I've read in the documentation the private relay and user identifier (sub) are team scoped. If I have 2 or more teams that have their separate Sign in with Apple service ids configured, each under their own (separate) team account is there any way to unify these into one common service id so that the team-scoped user identifier is the same whether the user signs in through Team1-AppleServiceId1 or Team2-AppleServiceId2?

Anyone has implemented login by Apple id with AWS Cognito? We are not receiving the name attribute in authentication token from apple which is mandatory in Cognito. Please let me know if you have faced the similar issue.

I have this js code: document.addEventListener('AppleIDSignInOnSuccess', (data) = {     //handle successful response     console.log(data["detail"].authorization.id_token)     response = parseJwt(data["detail"].authorization.id_token)     email = response["email"]     console.log(email)     loginWithEmail(email) //    console.log("APPLE SIGN IN SUCCESSFFUL"); }); //Listen for AppleId authorization failures document.addEventListener('AppleIDSignInOnFailure', (error) = {     //handle error.     alert(JSON.stringify(error))     console.log("APPLE SIGN IN UNSUCCESSFFUL"); }); And it just stopped working. Now every time I sign in I get "APPLE SIGN IN UNSUCCESSFFUL" and the error is {"isTrusted":false}. What are ways around this?

Hello, I'm currently struggling to figure out how I can make Apple sign in work with my app configuration. Maybe I'm just dumb, but I really can't figure out what I need to do to make it work. So I have a Next.js app setup server-side rendering my React frontend, and on a separate server, I have a Node.js (specifically Adonis.js) backend/api which I use to handle auth and sessions. I have both Facebook and Google OAuth2 logins setup and working perfectly, where I'm receiving a code as a query param in my callback url to my frontend, which the client then sends that code to my backend/api, which uses that code with the provider (FB or Google) to get their email, name, and any other data I could use to prevent the user from having to add later, and either create the user and log them in, or just log them in if they already exist using cookies. I don't need any sort of write access to their third party account, or anything more than reading their name and email so they don't have to enter it themselves, and so they don't have to enter a password on my site. There are 2 different questions I have. (and if there is a solution to the first one, it would make my life so much easier ha..) If I use these query params similar to how I would with Google or Facebook: response_type: 'code', client_id: Env.get('APPLE_APP_ID'), redirect_uri: 'https://example.com/auth/apple/callback' state: '', scope: '', response_mode: 'query' And I get redirected back to my frontend with the code in the url params, and I send it to my API like I do with Facebook/Google, is there any endpoint with Apple's system that I can use that code to request the user's email and name from? 2. From reading through doc after doc, and it still being fuzzy, I'm thinking I may need to use the form_post response mode kind of like this?: response_type: 'code id_token', client_id: Env.get('APPLE_APP_ID'), redirect_uri: 'https://example.com/auth/apple/callback', state: '', scope: ['email', 'name'].join(' '), response_mode: 'form_post' My impression is that it would post a token, and the user data to my callback url, and that I can get the user's email and name from the user's first request and attach the token received to the user in my database. I just do not for the life of me understand how I could use this pattern with how my app is setup. Would I have to have a post handler and a page setup on the same route (I don't even know if Next.js allows something like that), and then from that, I send that data to my backend server and create the account with the data received? Even if all that worked, I don't think I would be able to set the user's session since I rely on the request being made from my frontend to my backend utilizing the set-cookie header. Please let me know your thoughts, input, or clarifications. Thanks, Brody

Is it possible to exchange applejs authentication code for a music user token? Basically - Is it possible to use apple signin with music kit without users needing to sign in twice to apple?

I have set up Sign in with Apple. I can see the Sign in with Apple popup with the Continue button on the sign-in button click. Clicked on the Continue button. Then selected email and clicked on Continue with Password button. After entering the password activity indicator spins and the continue button disappears after a few seconds button enables but the activity indicator spins continues, not getting callbacks, and not able to understand what happens. Please help to resolve this issue.

I implemented a apple signin on reactjs using the lib react-apple-login, the authentication is working with no problems, but on redirect to my API I only receive the code, none of the other data came on request

I am building a Chrome extension with OAuth sign in features. In order to keep the same user base of an existing mobile app I am implementing Facebook, Google and Apple sign in. Using the chrome.identity browser API I was able to implement the sign in for Facebook and Google without problems. I am now trying to implement the same for Apple SignIn. To do so I call the following url using the chrome.identity.launchWebAuthFlow method, which is expected to call the provided callback passing the provided redirect_uri plus the result as query string params: https://appleid.apple.com/auth/authorize?client_id=XXXXXXX&redirect_uri=https%3A%2F%2FXXXXXXX.chromiumapp.org&response_mode=form_post&response_type=code%20id_token&scope=name%20email  Since I need the user email and name I added the scope "name email" to my parameters but this force me to use the responsemode: 'formpost' (as documented here https://developer.apple.com/documentation/sign_in_with_apple/sign_in_with_apple_js/incorporating_sign_in_with_apple_into_other_platforms). When responsemode is set to formpost the result data is not appended to the redirecturi, as a result the sign in works but I am not able to extract the information I need. By removing the scope and using responsemode=query works (I am able to extract the idtoken from the returnuri) but I cannot extract the user email and name. Is there a way to use the parameter response_mode: 'query' combined with scope='name email'?

I am using Apple Sign In with JavaScript in usePopup mode. This is working fine but in order for the popup to return data to the parent window the URL of the parent window must match one of the redirect URIs configured for the services ID. The redirect URI also needs to be sent back Apple to validate the token and again it must match one of those configured. The problem I have with this is that my page can have multiple URLs because the URLs are structured as follows: https:// client-subdomain.mysite.com/optional-lang-code/slug-in-language These are all valid examples: https:// client1.mysite.com/sign-in https:// client1.mysite.com/en-gb/sign-in https:// client1.mysite.com/einloggen https:// client1.mysite.com/de-de/einloggen https:// client2.mysite.com/registrarse https:// client2.mysite.com/es-es/registrarse https:// client2.mysite.com/se-connecter https:// client2.mysite.com/fr-fr/se-connecter As you can there is the potential for there to be a lot of URLs and it quickly becomes a nightmare to manage in the Apple Developer Console, and there is not API to help automate this. Is there any way around this? Could I use wildcards when adding the redirect URIs in the Apple developer console in order to cover multiple paths whilst still validating against the domain part of the URL. It would be so much friendlier to developers if this were possible. It seems strange the the redirect URI gets used at all in this flow because the redirect does not even occur. I have Google sign in on the same site and this works without a problem. It uses a popup in the same way but does not enforce that the popup must come from a particular URL, it is enough that it comes from a particular domain. Therefore the setup in the Google developer console is much easier and can be done once and then forgotten about even if new languages are added in future.

It is possible to use firebase Apple login inside Web extension? I can use Google login. But with Apple it is no so clear. As we have to fill website url when creating service id. https://developer.apple.com/account/resources/identifiers/list/serviceId and web extension don't have website url.