This is the follow up to this post post Tinder walkaround requires alot of extra work -> sending confirmation e-mail & handling that and all the cases. Apple should realy make that optional! As an example for my application option to sign in anonymously is not "best user experience" as a user is added to the "group" trough email and if by missatke he/she login with annonymus account and try to sign out to try sign in with normal account the option of choosing "normal" email will not be longer available. Then they need to go trough iphone settings and clear that (which no one acctuelly knows abbout)! There are some fixes where one can "revokeTokenWithAuthorizationCode" when signing out but those are just "fixes" that makes everything ugly. So dear apple the logic that this is for the "best user experience" does not hold for every application so that should be reconcidered, please!

I am trying to get Sign in with Apple working for my app. I'm unable to to get onCompletion called. It randomly works when I exit Xcode or restart my Mac. Is this a known bug or maybe I am doing something wrong? I have my Sign In credentials too. Thank you for all the help! SignInWithAppleButton(.signIn) { request in withAnimation { isSigningIn = true } request.requestedScopes = [.fullName, .email] } onCompletion: { result in print("APPLE SIGN IN") appleSignInHandler.onCompletion(result, showErrorSigningIn: $showSignInError) { attributes, oauthToken in loginHandler.commonSignIn( profileManager: profileManager, withProfileAttributes: attributes, oauthToken: oauthToken, goToHome: $goToHome, showInvitationSheet: $showInvitationSheet, showSignInError: $showSignInError ) } }

Hello community, In our application, we've implemented Apple ID for user authentication. Unfortunately, we forgot to register the associated domains and communication email addresses. This oversight has led to complications in email delivery via the private relay service. We've taken steps to fix the issue by reconfiguring the domains and communication email addresses. Post-adjustment, new user registrations are functioning properly. However, for users who registered before this fix, the problem persists. We followed the instructions provided on https://developer.apple.com/documentation/sign_in_with_apple/sign_in_with_apple_js/communicating_using_the_private_email_relay_service, and we also have SPF configured, which has passed validation in our administration. Has anyone encountered a similar issue, and if so, how did you resolve it? Any insights or guidance would be greatly appreciated.

Hello, I have created a Swift app which has Apple Sign In integrated with it. We now want to add Apple Sign In to a web app but can't seem to find enough documentation on how to do this. We have followed the instructions at https://developer.apple.com/documentation/sign_in_with_apple/sign_in_with_apple_js/configuring_your_webpage_for_sign_in_with_apple and have ended up with a script like so: <head> <meta name="appleid-signin-client-id" content="colourworker.SPAD"> <meta name="appleid-signin-scope" content="name email"> <meta name="appleid-signin-redirect-uri" content="https://colourworker.com/apps/photofolia/applesignedin.html"> <meta name="appleid-signin-state" content="init"> <meta name="appleid-signin-nonce" content="NONCE"> <meta name="appleid-signin-use-popup" content="true"> </head> <body> <h1>Sign in with Apple</h1> <div id="appleid-signin" data-color="black" data-border="true" data-type="sign in"></div> <script type="text/javascript" src="https://appleid.cdn-apple.com/appleauth/static/jsapi/appleid/1/en_US/appleid.auth.js"></script> </head> </html> But have we populated the client-id, state, and NONCE correctly? When clicking on the Sign In with Apple button we get the error in this screenshot: I look forward to hearing from someone. Kind regards, Miguel

I am attempting to use sign in with apple id based on the documentation at https://developer.apple.com/documentation/sign_in_with_apple/sign_in_with_apple_js/incorporating_sign_in_with_apple_into_other_platforms My authorization url ishttps://appleid.apple.com/auth/authorize?client_id=REDACTED&redirect_uri=REDACTED&response_type=code&response_mode=form_post&scope=name%20email The response data does not contain the documented "user".. The post data contains only "state" and "code" params. Is there something else which must be done with the authorization url? Is there something which must be configured for the app?

Hello everyone! I have a question (issue). I need to write a test for an app, and everything is okay with my tests, but I need to test login with an Apple ID, and I don't want to use my private Apple ID because I plan to post this test on GitHub. Is there any possibility to create, for example, a dummy Apple ID account? Or how do developers typically handle this situation?

I have a problem that after the transfer the old users with private email addresses get new email addresses generated upon apple login and I can not connect them to their account in my database. I read that the account that initiates the transfer should "generate a transfer identifier for each user in their database" Is it possible to do this and migrate users after the application has already been transferred successfully to another account?

