I want to support "Sign in with Apple" for my macOS application. Currently, I'm using WKWebview to support this. I'm able to provide a sign in for the current mac user correctly. But some users try to login with another apple ID, which has FIDO certified keys added as 2FA. Now my WKWebView shows this : But nothing happens when they click on "Continue". I think I need to create some kind of interface in my application for this case, but no clear idea. I can't see much articles for this use case with security keys. Anybody has any idea ?

Hi, I have an website with sign in with Apple enabled (using REST API). It seems the majority of my users not aware they are sharing their private email because it is the default selected option. Is there a way to require that the real email be always shared? Alternatively, is there a way to have the "Share My Email" option be the default choice?

I am working on a financial application that falls under Indian jurisdiction, which has specific regulations prohibiting the use of relay or proxy emails for sign-up processes. Given that the "Hide My Email" feature in "Sign in with Apple" provides a relay email, I'm trying to understand how I can remain compliant with these regulations while offering "Sign in with Apple" as a sign-up option. My proposed flow: Allow users to use "Sign in with Apple" for authentication. Check if the user has opted for the "Hide My Email" feature. If they have, show an error message explaining the regulatory restriction and prompt them to either: a) Use "Sign in with Apple" without the "Hide My Email" option OR b) Use our standard "Sign up with Email and Password" flow. I would like to understand if such an approach is acceptable according to Apple's guidelines. Would there be any issues or recommendations from Apple's side on implementing this flow? Thank you for your assistance and guidance!

Hi everyone, we are developing Ionic mobile app with .NET server part, now we are trying to implement apple authorization, it works properly with web(user can authorize and server receives callback), but it is not working with mobile, we can authorize and get response on client side with token and code, but it not initiate callback to server, we found a difference in apple endpoint that we call for web and for mobile(in query parameters for mobile- response_mode = web_message and for web- response_mode = form_post), we can't change url for mobile app, because we are using SignInWithApple from @capacitor-community/apple-sign-in, does anyone have experience with this problem? Thanks in advance.

We're trying to release a social media app that uses social sign in. The two sign in options are google sign in and apple sign in. Our app keeps getting rejected because the testers cannot login to the demo account. Apple requires a 2 factor verification, and google requires a 2 factor verification. At this point, we are stuck. We don't want to go through the process of keeping track of usernames and passwords just for app review. What do we do?

I am currently in the process of integrating Google Social Login and Apple Social Login into my web application. Google's authentication system has distinct development and production modes, with a 100-user cap in development mode. But Apple does not seems to have user cap I have been conducting extensive research to ascertain whether Apple Social Login imposes any user capacity limitations, akin to Google's development mode restriction. Could someone provide guidance or insights regarding user capacity restrictions in Apple Social Login, especially in a development/testing context? https://stackoverflow.com/questions/77101607/understanding-user-capacity-limitations-in-apple-social-login-for-development-an

I'm using apple login in my web app and passing the redirect URI to apple URL. It's working fine on all browsers except Safari. On Safari instead of opening the URL in a new tab it's showing the finger touch enabled login popup. Which is causing the issue and my redirect URI is not getting passed and I'm not able to receive the code and other details from apple. Can anyone please help me resolve this issue. Angular Code: const openNewWindow = window.open( 'https://appleid.apple.com/auth/authorize?response_type=code&response_mode=form_post&scope=name%20email&state=W4cL2JgRJq&client_id=CLIENT_ID&redirect_uri='+ this.AppleURL',"_blank" ); try { openNewWindow.opener = window; window.addEventListener('message', event => { this.signInWithApple(JSON.parse(event.data)); });window.addEventListener('message', event => { this.signInWithApple(JSON.parse(event.data)); }); } catch (error) { console.log("error",error); } Redirect URI js code:

Dear developers, In case I want to start building healthcare marketplace app (pharmacies, medical equipments and labs) where every users can search for specific medicine, some Medical equipment and lab test can get a list of pharmacies, labs who provide those products/service. Having said that what could be the best sign in option for (pharmacists, labs, physicians, people/users) on phone number or E-mail or any sign in option that will fit who want to join healthcare app? I want your though guys here as I am trying to have a universal healthcare app that can connect all healthcare people/product/service with people. Thanks in advance for any advice

I am using Apple OAuth login in my two apps. I identify users using the "sub" claim that can be obtained from the id_token each time they log in. Since it has to identify as the same user in both apps if it's the same account, I need to receive the same sub token. I've created OAuth clients with different APP_IDs for each of the two apps, but I confirmed that I can receive the same sub value for the same account. Is it okay to follow this policy for the login feature? I am curious if there is any official documentation that I can refer to on this matter. Thank you.

