On iOS, Sign in with Apple will provide an e-mail address if the user is logging in for the first time. On all subsequent logins, the e-mail address will be missing. However, this can be reset by removing the app from your Apple ID. If you then try to login again, the e-mail dialog will popup again, and the app will receive this e-mail. On visionOS, however, the latter does not happen. Even if I have removed the app from my Apple ID, the e-mail dialog won't show up again. The only way to resolve this is to reset the visionOS simulator (haven't tried it on a real device).

Our website supports Apple login, but after logging in, the server obtains the private mailbox of Apple users, but we found that sending emails to this private mailbox failed. The following is the response result I sent to the privacy mailbox using Google mailbox

When transferring an app from one team to another, Sign in with Apple users have to me carefuly migrated since their unique identifiers are team-scoped. To migrate users from Team A to Team B, a transient transfer identifier, aka transfer_sub, has to be generated by Team A before the transfer to prepare the app data, using specific migration endpoints provided by Apple. "Preparing the app data" means, for example, associate database entries to the transfer id instead of the team-specific id. One the app has been transferred, and during 60 days, Team B will find the transfer_sub in ID tokens issued by Apple Sign In, and thanks to this shared identifier they can retrieve the user data and associate it to their new unique identifier. So far so good ! Now, the question : if an app is transferred from Team A to Team B, and then, shortly thereafter (a few days later), from team B to team C, will the transfer_sub related to the B-C transfer be different ? Or will they remain the same as the ones issued for the A-B transfer ? (I'm asking this question in order to avoid the possible catastrophe of an ill-prepared double app transfer) Thank you !

We have been having issues where apple has provided the same sub for two different users. I was under the impression the sub is supposed to be unique? The issue became exacerbated when we transfered an app from one org to another. On transferring the users. Two different transfer subs, resulted in the same sub.

Hello, our Sign in with Apple Button no longer works and throws an 7003 error. It worked a few days ago but suddenly fails. Any ideas how to fix this? Thanks in advance! plist: <dict> <key>com.apple.developer.applesignin</key> <array> <string>Default</string> </array> ... Code: var body: some View { VStack { SignInWithAppleButton(.signUp) { request in request.requestedScopes = [.fullName, .email] } onCompletion: { result in switch result { case .success(let authResults): handleSuccess(authorization: authResults) case .failure(let error): self.credentialFailure = true self.errorMessage = .appleSignInError logger.error("SIWA login failure: \(error)") } } .signInWithAppleButtonStyle(.white) .cornerRadius(GlobalValues.cornerRadius) } } Error: Authorization failed: Error Domain=AKAuthenticationError Code=-7003 "(null)" UserInfo={AKClientBundleID=com.our.app} ASAuthorizationController credential request failed with error: Error Domain=com.apple.AuthenticationServices.AuthorizationError Code=1001 "(null)" SIWA login failure: Error Domain=com.apple.AuthenticationServices.AuthorizationError Code=1001 "(null)"

Hi all, I create web app laravel with function login with apple. This is any my information app and packet what i'm use : Laravel: 10.x PHP: 8.1 Packages for login: https://socialiteproviders.com/ I'm done with API appleid.apple.com/auth/authorize for auth user with apple ID. Response below : So next step i call to this API : https://appleid.apple.com/auth/token for verify token but response is below : I'm try with postman but response is same that ( invalid_client ). Everything is correct( client_id, team_id, private_key ). I use https://jwt.io/#debugger for test verify token. Signature Verified is result. Can help me for declare what is issue ? what client is invalid ? Thank you so much. P/s : Sorry for my poor English

Hello I'm using Akeeba social login plugin with Joomla. I have been struggling for a couple of days to configure the sign in with apple option. I followed the instructions provided by Akeeba. I'm able to click on the button, I go to apple, enter my apple id and password, then the system even does the 2FA. I get returned to the web site with the error Error code 400 received requesting access token: {"error":"invalid_client"}. I really don't know what can be wrong. I have been redoing the config for about 10 times. Any help will be appreciated. Thank you

Sign in with Apple doesn't support VisionOS, is there other way (api) to get user's account in VisionOS ?

I had implemented the Apple login feature and users were fully utilizing it. Then, all of a sudden, it started to fail with an "Invalid client scope " error. And My code is exactly scope="name email". I haven't changed any code for Apple Login, so why is this suddenly happening?

Hello Apple ID support, When a user successfully login with Apple, the apple OAuth will produce a appleIdToken. From my understanding this token is best to not leave the user device. I have two sub-system that can take a appleIdToken and manages the token-refresh separately. In short: Apple -> appleIdToken sub-SystemA(appleIdToken) and sub-systemB(appleIdToken) sub-SystemA and sub-systemB has two separate token management/refresh The question: Is this allowed by the Apple identify server? Is the usecase of supplying appleIdToken to sub-SystemA and sub-systemB valid?

