Regarding apple-id sign in, there was the following statement.
https://developer.apple.com/documentation/sign_in_with_apple/sign_in_with_apple_rest_api/verifying_a_user
"User interaction is required any time a new identity token is requested. User sessions are long-lived on device, so calling for a new identity token on every launch, or more frequently than once a day, can result in your request failing due to throttling.”
I understand that a new id_token will be created when the user signs in.
Does asking users to sign in multiple times actually cause throttling?
When I tested it personally, no throttling occurred.
Our policy is to require users to sign in again only for important operations. Within normal limits, will throttling not occur even if a user signs in multiple times?
Also, is there any other way to authenticate users multiple times a day?
Sign in with Apple
RSS for tagSign in with Apple enables users to sign into apps and websites using their Apple ID.
Posts under Sign in with Apple tag
141 Posts
Sort by:
Post
Replies
Boosts
Views
Activity
My Apple 8S screen is frozen, only the Apple logo appears brightly, i cant turn on or off,
Hi! I have the following problem. We are providing the Apple Sign In option for users to register in our system. When you first login using Apple Sign In it will successfully return "Email" and we are using it for our own registration routine.
The problem is with the following thing: our user can remove the account from our system. And after that, he will not be able to register using Apple Sign In. Is there any way to revoke this token? I have seen the https://developer.apple.com/documentation/sign_in_with_apple/revoke_tokens
but I cannot call this method from the app: this API route returns 400 from the payload I'm sending.
Is there any solution to this problem rather than asking the user to remove the app manually? Can I route the user to the page with these settings?
https://developer.apple.com/forums/thread/708415 - and yeah, I have seen this thing.
Thank you!
Hi,
I have an website with sign in with Apple enabled (using REST API). It seems the majority of my users not aware they are sharing their private email because it is the default selected option. Is there a way to require that the real email be always shared? Alternatively, is there a way to have the "Share My Email" option be the default choice?
I want to support "Sign in with Apple" for my macOS application. Currently, I'm using WKWebview to support this. I'm able to provide a sign in for the current mac user correctly.
But some users try to login with another apple ID, which has FIDO certified keys added as 2FA. Now my WKWebView shows this :
But nothing happens when they click on "Continue". I think I need to create some kind of interface in my application for this case, but no clear idea. I can't see much articles for this use case with security keys.
Anybody has any idea ?
Hi everyone, we are developing Ionic mobile app with .NET server part, now we are trying to implement apple authorization, it works properly with web(user can authorize and server receives callback), but it is not working with mobile, we can authorize and get response on client side with token and code, but it not initiate callback to server, we found a difference in apple endpoint that we call for web and for mobile(in query parameters for mobile- response_mode = web_message and for web- response_mode = form_post), we can't change url for mobile app, because we are using SignInWithApple from @capacitor-community/apple-sign-in, does anyone have experience with this problem? Thanks in advance.
I am working on a financial application that falls under Indian jurisdiction, which has specific regulations prohibiting the use of relay or proxy emails for sign-up processes. Given that the "Hide My Email" feature in "Sign in with Apple" provides a relay email, I'm trying to understand how I can remain compliant with these regulations while offering "Sign in with Apple" as a sign-up option.
My proposed flow:
Allow users to use "Sign in with Apple" for authentication.
Check if the user has opted for the "Hide My Email" feature.
If they have, show an error message explaining the regulatory restriction and prompt them to either:
a) Use "Sign in with Apple" without the "Hide My Email" option OR
b) Use our standard "Sign up with Email and Password" flow.
I would like to understand if such an approach is acceptable according to Apple's guidelines. Would there be any issues or recommendations from Apple's side on implementing this flow?
Thank you for your assistance and guidance!
I am currently in the process of integrating Google Social Login and Apple Social Login into my web application.
Google's authentication system has distinct development and production modes, with a 100-user cap in development mode.
But Apple does not seems to have user cap
I have been conducting extensive research to ascertain whether Apple Social Login imposes any user capacity limitations, akin to Google's development mode restriction.
