Our welcome email sent to new users using Apple private relay ends up in Gmail spam folder. The same email sent to users directly isn't classified by Gmail as spam - so it's not the email content that causes Gmail to mark is as junk. Our domain SPF / DKIM configuration is correct - the emails don't bounce at Apple's relay, they are delivered to users inboxes. The problem is with Gmail seeing them as spam. Is there any explanation why Gmail could treat the emails as spam? Is there anything we could configure on our side?

Hi there, This is the first time to post here and I hope someone can share similar experience. Our company app update was rejected twice within a week by this reason. (Your app requires users to provide their name and/or email address after using Sign in with Apple. ) Which we already submitted a new build of this fix along with an explanation and screen recording. However as you may know, there's no way to retrieve username after the first-time Apple sign in (value is null), so what our solution is to save the username in our server instantly after the 1st time API callback. It works as expected in several physical devices and simulators. However, I wonder the situation now is: The device / robot that use to check our APP didn't clear the "Apps Using Apple ID" in iOS setting, the fix will not work because it has already passed the 1st time login. Otherwise in our side, we cannot find and resolve the issue. Anything I can do other than file an appeal to App Review Team? Thanks for your time.

We recently are adding apple signup in our app and in our db we have 50 chars as max length of user identifiers. i was wondering how long they can be on apple and whether we should tweak the max length on our side.

Hi everyone! I am in the process of transferring an app from account (A) to account (B), and I am wondering how the various steps in the documentation link to the transfer process. In particular: https://developer.apple.com/documentation/sign_in_with_apple/transferring_your_apps_and_users_to_another_team -> I understood that this process can be done BEFORE the migration to create all the transfer_sub beforehand. https://developer.apple.com/documentation/sign_in_with_apple/bringing_new_apps_and_users_into_your_team -> when can this be done? After initiating the transfer or only after the transfer is completed? Moreover, what about the private key used for Sign in With Apple from the old team? Will it still work before/after the transfer, or in which step it will stop work? For example, in Firebase we set-up the Apple Sign in using the (A) team_id and private_key. When should we change this in Firebase? After initiating the transfer, after the transfer is completed? Will the old key stop working after the transfer is completed? Thank you!

According to Apple documents, " Apple’s servers may throttle your call if you attempt to verify a user’s Apple ID more than once a day". that "throttle" means that apple server will return "invalid_client"? when we log in with Sign in with Apple while verifying the refresh token, sometimes log in successfully, and sometimes "invalid_client" is returned.

I have implemented a Sign up with Apple button with usePopup=true. When I click the button I get the popup window. After authenticating I click the final "Continue" button and nothing happens. Well technically there is a request to https://appleid.apple.com/appleauth/auth/oauth/authorize. Clicking "Continue" more than once results in the error "Your request could not be completed because of an error. Please try again later." Where do I go from here?

Hi guys, I have been using a services id for my apps and websites to use Sign in with Apple feature over 3 months. All of a sudden the website urls and return urls I newly add to the services id don't work. I am getting "invalid_request Invalid web redirect url." errrors. I have checked the urls carefully, (https), I also added many new ones but none of them worked. In order to test it I also removed some of the current return urls from my websites to see if it will stop working but no, the ones I removed still work which kind of confirms my theory that it does not update the list, it is bugged. Quite weirdly, the new native apps I submitted to the store also does not work, it gives the error "Sign-up Not Completed" Does any one have any idea? Such a weird problem all of a sudden

Some background: A user must sign up for an account on our platform via a browser before they can sign in to our iOS app using an Apple ID otherwise we present the following error message as shown in the attached image. Authentication and session management is handled using AWS Cognito on our platform and we believe AWS Cognito is using the relevant API for Apple ID Sign Ins. For account deletion we are providing an account deletion option within the app to the user (who has to be signed in) under Account Settings. For a valid deletion request, we are deleting a user’s records from our database. For revoking, generating, and validating tokens we are using AWS cognito to handle token revocation, generation, and validation. Ask: Apple reviewers provided additional information (shown below) to help us resolve this issue. But i am not clear how this addresses their concern and would appreciate some guidance on how i could resolve it. Apple reviewer recommendation Apps that offer Sign in with Apple should use the REST API to revoke user tokens. If you have not retained the user’s refresh token, access token, or authorization code, you must still fulfill the user’s account deletion request. To learn more, we recommend reviewing the following resources: Handling account deletions and revoking tokens for Sign in with Apple Revoke tokens Generate and validate tokens

I'm trying to use the sign in button API documented here. No matter what, it returns a 404. Even going to https://appleid.apple.com/signinwithapple/button and clicking any of the Download links leads to a 404. Is this a documentation error, or is this API to generate buttons no longer available?

Hello, We are experiencing difficulties integrating the Apple Sign-In provider. Our third-party service is unable to forward emails to the private address @privaterelay.appleid.com. I received a "hard debounce" error. We have configured the following on Apple: DKIM is OK - Our email signature is using our domain. We are unsure what else to do. Could you please assist us?

