I would like to integrate my custom icon inside the Apple logo. I have already configured it with my primary Apple ID.

Xcode 15.2, iOS 17.2 I have a piece of code that displays videos. It has been working for at least 6 months. Suddenly only the first video played. The following videos would only play audio with the video being frozen at the first frame. I noticed that SwiftUI would start to instantiate multiple instances of my player observable class instead of just one. After chasing the problem for most of a day I found that if I completely removed every piece of code referencing AuthenticationServices then everything would work fine again. Even if I add the following piece of code which is not used or called in any way. Then SwiftUI will start to act weird. func configure(_ request: ASAuthorizationAppleIDRequest) { request.requestedScopes = [.fullName, .email] } If I comment out request.requestedScopes = [.fullName, .email] everything works fine. The SignInWithApple is configured and works fine if I enable the code. Any suggestions on how to solve or any work arounds would be highly appreciated.

For V1 used for internal purchase verification, when will the exclusive shared key regenerated after transfer be replaced? Will it affect in-app purchases and subscriptions by online users? The V2 used for internal purchase verification uses the key ID instead of the dedicated shared key. In this case, what should we pay attention to before and after the transfer? Do I need to regenerate the key ID for the new account? Is the private shared key still useful? Do I need to generate a dedicated shared key again in the transferred App? What will be the impact on existing subscriptions after the transfer? What do I need to do with the current existing subscriptions? We have used universalLink, do we need to add a new TeamId to the apple-app-site-assn. txt file? { "applinks": { "apps": [], "details": [ { "appID": “TeamIdA.com.***.***”, "paths": [""] }, { "appID": “TeamIdB.com.***.***”, "paths": [""] } ] } } We have stored the login information in Keychain Sharing, is there no way to get the original stored information after transfer? Is there a reasonable solution?

I am getting an error "Cannot create a iOS App Development provisioning profile for "TheSwiftUIWay.login". Personal development teams, including "Cyril John", do not support the Sign in with Apple capability" I have created a developer account but I didnt enroll in the developer program. Am I able to use Sign-In with Apple with the free version of the Apple Developer Account? If so, can you please give me some directions on how I can fix this error?

In order to use Sign in with Apple, I issued a JWT client according to the instructions and was able to connect without any problems, but suddenly an INVALID_CLIENT error started to occur. The error was resolved by re-obtaining the JWT client token and resetting it. The validity period of the JWT client token is 6 months and it has not expired yet, but I would like to know why I am getting an INVALID_CLIENT error.

im doing sign in with apple, using firebase, im runing into a problem where firebase is creating the user on the console but i is doing it with a dash and not the useremail as the identifier. and i just figure that the reason is because the IDTokenstring is not returning the proper payload, for instances this should be the payload so that firebase can create the user and use the email as the identifier. however this is what i am getting instead, you can see it is missing email how can i fix this?

Problem Situation User membership withdrawal request → revoke API call It always returns status code 200, but once out of 5~10, it remains an app linked to the user's Apple ID. Re-request user Apple login → Email is returned as null Currently, the only solution is for users to manually delete apps linked to their Apple ID. Email sent when re-requesting Apple login When the above problem occurs, even if the Revoke API is called multiple times, the app linked to the user's Apple ID is not deleted, and when requesting Refresh Token validation, it has already expired. Releated Issues https://forums.developer.apple.com/forums/thread/707181

I'm following the steps outlined to be able to email users that have used Apple Sign-in that is listed here and I have a green check for SPF status. I used my email <my_email_here>@gmail.com, but when I try to send an email from the email address configured to the private relay email I don't see my test email coming through. I also tried sending an email from a non configured email and I don't back any sort of error message, not sure if I should though. Is there a delay in how quickly the email is received?