I have followed the steps in this tutorial: https://learn.microsoft.com/en-us/azure/active-directory-b2c/identity-provider-apple-id?pivots=b2c-custom-policy to create an Apple sign in for my application. From the Apple Developer Portal menu, I went to Certificates, IDs, & Profiles and created a Key. I then tried to sign the key be using this python script: import jwt import time def generate_token(): private_key = """[pasted key from Apple here]""" team_id = "[pasted team_id]" client_id = "[pasted client_id]" key_id = "[pasted key_id]" validity_minutes = 20 timestamp_now = int(time.time()) timestamp_exp = timestamp_now + (60 * validity_minutes) data = { "iss": team_id, "iat": timestamp_now, "exp": timestamp_exp, "aud": "https://appleid.apple.com", "sub": client_id } token = jwt.encode( payload=data, key=private_key, # Use the key directly without encoding as 'utf-8', jwt.encode handles this. algorithm="ES256", headers={"kid": key_id} ) print(token) generate_token() I don't think this worked because I am getting an error after I sign in. Is there some other script I can use?

Question about "Sign in with Apple". Can 2 apps from 2 different developer accounts (hence, 2 different team ID) share authentications? In other words, can I get consistent user ID from 2 different app under 2 different developer account? Is there a way to configure that from developer portal? Thanks Bill

I would like to integrate my custom icon inside the Apple logo. I have already configured it with my primary Apple ID.

Xcode 15.2, iOS 17.2 I have a piece of code that displays videos. It has been working for at least 6 months. Suddenly only the first video played. The following videos would only play audio with the video being frozen at the first frame. I noticed that SwiftUI would start to instantiate multiple instances of my player observable class instead of just one. After chasing the problem for most of a day I found that if I completely removed every piece of code referencing AuthenticationServices then everything would work fine again. Even if I add the following piece of code which is not used or called in any way. Then SwiftUI will start to act weird. func configure(_ request: ASAuthorizationAppleIDRequest) { request.requestedScopes = [.fullName, .email] } If I comment out request.requestedScopes = [.fullName, .email] everything works fine. The SignInWithApple is configured and works fine if I enable the code. Any suggestions on how to solve or any work arounds would be highly appreciated.

For V1 used for internal purchase verification, when will the exclusive shared key regenerated after transfer be replaced? Will it affect in-app purchases and subscriptions by online users? The V2 used for internal purchase verification uses the key ID instead of the dedicated shared key. In this case, what should we pay attention to before and after the transfer? Do I need to regenerate the key ID for the new account? Is the private shared key still useful? Do I need to generate a dedicated shared key again in the transferred App? What will be the impact on existing subscriptions after the transfer? What do I need to do with the current existing subscriptions? We have used universalLink, do we need to add a new TeamId to the apple-app-site-assn. txt file? { "applinks": { "apps": [], "details": [ { "appID": “TeamIdA.com.***.***”, "paths": [""] }, { "appID": “TeamIdB.com.***.***”, "paths": [""] } ] } } We have stored the login information in Keychain Sharing, is there no way to get the original stored information after transfer? Is there a reasonable solution?

I am getting an error "Cannot create a iOS App Development provisioning profile for "TheSwiftUIWay.login". Personal development teams, including "Cyril John", do not support the Sign in with Apple capability" I have created a developer account but I didnt enroll in the developer program. Am I able to use Sign-In with Apple with the free version of the Apple Developer Account? If so, can you please give me some directions on how I can fix this error?

In order to use Sign in with Apple, I issued a JWT client according to the instructions and was able to connect without any problems, but suddenly an INVALID_CLIENT error started to occur. The error was resolved by re-obtaining the JWT client token and resetting it. The validity period of the JWT client token is 6 months and it has not expired yet, but I would like to know why I am getting an INVALID_CLIENT error.

im doing sign in with apple, using firebase, im runing into a problem where firebase is creating the user on the console but i is doing it with a dash and not the useremail as the identifier. and i just figure that the reason is because the IDTokenstring is not returning the proper payload, for instances this should be the payload so that firebase can create the user and use the email as the identifier. however this is what i am getting instead, you can see it is missing email how can i fix this?

Problem Situation User membership withdrawal request → revoke API call It always returns status code 200, but once out of 5~10, it remains an app linked to the user's Apple ID. Re-request user Apple login → Email is returned as null Currently, the only solution is for users to manually delete apps linked to their Apple ID. Email sent when re-requesting Apple login When the above problem occurs, even if the Revoke API is called multiple times, the app linked to the user's Apple ID is not deleted, and when requesting Refresh Token validation, it has already expired. Releated Issues https://forums.developer.apple.com/forums/thread/707181

I'm following the steps outlined to be able to email users that have used Apple Sign-in that is listed here and I have a green check for SPF status. I used my email &lt;my_email_here&gt;@gmail.com, but when I try to send an email from the email address configured to the private relay email I don't see my test email coming through. I also tried sending an email from a non configured email and I don't back any sort of error message, not sure if I should though. Is there a delay in how quickly the email is received?