OneSignal Help & Documentation

Welcome to the OneSignal New IA developer hub. You'll find comprehensive guides and documentation to help you start working with OneSignal New IA as quickly as possible, as well as support if you get stuck. Let's jump right in!

Get Started    Discussions

Generate an iOS Push Certificate

Required for all iOS apps.

For Developers

The goals of this section are to provision your app with Apple and grant OneSignal access to manage your notifications.

Required For Setup

1. Provisioning

Option A: Try out our Automatic Provisioning Tool

Make sure your role for the team is Admin inside your Apple Developer account > Membership section. Otherwise you will not be able to use this tool.

Simply follow the directions on OneSignal's Provisionator Tool then continue to Step 4.

-- OR --

Option B: Create Certificate Request Manually

1.1 Open Keychain Access on your Mac OS X system. It may be located in "Applications" > "Utilities" > "Keychain Access"

1.2 Select "Keychain Access">"Certificate Assistant">"Request a Certificate From a Certificate Authority..."

1.3 Select the "Save to disk" option and enter your information in the required fields. This creates a certification request file that will be used later.

2. Enable Push Notifications and apply the Certification Request to generate Certificate

2.1 Select your Identifier in your Apple Developer Account -> Certificates, IDs & Profiles -> Identifiers

2.2 Scroll down to the bottom and enable Push Notifications, but do not click Edit.

2.3 Instead, go to Create a New Certificate by clicking the blue + button on Certificates and under Services select "Apple Push Notification service SSL (Sandbox & Production)" and click Continue.

This certificate will be applicable to both Sandbox and Production environments, so you do not need a separate key for each one.

2.4 Choose an App ID from the App ID pop-up menu, and click Continue.

2.5 Press "Choose File..", select the "CertSigningRequest" file you saved in step 1, press Open, then press Continue.

2.6 Press Download to save your certificate

3. Creating a Private Key

3.1 Open the .cer file you downloaded in the last step by double clicking on it in Finder.

3.2 After a few seconds the "Keychain Access" program should pop up. Select Login > My Certificates then right click on your key in the list and select "Export"

3.3 Give the file a unique name using the .p12 extension, and press save. You will have an option to protect the file with a password. If you add a password, you need to enter this same password on OneSignal.

4. Upload Your Push Certificate to OneSignal

If you haven't already, you should set up your OneSignal account.

4.1 Select your app from the All Apps page in OneSignal, then go to Settings and press the Apple iOS Settings.

4.2 Select the .p12 you exported along with a password if you added one and press Save.

Note: If you used the OneSignal Provisionator tool to create a .p12 file, a password was generated for you and is located next to the download button.


If you are running into any issues you can try troubleshooting them with our Troubleshooting iOS.

Done! You now have a certificate to send push notifications from your iOS app.

Next, install the OneSignal SDK in your app.


What are iOS Push Certificates?

The Apple Push Notification Service (APNs) is a service created by Apple Inc. way back in 2009 to securely send push notifications from third party apps to their users' Apple devices.

Your backend sends notifications through Apple's servers to your application. To ensure that unwanted parties are not sending notifications to your application, Apple needs to know that only your servers can connect with theirs.

Apple therefore requires you to create an SSL certificate. Although app provisioning can be confusing at times, follow along and it should only take a couple minutes.

Updated about a month ago

Generate an iOS Push Certificate

Required for all iOS apps.

For Developers

Suggested Edits are limited on API Reference Pages

You can only suggest edits to Markdown body content, but not to the API spec.