The type of the email_verified (standard) claim is STRING. According to the specification [1] it should be BOOLEAN. Current Example Returned by Apple: "email_verified": "true" OpenID Standard Should Ve: "email_verified": true [1]openid.net/specs/openid-connect-core-1_0.html#StandardClaims

We have a game that provides a mechanism to log into the game with Sign in with Apple in a direct integration between the game and Apple (first mechanism). We also provide a mechanism to log into the game using OpenID connect with authorization from Apple but using a server in the middle that drives the process (second mechanism). It is important to mention that both mechanisms use the same oauth client. We have been able to switch from the first mechanism to the second successfully, but there is a problem with id_token. In the second mechanism we request the scopes "email", "openid" and "name", but in the retrieved id_token there is no information about the email. It happens for all users who previously signed in with Apple using the first mechanism (therefore there is a current link between the game and the user in AppleId). It does not happen with users who had no link between the game and the user and use the second mechanism, in this case we can retrieve the user information in the callback of the first call and the email in the id_token, as stated in the documentation. However, if users who had a link between the game and the AppleId delete the app and then log back in using the second mechanism, then we can get the email information with the exact same request. The request we use to obtain the authorized endpoint information (https://appleid.apple.com/auth/authorize) has these parameters: response_mode: query scope: email openid profile nonce: ... state: ... response_type: code Then we get the authentication code and get an id_token like this: { "iss":"https://appleid.apple.com", "aud":"{aud}", "exp":1705584621, "iat":1705498221, "sub":"{sub}", "nonce":"7f-PqBoXgxeDMOEu5Ysov0FjE9GvSYfq", "at_hash":"3kLcPBlwZP6aj_mscww5zA", "authentication_time":1705498218, "nonce_supported":true } Is there a way to retrieve the email for users who had the link and don't want to delete it or log back into the app? In the official Apple documentation it is stated that the id_token should have the email but this is not the case. https://developer.apple.com/documentation/sign_in_with_apple/sign_in_with_apple_rest_api/authenticating_users_with_sign_in_with_apple#3383773

The sign in with Apple prereqs state that: you must have an existing app in the App Store that uses Sign in with Apple If you want to support sign in with apple on a website but do not need an iOS app specifically for that website is possible to have a "dummy" app that isn't released to the app store but will serve to support sign in with Apple?

i heard that i need to provide an alternative option to create account in my app if i use any third party social platform to create account which is facebook in my case. so i removed the facebook login option and added only apple sign in. now my doubt is, should i provide another option for the player? or is it alright with only apple sign in

Hello! I have never distributed an apple app before. Right now, I am trying to distribute a macOS app. I created a provisioning profile of type "Developer ID Application" and it has the following capabilities enabled. Now, when I download the profile and use it for my app, xcode gives me the following error: Lmk what I need to do since I am super unfamiliar with this process.

Hello, we implemented Apple Sign-In in our website long ago, and it worked well. Recently we have found a strange behaviour. The first time we make the request to the /auth/token endpoint we get an invalid_client error. Our client id is com.spicysparks.service.id If we make a request another time with exactly the same data it works fine. We noticed we get this error only when we try a newly generated client secret for the first time.

We are trying to integrate "Sign in with Apple" and are facing an issue where all users who chose to use Apple's private relay with the hide my email feature are unable to receive any mail sent by us. We have added our domain, mail from domain & email address to https://developer.apple.com/account/resources/services/configure and also verified the SPF. We also have DKIM setup. We use SES as our email provider and have added its SPF as recommended aswell. I have attached a sample delivery log from SES below. {"notificationType":"Delivery","mail":{"timestamp":"2024-01-17T10:20:07.592Z","source":"\"Redacted\" <admin@redacted>","sourceArn":"arn:aws:ses:ap-south-1:redacted:identity/redacted","sourceIp":"34.redacted","callerIdentity":"redacted-ses","sendingAccountId":"redacted","messageId":"redacted","destination":["redacted@privaterelay.appleid.com"]},"delivery":{"timestamp":"2024-01-17T10:20:12.385Z","processingTimeMillis":4793,"recipients":["redacted@privaterelay.appleid.com"],"smtpResponse":"250 2.0.0 Ok: queued as redacted","remoteMtaIp":"redacted","reportingMTA":"redacted.smtp-out.ap-south-1.amazonses.com"}}

We are Integrating SSO with Apple with our application Coordle, but facing the issue. When user click on "SignUp with Apple" button, at that time the facing error is "Your request could not be completed due to an error. Please try again later" Can you help us on this ? I have attached a ss.

