if you're just building from Xcode I don't think you'd get any push notifications with production apns.
I know it's duplicate question , Existing solutions are not working for me, I tried all of them almost now.
What I have done so far.
1) MDM profile is getting installed on Device.
2) I am able to receive Push notification token and push magic string on my localhost server.
My Server and client environment is
1) Server side, I am using Rails, Self signed SSL certificate is used, for Localhost Environment.
2) iOS 10.3 is client side, Device is connected in LAN, MDM profile installation working fine.
References I am following.
To Create MDM payload, and push notification certificate
To Send notification on device, Rails Gem
Source Code for sending notification to device is
apns_p12 = File.read('my_cert.p12')
token = '[device token string]'
payload = { mdm: '[push magic string]' }
AppleShove.notify p12: apns_p12, device_token:token, payload:payload, expiration_date: Time.now + 60*60, priority:5
when above code executes, we receive the response, notification is sent to the device and delivered, but the device never request our server to pull new configuration
Note-
I am able to download certificate from https://identity.apple.com/pushcert/
Once I used only .p12 of downloaded certificate from identity.apple.com.
Once I used of downloaded certificate from identity.apple.com.
Once I used, cat CustomerCompanyName.pem PlainKey.pem > PlainCert.pem , with passphrase and without passphrase.
I currently have an application that sends push notifications to APNS, if I run this application locally on my computer (where i do my development) it sends the push notification without any error, however once i put the application on my linux server the exact same code with same device tokens fails to send and receives a "BadDeviceToken" error from APNS.
What would cause me to get this error on my server but not on my local computer? The .p12 certificate I have on my server is taken from my development APNS cert in my keychain on my local computer.
Any suggestions would be very helpful!
So I didn't realise that using Test flight actually requires production apps certificates.
Changed to using them and it all worked, apple should really have a different error message for that case so people don't spend all that time debugging the device token...
After reading and searching, apple MDM client - MDM server interaction seems to be:
When Server wants do sth on devices, it sends a notify to APNS (with device token & AppID for APNS to know which devices and application need to receive notification).
APNS send notify to provided app on provided device
when receive notify from APNS, Apple-MDM-client will connect to server, get command and do the command task on devices.
My questions are:
The application that registered for APNS is my application (MY_APP, not Apple-MDM-client). That means the one which receive notification is my MY_APP. Then how Apple-MDM-client know about the notification in order to connect to MDM server?
The solution can be: MY_APP receive notification, then connect to server, get command and push received commands to Apple-MDM-client, tell Apple-MDM-client do the task. If this approach is correct, how MY_APP can communicate to Apple-MDM-client?
There must be API for that purpose but I can not find it via google...
Please take a look at my answer for your original question:
How does MDM in IOS really work?
MDM is clientless protocol. Your MY_APP is not involved in MDM protocol.
What happens is:
Your server send push notification using device token, topic and PushMagic.
This is a little bit unusual push notification, because you don't specify AppID
(Check "Structure of MDM Messages" section in the MDM documentation
This push message goes directly built-in MDM client
MDM client will go and talk to server (to get new commands)
As you can see your app isn't involved in MDM at all.
I would like to enforce Victors answer(because answers to Apple's MDM are so few on the internet)!
Again, in MDM protocol the is no application that has to subscribe to Apple's push notification service, the iOS is the client here. He will be dealing with handling the requests from APNS, but for this to happen the device must have a special kind of configuration profile installed, named an enrollment profile, which is like a normal configuration profile with two payloads in it: an MDM payload, and a Certificate payload, and thats it! After the user install is, the iOS client is ready to receive requests from APNS.
Hi my team is implementing IOS MDM. We have Enterprise license. We are able to send payloads and commands to the iOS device.We are receving result from IOS Device.But while send the push notification it is not performing any thing. Even in IPCU log also no issues are showing.
We are using JavaPNS for sending push notification.Almost every thing we implemented in IOS MDM except push notification.
But when i install IOS application and sending push notification using JavaPNS it is showing push notification.
1) is it possible to send push notification for IOS MDM services ?.
2)Can we send push notifications without installing IOS application on the IOS device.
Any advice would be appreciated.
We are able to send payloads and commands to the iOS device.We are
receving result from IOS Device.
How do you send payloads and commands to iOS device? Are you sending them through MDM?
If so, the only way to let device get new commands, profiles from a server is to send "wake up" oush notification through APNS.
But while send the push notification it is not performing any thing.
That's where I got confused. In the case, if it doesn't do anything, device will never contact back a server and it will never receive commands. However, you said that it does.
But when i install IOS application and sending push notification using JavaPNS it is showing push >notification.
I believe this is your problem - confusion with terminology.
MDM protocol doesn't require any iOS application to be installed. iOS operation system has mdm agent built in. As soon as you configured MDM (installed MDM payload) and a device received "wake up" push notification (through APNS) then MDM agent will contact your server and request new commands.
On other hand, you can create some application (which has nothing to do with MDM) and send push notification to it.
The only common thing between this and MDM is push notification transport. However, the push notification message which is send for MDM purposes ("wake-up" message) and to applications ("badges", "sounds" , 'messages") are different.
Please, can you review your question and try to separate out what works and what doesn't.