system design · system-design
Design Apple Push Notification Service (APNs)
Token management, fan-out, delivery, priority. Foundation of iOS notifications.
Theory
Explanation
Intuition first, formal definition second. Skim the bullets if you already know this; read the prose if you don't.
Servers cannot reach idle iPhones directly. APNs is the keeper of persistent connections from devices; servers send notifications via APNs which delivers when device is reachable.
Each device opens long-lived TLS connection to APNs at boot, registered by device_token. Server (provider) authenticates via HTTP/2 + JWT, POSTs payload with target token. APNs queues per token, delivers when device online. Priority lanes (immediate vs low-power). Feedback channel reports invalid tokens (app uninstalled). Headers: apns-expiration, apns-priority, apns-collapse-id (dedup).
When to use
Mobile push, IoT wake-up. Same pattern as FCM for Android.
When not to
In-app message bus (use WebSocket / SignalR).
flowchart LR Device([iPhone]) -->|persistent TLS| APNs Server[App Server] -->|HTTP/2 + JWT| APNs APNs --> Q[Per-token queue] Q -->|when reachable| Device Device -.uninstall.-> Feedback[Feedback Channel] Feedback --> Server
Key insights
- Device-token rotates per (app, device) install, providers must handle invalidation.
- Persistent TLS uses Wi-Fi when available, falls back to cellular. Power-aware.
- Collapse-id replaces older notification with same id, avoids spam.
- Priority low delivers when device wakes; priority high delivers immediately.
- APNs guarantees best-effort, not exactly-once. Idempotency must come from payload.