From a1ac961d3935392eed4ae904a0de4211f2f1ac1a Mon Sep 17 00:00:00 2001 From: Matthew O'Riordan Date: Wed, 7 Jan 2026 18:26:19 +0100 Subject: [PATCH] docs(push): clarify APNs sandbox endpoint requirements Update APNs documentation to clarify that users must specify the sandbox/production endpoint for both authentication methods: - Token-based auth (.p8): Must specify endpoint (same key works for both) - Certificate-based auth (.p12): Must specify endpoint and match with certificate type (development cert = sandbox, distribution cert = production) Changes: - Add "Why token-based authentication is recommended" section with comparison table and link to Apple docs - Update Control API docs to explain apnsUseSandboxEndpoint field - Remove references to auto-detection (not implemented) Ref: PDR-088, EDU-1652 --- .../docs/platform/account/control-api.mdx | 8 ++++++++ src/pages/docs/push/configure/device.mdx | 18 ++++++++++++++++-- 2 files changed, 24 insertions(+), 2 deletions(-) diff --git a/src/pages/docs/platform/account/control-api.mdx b/src/pages/docs/platform/account/control-api.mdx index 6d6d35575d..844f23f165 100644 --- a/src/pages/docs/platform/account/control-api.mdx +++ b/src/pages/docs/platform/account/control-api.mdx @@ -240,6 +240,14 @@ curl --location --request POST 'https://control.ably.net/v1/accounts/${ACCOUNT_I ``` + + See the [API reference](/docs/api/control-api/#tag/apps/paths/~1accounts~1{account_id}~1apps/post) for information on the request body. Sample response: diff --git a/src/pages/docs/push/configure/device.mdx b/src/pages/docs/push/configure/device.mdx index 1f21010a46..d3a740ecb1 100644 --- a/src/pages/docs/push/configure/device.mdx +++ b/src/pages/docs/push/configure/device.mdx @@ -43,9 +43,23 @@ To enable push notifications for iOS devices, you need to configure your app to 1. Use [token-based](#token) authentication (recommended) with a **.p8 file**. 2. Use [certificate-based](#cert) authentication with a **.p12** or **.cer** file. -#### Token-based authentication +#### Token-based authentication (recommended) -Use token-based authentication for new or updated apps because it is easier to manage and does not require yearly renewal like certificates. Token-based authentication relies on a private key (.p8) instead of .p12 certificates, making it the preferred choice for modern push notification setups. +Use token-based authentication for new or updated apps. Apple recommends this approach and is [actively deprecating certificate-based authentication](https://developer.apple.com/documentation/usernotifications/establishing-a-token-based-connection-to-apns). + +Token-based authentication is recommended for the following reasons: + +| Aspect | Certificate (.p12) | Token (.p8) | +| ------ | ------------------ | ----------- | +| Expiration | Expires annually, requires renewal | Never expires, unless manually revoked | +| Scope | One certificate per app | One key works for all apps in your team | +| Management | Manual renewal, export from Keychain | Simpler, easier CI/CD automation | + + * **Download the .p8 file**: * Go to the [Apple Developer Program](https://developer.apple.com/documentation/usernotifications/establishing-a-token-based-connection-to-apns) and sign in.