I know that apple requires apple sign in to be added to app , if , in case user adds any sort of social sign in in their app, . But if the purpose of these social sign in is to just fetch profile pictures only, is it also required then. If it is required , then is there any other way , to get user profile picture from facebook account , without adding any social sign in of any kind. to preserve some development and testing time.

Hi, I'm developing an app that supports sign-in with Apple. From the documentation, it seems that the name provided during registration with Apple Sign In isn't saved by Apple and isn't accessible later on. However, in the event of a server issue during registration, how should I manage the flow? In my opinion, it should be possible to retrieve the chosen name later or programmatically cancel the association of the user's Apple ID from the app to restart the registration process. What are your thoughts?

Hello, I have integrated Sign In with Apple into my Swift App. Now I'd like to add Sign In with Apple into my website. I followed the instructions at https://developer.apple.com/documentation/sign_in_with_apple/sign_in_with_apple_js/configuring_your_webpage_for_sign_in_with_apple and resulted in an html page: <html> <head> <meta name="appleid-signin-client-id" content="colourworker.SPAD"> <meta name="appleid-signin-scope" content="name email"> <meta name="appleid-signin-redirect-uri" content="https://colourworker.com/apps/photofolia/applesignedin.html"> <meta name="appleid-signin-state" content="init"> <meta name="appleid-signin-nonce" content="NONCE"> <meta name="appleid-signin-use-popup" content="true"> </head> <body> <h1>Sign in with Apple</h1> <div id="appleid-signin" data-color="black" data-border="true" data-type="sign in"></div> <script type="text/javascript" src="https://appleid.cdn-apple.com/appleauth/static/jsapi/appleid/1/en_US/appleid.auth.js"></script> </head> </html> I have added https://colourworker.com/apps/photofolia/applesignedin.html to the list of Return URLs at https://developer.apple.com/account/resources/identifiers/serviceId/edit/ZSM7Q3SMVH. But when clicking on the Sign In With Apple button I get the following error: "invalid_request Invalid client id or web redirect url." Any ideas of what I'm doing wrong?

Hello. I'm gilgim. I have some questions regarding the review guidelines while working on the project. Therefore, I would like to ask them. If I implement Apple login on mobile, do I need to implement it on the website as well? May I inquire if it is permissible to implement a feature that matches a user's Apple ID after they have logged in with Apple and undergone authentication within the app to distinguish users? Could you please provide detailed information on whether not implementing or implementing such a feature would be a reason for rejection?"

We are developing a mobile app that allows users to purchase gift cards from popular retailers, and this app requires valid email address during login/register which is needed for mapping all user’s wallet and gift card details. This app also supports social login like Apple, Facebook and Google and we are also providing a web platform where users can check their gift cards and wallet informations. We are currently facing an issue with Apple SignIn when using “Hide by Email” flow. We observed that in this flow, the app generates a tokenised email address for user to login, and the same tokenised email address will be mapped to the user's gift card and wallet information. Assume that an user register with mobile app using tokenised email address and the same user login into the web platform with a valid email address. In this flow, the user will not be able to see the wallet and  purchased gift card information which could result in data issues and discrepancies between web and mobile apps. We would like to know for any option to disable or remove “Hide by Email” from Apple’s SignIn popup. If not, could you suggest us a way to fix this issue. Appreciate your quick response. Thank you!

Below is app rejection message. The issues we previously identified still need your attention. If you have any questions, we are here to help. Reply to this message in App Store Connect and let us know. Bug Fix Submissions The issues we've identified below are eligible to be resolved on your next update. If this submission includes bug fixes and you'd like to have it approved at this time, reply to this message and let us know. You do not need to resubmit vour app for us to proceed. Alternatively, if you'd like to resolve these issues now, please review the details, make the appropriate changes, and resubmit. Guideline 4.0 - Design Your app still offers Sign in with Apple as a login option but does not follow the design and user experience requirements for Sign in with Apple. Specifically: Your app requires users to provide their mobile number after using Sign in with Apple. This information is already provided by the Authentication Services framework. Next Steps Please revise the Sign in with Apple experience in your app to address the issues we identified above.

