Monitoring - How Apple respond to invalid credentials appears to have changed slightly, this was responsible for the majority of the errors observed. This would have led to credentials taking a little longer than they should have done to become invalidated. At the time of writing around 30 accounts were in this state and a fix has been released to identify them more readily. We believe this change in behaviour could be related to the change to enforcing app-specific passwords.
There was also an account with an event we were failing to parse adding a significant amount of noise to our logs, a fix has been released for this as well.
Jun 18, 23:28 BST
Investigating - We're seeing an escalating number of errors syncing Apple iCloud accounts. Our team is investigating.
Apple calendar sync will be affected for some iCloud account currently.
Jun 18, 17:31 BST
Monitoring - The app-specific password requirement seems to be in place now, at least for some accounts.
We've only seen around 10% of the accounts we expected become disconnected. We're currently operating under the assumption there is a staggered rollout of the requirement.
Jun 16, 16:39 BST
Update - The first batch of emails encouraging using an app-specific password has now gone out.
Jun 8, 18:29 BST
Update - The Cronofy authorization and relink flows have been updated to instruct users to create an app-specific password.
Jun 6, 07:35 BST
- From June 15th, 2017 Apple will require that all end-users who want to give access to their iCloud calendar use an app-specific password.
The Cronofy authorization flow will change shortly to reflect this requirement. Initially, encouraging users to use app-specific passwords and then making it mandatory on June 15th.
This support article from Apple explains how to set up app-specific passwords https://support.apple.com/en-gb/HT204397
What you need to do will depend on whether your application sends calendar account relink emails or not, eg when a password expires.
Cronofy Sends Relink Emails
This is the standard behaviour of applications using Cronofy, In this case we will be sending a specific email just to iCloud users that don't have app-specific passwords on their account. This email will encourage them to do this and explain why.
It might be a good idea to contact your users directly and let them know this is happening so when the email comes from Cronofy they're ready to action it.
We will be begin sending this email to iCloud users from Wednesday 7th June.
My App Sends Relink Emails
You will need to contact your affected users and request that they setup an app-specific password.
So you can target the correct users, we've provided an additional attribute on the profiles end point for Apple iCloud accounts.
If you would like us to provide you a list of potentially affected users, please contact firstname.lastname@example.org
and we will organise a CSV export for you.
We will append updates to the incident.
Jun 2, 14:50 BST