Hello, I have transfer app to another account but i not change bundle id of app. ASAuthorizationAppleIDCredential identity token generate by bundle id and team id associated apple developer account. Could you let me know identity token changes if the bundle ID remains unchanged?

I push a new application to store. ;When i try to log in with FaceId, i get an error like this "Sign up not completed". what am i missing? could you help pls :) you can access the app from https://apps.apple.com/tr/app/lone/id6447771266?l=tr

Hi there, when using Touch ID, the call back following a request to auth/authorize does not include any user information ( user={} ), but it does if the user log in using a password. Is there a reason ? How to handle that Thanks

When the user's identity (sub) is changed when the app is migrated. When the migration is initiated, it is still when the receiving team confirms. In addition, when can the Exchange identifiers endpoint be used?

Null Display Name Issue with AppleAuth Provider on Firebase using react native Dear Apple App Review Team, I have been diligently working on my app, which heavily relies on Firebase for authentication purposes. Specifically, I am utilizing the AppleAuth provider to offer seamless authentication options to my users. However, during the review process, it came to my attention that the display name from the AppleAuth provider is being returned as null. This issue is concerning, as it directly affects the user experience and functionality of my app. It prevents users from being able to see their display name correctly, which can lead to confusion and frustration. Moreover, it undermines the trust and reliability of the app, which I have worked hard to establish. I have thoroughly reviewed my code and integration with Firebase, and I can confirm that I have followed all the necessary guidelines and recommendations provided by Apple and Firebase documentation. The null display name issue appears to be an unexpected and unintended consequence. To rectify this problem, I kindly request the assistance and guidance of the Apple App Review Team. I would greatly appreciate it if you could provide me with specific instructions or steps to resolve the null display name issue with the AppleAuth provider on Firebase. I understand the importance of maintaining high-quality standards on the Apple App Store, and I am fully committed to resolving this issue promptly. I value the collaborative relationship between developers and the Apple App Review Team and believe that by working together, we can ensure the best possible experience for our users. Thank you very much for your attention to this matter. I look forward to your prompt response and guidance on how to handle this issue effectively. Please feel free to contact me if you require any additional information or have any further

Subject: Request for Resolution on Guideline 4.0 - Design: Null Display Name Issue with AppleAuth Provider by Firebase in React Native App Dear Apple App Review Team, I am writing to express my concern and seek assistance regarding the rejection of my React Native app from being published on the Apple App Store. The rejection reason cited is Guideline 4.0 - Design, specifically stating that my app requires users to provide their name and/or email address after using Sign in with Apple. Additionally, there is a null display name issue from the AppleAuth provider by Firebase. I want to assure you that I have made every effort to comply with Apple's guidelines and provide a seamless user experience. However, it appears there may be a misunderstanding or miscommunication regarding the implementation of the name and email address requirement as well as the null display name issue. Regarding the name and email address requirement: My app integrates Firebase's AppleAuth provider to facilitate Sign in with Apple. During the authentication process, the necessary permissions and scopes are requested to retrieve the user's name and email address from Apple. The obtained name and email address are stored securely within my app, eliminating the need for users to provide this information separately after using Sign in with Apple. Regarding the null display name issue: Upon thorough testing, I have identified a problem where the display name returned from the AppleAuth provider by Firebase occasionally appears as null. This issue is unexpected and unintended, as the display name should be populated correctly based on the information retrieved from Apple during the authentication process. I have reviewed my code and integration with Firebase, following all the guidelines and recommendations provided by Apple and Firebase documentation. I kindly request your guidance and assistance in resolving both the name and email address requirement misunderstanding and the null display name issue from the AppleAuth provider by Firebase. I am committed to rectifying these issues promptly to ensure compliance with Apple's guidelines and provide an optimal user experience. Thank you for your attention to this matter. I eagerly await your response and guidance on how to address the Guideline 4.0 rejection and the null display name issue effectively. Please feel free to reach out to me if you require any additional information or have further questions. Sincerely, dev nihar

Can we remove apple sign in /signup option from iOS and can only have signup with email id

Hi, I'm building a MacOS app that will be published outside of the AppStore (Using an installer). In the app we have an option to sign-in with Apple & Google. While trying to archive the app and distribute with a Developer ID, xcode presented us with this error, and once the entitlements were removed the sign-in with Apple/Google stopped working. Is there a way to archive the app and distribute with Developer ID and also support sign-in with Apple/Google? Thanks!

We're trying to release a social media app that uses social sign in. The two sign in options are google sign in and apple sign in. Our app keeps getting rejected because the testers cannot login to the demo account. Apple requires a 2 factor verification, and google requires a 2 factor verification. At this point, we are stuck. We don't want to go through the process of keeping track of usernames and passwords just for app review. What do we do?