Hello Apple Developer Community,
I'm experiencing a persistent issue with App Groups configuration for an iOS app extension that I can't resolve despite trying multiple approaches. I hope someone can help identify what I'm missing.
Problem Description I'm getting this error when trying to build my iOS App Extension:
Provisioning profile "iOS Team Provisioning Profile: com.idlrapp.Spleeft.SpleeftDataSaver" doesn't include the com.apple.developer.app-groups entitlement.
My Setup Main App Bundle ID: com.idlrapp.Spleeft Extension Bundle ID: com.idlrapp.Spleeft.SpleeftDataSaver App Group ID: group.com.idlrapp.spleeft.shared Extension Type: Action Extension (Share Sheet)
What I've Verified
- App Group Creation
✅ Created App Group group.com.idlrapp.spleeft.shared in Apple Developer Portal ✅ App Group shows as "Active" in the portal
- App ID Configuration
✅ Both App IDs (com.idlrapp.Spleeft and com.idlrapp.Spleeft.SpleeftDataSaver) have "App Groups" capability enabled ✅ Both App IDs are configured with the same App Group: group.com.idlrapp.spleeft.shared
- Entitlements Files
Main App (Spleeft.entitlements):
Extension (SpleeftDataSaver.entitlements):
- Xcode Configuration
✅ Both targets use "Automatically manage signing" ✅ Same Apple Developer Team selected for both ✅ App Groups capability shows correctly in Signing & Capabilities for both targets
The Issue When I examine the downloaded .mobileprovision file, I can see it contains:
However, Xcode expects to find:
What I've Tried Multiple regenerations of provisioning profiles:
Deleted all local provisioning profiles Toggled "Automatically manage signing" off/on Downloaded manual profiles from Developer Portal Verified App Group configuration:
Double-checked App Group exists and is active Confirmed both App IDs have App Groups capability enabled Verified App Group assignment in both App IDs Entitlements cleanup:
Ensured consistent App Group IDs across all files Removed duplicate/conflicting entries Clean builds and cache clearing:
Product → Clean Build Folder Derived Data deletion Xcode restart Key Observation The provisioning profile contains com.apple.security.application-groups (which appears to be macOS-style) but Xcode expects com.apple.developer.app-groups (iOS-style) for the App Extension.
The main app builds fine, but the extension consistently fails with this entitlement mismatch.
Questions Is there a known issue with App Groups entitlement generation for iOS App Extensions? Should the provisioning profile contain com.apple.developer.app-groups instead of com.apple.security.application-groups? Is there a way to force regeneration of provisioning profiles with the correct entitlements? Are there additional steps required for App Extensions that differ from main apps? Any guidance would be greatly appreciated. This is blocking our App Extension development and we've exhausted our troubleshooting options.
Environment:
Xcode: [Tu versión de Xcode] iOS Deployment Target: [Tu target] Developer Account: [Paid/Individual/Team] Thank you for your time and assistance.
Most folks who run into weird app group problems do so on the Mac, because app groups on the Mac are weird. See App Groups: macOS vs iOS: Working Towards Harmony.
App groups on iOS are straightforward. There’s a single style (group.xyz) with a single entitlement (com.apple.security.application-groups) whose values must be authorised by a provisioning profile.
It looks like you’re trying to use the com.apple.developer.app-groups entitlement. That’s just wrong, and your use of it explains the specific problem you’re hitting.
I suspect you’ve been manually editing (or letting an LLM edit) you’re .entitlements file. If you use Xcode’s Signing & Capabilities editor to set this up in both your app and appex, it’ll do the right thing.
Share and Enjoy
—
Quinn “The Eskimo!” @ Developer Technical Support @ Apple
let myEmail = "eskimo" + "1" + "@" + "apple.com"