I'm trying to set up Sign In With Apple on my .NET 7 Web App (Not sure how many people here use this). I followed the guide by Scott Brady here: https://www.scottbrady91.com/openid-connect/implementing-sign-in-with-apple-in-aspnet-core It reaches Apple Sign In OK, authenticates, and passes back to my server, but the callback responds with this error. OpenIdConnectProtocolException: Message contains error: 'invalid_client', error_description: 'error_description is null', error_uri: 'error_uri is null'. Googling hasn't helped much, other than I saw a post saying to wait 48 hours, which I have now done (not that that makes sense anyway). Any idea whats been done wrong? Code below, replacing sensitive data. Startup.cs .AddOpenIdConnect("apple", async options => { options.Authority = "https://appleid.apple.com"; // disco doc: https://appleid.apple.com/.well-known/openid-configuration options.ClientId = "com.rackemapp.applelogin"; // Service ID options.CallbackPath = "/signin-apple"; // corresponding to your redirect URI options.ResponseType = "code id_token"; // hybrid flow due to lack of PKCE support options.ResponseMode = "form_post"; // form post due to prevent PII in the URL options.UsePkce = false; // apple does not currently support PKCE (April 2021) options.DisableTelemetry = true; options.Scope.Clear(); // apple does not support the profile scope options.Scope.Add("openid"); options.Scope.Add("email"); options.Scope.Add("name"); options.Events.OnAuthorizationCodeReceived = context => { context.TokenEndpointRequest.ClientSecret = AppleTokenGenerator.CreateNewToken(); return Task.CompletedTask; }; }); Apple Token Generator public static class AppleTokenGenerator { public static string CreateNewToken() { const string iss = "[MyTeamId]"; // your account's team ID found in the dev portal const string aud = "https://appleid.apple.com"; const string sub = "com.rackemapp.applelogin"; // same as client_id var now = DateTime.UtcNow; // contents of your .p8 file const string privateKey = "[MyKey]"; var ecdsa = ECDsa.Create(); ecdsa?.ImportPkcs8PrivateKey(Convert.FromBase64String(privateKey), out _); var handler = new JsonWebTokenHandler(); return handler.CreateToken(new SecurityTokenDescriptor { Issuer = iss, Audience = aud, Claims = new Dictionary<string, object> { { "sub", sub } }, Expires = now.AddMinutes(5), // expiry can be a maximum of 6 months - generate one per request or re-use until expiration IssuedAt = now, NotBefore = now, SigningCredentials = new SigningCredentials(new ECDsaSecurityKey(ecdsa), SecurityAlgorithms.EcdsaSha256) }); } } Also attached, images of my keys and setp in developer portal

I'm having a problem with Apple recognizing my redirect url as valid. when making requests for user sign in through firebase. I used this tutorial to create a serviceID and private key, which I then setup on my end with firebase. Steps taken Create serviceID Tied to primary app ID that is configured for sign in with Apple Added domains for firebase hosted site Added return url provided by firebase Create private key Associated to the same primary app ID as the service ID Downloaded the key and placed it's content in firebase Added the team ID and key ID Setup client to use new OAuthProvider with redirects to Apple signin Is there a tool for validating redirect urls or location with logs to help me debug which part of my redirect Url is incorrect? Thanks

After signup via Apple Signup method in my Flutter app, it retrieves only First Name and Last Name, this was done by separating the full name given by the Apple signup divided into two, and populated it among the First Name and Last Name text boxes. In the same screen there is a date selector to select the birthday and 3 buttons to choose gender between Male, Female and Other. When I submitting to this app for AppStore it was rejected several time. This is the last message given by App Store Review - Hello, Thank you for your efforts to follow our guidelines. When registering with Sign in with Apple, your app still asks for First name, Last name, Birthday and Gender. First name and last name fields can be auto populated. Please note that birthday and gender fields are not directly related to the core functionality of the app. If you need more help, please kindly refer to App Store Connect Developer Help. Guideline 4.0 - Design Your app still requires users to provide their name, birthday and gender after using Sign in with Apple. This information is already provided by the Authentication Services framework. Next Steps Please revise the Sign in with Apple experience in your app to address the issues we identified above. What is the solution for this? If this is accepted when full name is displaying after signup in a seperate screen and birthday and gender in a seperate screens? Please guide me through this to be accepted my app by App Store Review. Thanks

Migrate existing Sign in with Apple user identifiers and private email relay addresses by exchanging transfer identifiers from one developer team to another with the user migration info endpoint. View Technote TN3519 >