I'm in the process of setting up Apple Sign-In for our web portal. The web portal doesn't have a related Apple application. I've been reviewing the documentation provided at https://developer.apple.com/help/account/configure-app-capabilities/configure-sign-in-with-apple-for-the-web/ and attempting to set it up. It appears that this might not be possible without an existing Apple application associated with the web portal. According to https://developer.apple.com/help/account/configure-app-capabilities/configure-sign-in-with-apple-for-the-web/: To configure web authentication, you must create a Services ID and associate your website to an existing primary iOS, macOS, tvOS, or watchOS App ID enabled for Sign in with Apple. Does this imply that it's not feasible without an existing Apple application?

I created a fake apple id for testing/automation, but it forced me to setup 2 factor. I need one without 2 factor. There seems to be no way to turn it off, and creating an "app specific password" isn't accepted in places like the simulator settings app, to sign in with Apple id Am I missing something? Is there another process to go through? Is there a way to turn off 2FA? Is there a dummy set of credentials that all simulators will accept to sign in with apple? etc

We are developing a linkage so that you can sign up with Apple ID. Since the password value is required for the app service, I am trying to receive a separate password at the membership sign-up stage. Is this a policy violation?

We recently are adding apple signup in our app and in our db we have 50 chars as max length of user identifiers. i was wondering how long they can be on apple and whether we should tweak the max length on our side.

When I try to use signing with apple with flutter on the simulator, I got the error below "Authorization failed: Error Domain=AKAuthenticationError Code=-7003 "(null)" and "com.apple.AuthenticationServices.AuthorizationError error 1000." please how do I resolve this

Something seems to be wrong in the Apple Sign In modal. After pressing the Continue button and going through Face ID, it displays Sign Up Not Completed and does not proceed. This was working fine a few days ago, but then I had to download a new provisioning profile and now it is broken. There are no errors in the log when this happens, but when I close the sign in modal it logs: [core] Authorization failed: Error Domain=AKAuthenticationError Code=-7003 "(null)" The operation couldn’t be completed. (com.apple.AuthenticationServices.AuthorizationError error 1001.) Please help! I even spun up a fresh new project and made new ID / Provisioning profile and this error is still happening. Thanks!

In the following environment: iOS 14 beta, Xcode Version 12.0 beta 6 (12A8189n) try to implement user Apple Login with Firebase. Works until password entering screen and then hangs up on simulator or finished with error on device. Sign In with Apple is enabled in App.

We have been using Sign in with Apple feature in our app for more than 3 years, and integarated Apple Server to Server notification for SiwA webhook to handle the login status. Recently we are seeing huge traffic with repeated notification event "account-deleted" for the same Apple account. The payload we receive in the webhook url is legitimate since the jwt token is properly signed and the source IP is from the Apple network. And we respond back with 200 but still the same is getting repeated. The actual account deletion happened in December 2022 and we get the same event repeated till now. Does anybody else see this kind of issue? Please help how do we handle/stop this.

Hi there, This is the first time to post here and I hope someone can share similar experience. Our company app update was rejected twice within a week by this reason. (Your app requires users to provide their name and/or email address after using Sign in with Apple. ) Which we already submitted a new build of this fix along with an explanation and screen recording. However as you may know, there's no way to retrieve username after the first-time Apple sign in (value is null), so what our solution is to save the username in our server instantly after the 1st time API callback. It works as expected in several physical devices and simulators. However, I wonder the situation now is: The device / robot that use to check our APP didn't clear the "Apps Using Apple ID" in iOS setting, the fix will not work because it has already passed the 1st time login. Otherwise in our side, we cannot find and resolve the issue. Anything I can do other than file an appeal to App Review Team? Thanks for your time.

I am using Office365 SSO in my IOS application which I am developing. So, I want to confirm whether my app should have Apple Authentication in order to deploy the application on App Store or not.