Notification extension

Notification Service Extension App Review checklist

A notification service extension changes what users see before delivery. Review readiness depends on whether the extension modifies only expected notifications and fails safely.

Quick answer

Use a Notification Service Extension only when you need to modify notification content, download related media, or decrypt payload content on device. Apple says a notification service app extension can modify content before a remote notification is delivered. AppReviewReady interpretation: document the payload mutation boundary before shipping.

01

Name the content modification purpose

Common reasons include downloading an image, decrypting message text, localizing content, redacting private fields, or attaching media. Do not add an extension merely to run analytics or hide server-side notification problems.

Write which notification categories the extension handles and which it ignores. A broad extension that modifies every payload can create unexpected privacy and reliability risk.

02

Audit payload data and media

  • Payloads should contain only data needed for the notification result.
  • Media URLs should expire and avoid exposing private content to unauthorized users.
  • Decryption keys should be handled securely and not logged.
  • Fallback text should remain safe if media download or decryption fails.
  • Time-sensitive, communication, health, finance, child, and location notifications require stricter review.
03

Fail safely when time expires

The system can terminate the extension if it takes too long. Test slow network, large media, invalid payload, expired URL, and missing keys so the final notification is still understandable.

AppReviewReady interpretation: the original payload should be safe to show if the extension cannot finish. Do not send embarrassing placeholders or encrypted gibberish as the only fallback.

04

Keep notification privacy consistent

  1. Compare modified notification text with in-app privacy settings.
  2. Test locked device, notification preview settings, focus modes, and deleted account states.
  3. Verify revoked sessions or blocked users cannot still receive enriched private content.
  4. Check logs and crash reports for notification payload leakage.
  5. Confirm App Store privacy labels cover notification-related processing.
05

Prepare notification extension review notes

If review cannot easily trigger the notification, provide a test account or server action. Do not rely on a scheduled production campaign.

After launch, monitor extension timeout rate and fallback delivery. A notification that looks fine in fast internal testing can degrade when media hosts, decryption services, or network conditions are slower for real users.

If the extension decrypts private messages, verify blocked users, deleted conversations, and logged-out devices do not continue receiving enriched content.

For media attachments, include size and content-type validation on the server and extension so unexpected payloads do not crash the delivery path.

If server campaigns create the notification payload, keep a staged campaign that review or QA can trigger on demand. Waiting for a production push schedule makes the extension hard to verify and hard to debug.

Copy-ready frameworkAdapt every bracketed field
Notification service extension review:
Categories modified: [list]
Purpose: [media, decryption]
Sample trigger: [steps]
Fallback if extension fails: [text]
Private data in payload: [none or fields]
Timeout behavior: [summary]
User privacy setting: [where]
Sources

Primary references checked for this guide

Policy statements above are grounded in the linked Apple documentation. Operational recommendations are AppReviewReady's interpretation and should be tested against your app and the current guideline text.

Put it to work

Check notification extension risk

Review payloads, privacy, timeout behavior, and test triggers before submission.

Open the tool