When I tested Sign in with Apple after completing the transfer of the app, I noticed that when I Sign in with Apple, I became a different user (sub). After reviewing the document below, I realized that before transferring the app, I needed to generate a transfer identifier and hand it over to the receiving team. https://developer.apple.com/documentation/sign_in_with_apple/transferring_your_apps_and_users_to_another_team Is it possible to transfer Sign in with Apple users now, after completing the transfer of the app? I tried to generate generate access token with parameters that indicate in the document below but i can't. https://developer.apple.com/documentation/sign_in_with_apple/transferring_your_apps_and_users_to_another_team On the other hand, I can generate access token with parameters that indicate in the document below. https://developer.apple.com/documentation/sign_in_with_apple/bringing_new_apps_and_users_into_your_team

Hello, Due to legal reason (tax configuration), our organization had to create a new team and migrate iOS apps to a new team. We have an authentication server (Keycloak) configured to use “Sign In With Apple” on the web. Apps currently use the webview provided by Keycloak to proceeed to user login. To do so in the “Certificates, identifiers & Profiles” we have an App ID and Service ID Now we’d like to use “Sign In With Apple” within the apps on the new team and we’d like to keep users created on the old team. So we followed this documentation to transfer users from the old team to the new one : https://developer.apple.com/documentation/sign_in_with_apple/transferring_your_apps_and_users_to_another_team We are able to create transfer subs without any issue. The next step is described in this doc : https://developer.apple.com/documentation/sign_in_with_apple/bringing_new_apps_and_users_into_your_team When we try to get the exchange identifier, (at this step : https://developer.apple.com/documentation/sign_in_with_apple/bringing_new_apps_and_users_into_your_team#3559300), we receive an error 400. Is this because we haven’t done any transfer demand from old team to new team ? Regarding the doc we must : “Coordinate with the sending team transferring their users and apps over to your team. Then accept transfer identifers for all of the migrating users, and exchange the transfer identifiers for team-scoped identifiers and private email addresses to complete the process” As “Sign In With Apple” has been configured to be used for the web and not within an iOS app, we have no transfer identifier and we cannot init a transfer of the AppID and the Service ID used by “Sign In with Apple”. What is the correct way to proceed to users migration from the old team to the new one in this case ? Thank you.

delayed "Sign in with Apple" in android, web page "https://appleid.apple.com/auth/authorize" delayed more than 30 sec to load on Android or web Is there a solution to this issue?

I have implemented Sign in with Apple in my app. The flow goes like this: User taps sign in button In the delegate method I take the auth code and post it to my server. My server sends an activation request to apple and gets an id, refresh, and access tokens. This is where I have a problem: A user requests account deletion. The server sends a request to revoke the access and refresh tokens User may or may not go to settings and revoke "Sign in with Apple" access to the app (the following happens either way) The user then load the app again and taps the Sign in with Apple button. The delegate method provides a valid id token, but the same original auth code instead of generating a new one. The server now gets an invalid response from apple as the auth code is had already expired, and so can't get a new refresh token. The server also can't use the old refresh token as it's been revoked during deletion. Can someone tell me where I'm going wrong? I can't find any documentation for regenerating a refresh token after revoking it. Thank you

I have old site with Apple users. Some of users selected hide my email, so that users created private email id in my old site. I have launch new website and here some old user registered using Apple sign in with same procedure. But I am not sure, these users registered new site with hide my email or not. I have to migrate old site users and there content on new site, but I am not sure same user selected hide my user or not in my both site. For Example 1: User 1 registered on old site with hide my email, so User 1 id created like Email: @privaterelay.appleid.com User 1 registered on new site with show my email, so User 1 id created like Email: @domainname.com Now I want to migrate old site users and data to new site. I cheeked email present on new site or not. If email present then I migrated the data. If email not found in new site, then I will create the user on new site and then migrate the data. But in above example user1 already created account with Hide my email in old site and show my email in new site. So I am not able to recognize user present in new site, so I created a new user entry in new site. That means user1 has created 2 account in new site. Is anyone know how to handle this issue?

I cannot receive full name from Apple sign in and the app review fails. What I receive from the call is the following: { "familyName": null, "identityToken": "XXXXX", "givenName": null, "authorizationCode": "XXXXX", "user": "XXXXX", "email": null } while decoding the identityToken, I get: { iss: 'https://appleid.apple.com', aud: 'popularise.app', exp: 1697700330, iat: 1697613930, sub: 'XXXXX', nonce: 'nonce', c_hash: 'XXXX', email: 'XXXXXX', email_verified: 'true', auth_time: 1697613930, nonce_supported: true } As you can see, I have no information about given or family name. Body I am sending via api rest: { clientId: 'popularise.app', scopes: 'email name', redirectURI: '', state: '12345', nonce: 'nonce', } My tools: I am using nestJS and node (v16).

When I use oauth from different providers like google or apple I can set privacy policy link and terms of service link in oauth consent screen settings. The links are visible on the screen when user is asked to login with selected provider. I thought it is standard oauth functionality but can't find any option to enable it for Sing in with Apple. It makes my whole user experience broken because I have to develop additional consents screen just for apple login.