iOS: p8 Token-Based Connection to APNs

Step-by-step guide for creating a iOS / macOS .p8 Authentication Key

An authenticated connection to APNs is required to send push notifications to all iOS mobile apps. You only need to use one authentication method, either token-based (.p8) or certificate-based (.p12).

Step 1. Requirements

Step 2. Generate a new p8 key

Log in to your Paid Apple Developer Account and navigate to Certificates, Identifiers & Profiles -> Keys and select the Blue + button.

2616

Apple Developer Account - Keys Page

Select Apple Push Notifications service (APNs), and enter a name for the key.

2622

Apple Developer Account - Register a New Key Page. Select APNs.

Select Continue and on the next page, select Register.

Download your new key and save it in a secure place. You can only download it once, so don't lose it. Then, click Done and you will have a new key.

🚧

Previous Token Revokation

You can have up to two .p8 keys in your Apple account. If you need to generate a third key, you will need to revoke one of your existing keys and it can no longer be used.

Note: .p8 keys are in the “keys” section of the Apple developer account and the .p12 certificates are under “certificates”. In your Apple account, you can only have two .p8 keys, but you can have both active .p12s and .p8s.

Step 3. Upload Your Push Key to OneSignal

In the OneSignal dashboard, select your app, then go to Settings.

Select Apple iOS.

2634

OneSignal Platform Settings Page

Select the .p8 file you downloaded. You will also need:

  • 10-character string Key ID - This is the unique identifier for the authentication key. You can find this in the keys section of your Apple developer account.
  • Key ID - This is the unique identifier for the authentication key. You can find your Key ID in the keys section of your Apple developer account.
  • Team ID - A Team ID is generated by Apple for your developer account.
  • App Bundle ID - A Bundle ID identifies your app in the Apple ecosystem. You can find your Bundle ID in the app information section of your Apple developer account.

Click Save & Continue.

3080

Apple iOS (APNs) Configuration Page for uploading your .p8 file to OneSignal.

👍

Done!

You should be finished generating your iOS Authentication Key and uploading it to OneSignal.

Provisioning Profiles

Usually Required for Cordova, Ionic, and GoNative.

Skip this step if you have selected "Automatically manage signing" in Xcode.

1005

Xcode - Select "Automatically manage signing"

If you did not select "Automatically manage signing", then follow these steps.

Create Your Profile

Go to your Apple Developer Account > Certificates, Identifiers & Profiles > Profiles.

1240

Apple Developer Account > Certificates, Identifiers & Profiles > Profiles

Next, find any existing profiles for your app and remove them if they do not have App Groups and Push Notifications in Enabled Capabilities:

1193

Apple Developer Account > Certificates, Identifiers & Profiles > Profiles > Select a specific profile

Create a new Profile by pressing the "+" button

1287

Apple Developer Account > Certificates, Identifiers & Profiles > Profiles > Add a new profile

Select the type of profile you need to create and press Continue.

1300

Adding a new profile in your Apple Developer Account

Search for your App ID, if you do not see your App ID, check the Create Your Identifier step above.

Then press Continue.

1274

Adding a new profile in your Apple Developer Account

Select the Development or Distribution Certificate to associate with the Profile. Then click Continue.

1274

Adding a new profile in your Apple Developer Account

Name your Provisioning Profile.

🚧

Best Practices

When creating a new profile, make sure to enter a unique name in the "Provisioning Profile Name:" field.

For example, if you are creating an Ad-Hoc Provisioning Profile to test push notifications with a Production Push Token .p8 file. Use the format AppName_AdHoc so you know the app and type of profile that it is.

Select Generate.

1234

On the last page Download your profile.

Re-sync your Developer Account in Xcode by going to Xcode > Preferences... then click on the "View Details..." button. Then click the refresh button on the bottom left of the popup. See Apple's documentation for more detailed instructions.

Make sure you pick your new provisioning profile from Build Settings > Code Signing > Provisioning Profile in Xcode.

If you have any concerns about switching from a .p12 certificate to a .p8 key with OneSignal, or if you have any issues uploading your files, please contact our Support Team.