APNS ports & hostnames

APNS hostnames and ports

Used to send APNS notifications



Used by device to establish a tunnel to APNS

x-courier.push.apple.com TCP 5223 (x is a small integer i.e. 5-courier.push.apple.com)
If above is not available x-courier.push.apple.com TCP 443

All of the above hostnames resolve to an ip within the following range

Troubleshooting push notifications: https://developer.apple.com/library/ios/technotes/tn2265/_index.html
Local and remote notification guide: https://developer.apple.com/library/ios/documentation/NetworkingInternet/Conceptual/RemoteNotificationsPG/Appendixes/BinaryProviderAPI.html
If you’re not getting Apple push notifications: https://support.apple.com/en-nz/HT203609

1 Like

The above largely refers to the legacy binary APNS interface

Apple have since moved to a more modern messaging method, however the binary interface is still available (and is still used by most MDM vendors).

Some of the MDM vendors (i.e. MobileIron) have adopted the “new” APNS.



This new interfaces leverages HTTP and JSON payloads to send messages to devices.

HTTP status codes

Status code Description
200 Success.
400 Bad request.
403 There was an error with the certificate or with the provider’s authentication token.
405 The request used an invalid :method value. Only POST requests are supported.
410 The device token is no longer active for the topic.
413 The notification payload was too large.
429 The server received too many requests for the same device token.
500 Internal server error.
503 The server is shutting down and unavailable.

Response error strings

Status code Error string Description
400 BadCollapseId The collapse identifier exceeds the maximum allowed size.
400 BadDeviceToken The specified device token is invalid. Verify that the request contains a valid token and that the token matches the environment.
400 BadExpirationDate The apns-expiration value is invalid.
400 BadMessageId The apns-id value is invalid.
400 BadPriority The apns-priority value is invalid.
400 BadTopic The apns-topic is invalid.
400 DeviceTokenNotForTopic The device token doesn’t match the specified topic.
400 DuplicateHeaders One or more headers are repeated.
400 IdleTimeout Idle time out.
400 MissingDeviceToken The device token isn’t specified in the request :path. Verify that the :path header contains the device token.
400 MissingTopic The apns-topic header of the request isn’t specified and is required. The apns-topic header is mandatory when the client is connected using a certificate that supports multiple topics.
400 PayloadEmpty The message payload is empty.
400 TopicDisallowed Pushing to this topic is not allowed.
403 BadCertificate The certificate is invalid.
403 BadCertificateEnvironment The client certificate is for the wrong environment.
403 ExpiredProviderToken The provider token is stale and a new token should be generated.
403 Forbidden The specified action is not allowed.
403 InvalidProviderToken The provider token is not valid, or the token signature cannot be verified.
403 MissingProviderToken No provider certificate was used to connect to APNs, and the authorization header is missing or no provider token is specified.
404 BadPath The request contained an invalid :path value.
405 MethodNotAllowed The specified :method isn’t POST.
410 Unregistered The device token is inactive for the specified topic.
413 PayloadTooLarge The message payload is too large. For information about the allowed payload size, see Create and Send a POST Request to APNs.
429 TooManyProviderTokenUpdates The provider’s authentication token is being updated too often. Update the authentication token no more than once every 20 minutes.
429 TooManyRequests Too many requests were made consecutively to the same device token.
500 InternalServerError An internal server error occurred.
503 ServiceUnavailable The service is unavailable.
503 Shutdown The APNs server is shutting down.

Official Apple documentation below


Apple have updated the APNS documentation now the entire block is not required

If you can’t allow access to the entire address block, open access via the same ports to these network ranges on IPv4 or IPv6:




  • 2620:149:a44::/48
  • 2403:300:a42::/48
  • 2403:300:a51::/48
  • 2a01:b740:a42::/48

Apple will be shutting down the “legacy” binary APNS provider on March 31 2021

Updated APNs provider API deadline

The HTTP/2-based Apple Push Notification service (APNs) provider API lets you take advantage of great features, such as authentication with a JSON Web Token, improved error messaging, and per-notification feedback. If you send push notifications with the legacy binary protocol, we strongly recommend upgrading to the APNs provider API.

To give you additional time to prepare, the deadline to upgrade to the APNs provider API has been extended to March 31, 2021. APNs will no longer support the legacy binary protocol after this date.

Updated APNs provider API deadline - News - Apple Developer