Could someone provide guidance or insights regarding user capacity restrictions in Apple Social Login, especially in a development/testing context?
https://stackoverflow.com/questions/77101607/understanding-user-capacity-limitations-in-apple-social-login-for-development-an
Dear developers,
In case I want to start building healthcare marketplace app (pharmacies, medical equipments and labs) where every users can search for specific medicine, some Medical equipment and lab test can get a list of pharmacies, labs who provide those products/service. Having said that what could be the best sign in option for (pharmacists, labs, physicians, people/users) on phone number or E-mail or any sign in option that will fit who want to join healthcare app? I want your though guys here as I am trying to have a universal healthcare app that can connect all healthcare people/product/service with people.
Thanks in advance for any advice
I'm using apple login in my web app and passing the redirect URI to apple URL. It's working fine on all browsers except Safari. On Safari instead of opening the URL in a new tab it's showing the finger touch enabled login popup. Which is causing the issue and my redirect URI is not getting passed and I'm not able to receive the code and other details from apple.
Can anyone please help me resolve this issue.
Angular Code:
const openNewWindow = window.open(
'https://appleid.apple.com/auth/authorize?response_type=code&response_mode=form_post&scope=name%20email&state=W4cL2JgRJq&client_id=CLIENT_ID&redirect_uri='+ this.AppleURL',"_blank"
);
try {
openNewWindow.opener = window;
window.addEventListener('message', event => {
this.signInWithApple(JSON.parse(event.data));
});window.addEventListener('message', event => {
this.signInWithApple(JSON.parse(event.data));
});
} catch (error) {
console.log("error",error);
}
Redirect URI js code:
I am using Apple OAuth login in my two apps. I identify users using the "sub" claim that can be obtained from the id_token each time they log in. Since it has to identify as the same user in both apps if it's the same account, I need to receive the same sub token.
I've created OAuth clients with different APP_IDs for each of the two apps, but I confirmed that I can receive the same sub value for the same account.
Is it okay to follow this policy for the login feature? I am curious if there is any official documentation that I can refer to on this matter. Thank you.
I'm in the process of setting up Apple Sign-In for our web portal. The web portal doesn't have a related Apple application. I've been reviewing the documentation provided at https://developer.apple.com/help/account/configure-app-capabilities/configure-sign-in-with-apple-for-the-web/ and attempting to set it up. It appears that this might not be possible without an existing Apple application associated with the web portal.
According to https://developer.apple.com/help/account/configure-app-capabilities/configure-sign-in-with-apple-for-the-web/:
To configure web authentication, you must create a Services ID and associate your website to an existing primary iOS, macOS, tvOS, or watchOS App ID enabled for Sign in with Apple.
Does this imply that it's not feasible without an existing Apple application?
I created a fake apple id for testing/automation, but it forced me to setup 2 factor. I need one without 2 factor. There seems to be no way to turn it off, and creating an "app specific password" isn't accepted in places like the simulator settings app, to sign in with Apple id
Am I missing something? Is there another process to go through? Is there a way to turn off 2FA? Is there a dummy set of credentials that all simulators will accept to sign in with apple? etc
We are developing a linkage so that you can sign up with Apple ID.
Since the password value is required for the app service, I am trying to receive a separate password at the membership sign-up stage. Is this a policy violation?
When I try to use signing with apple with flutter on the simulator, I got the error below
"Authorization failed: Error Domain=AKAuthenticationError Code=-7003 "(null)" and "com.apple.AuthenticationServices.AuthorizationError error 1000."
please how do I resolve this
I am using Office365 SSO in my IOS application which I am developing. So, I want to confirm whether my app should have Apple Authentication in order to deploy the application on App Store or not.
I have Sign In With Apple working on my website and on my production stage app, but the returned userId's are different. What are possible reasons this is happening?
We have been using Sign in with Apple feature in our app for more than 3 years, and integarated Apple Server to Server notification for SiwA webhook to handle the login status.
Recently we are seeing huge traffic with repeated notification event "account-deleted" for the same Apple account.
The payload we receive in the webhook url is legitimate since the jwt token is properly signed and the source IP is from the Apple network. And we respond back with 200 but still the same is getting repeated.
The actual account deletion happened in December 2022 and we get the same event repeated till now.
Does anybody else see this kind of issue?
Please help how do we handle/stop this.
i am developing a flutter app. I have a link of a twitter page. When I click it, it will lead to that page with in-app web but the twitter make us login first before showing the page. In twitter sign in page, I try to sign in with Apple but the sign in form is not appearing at all. Does that mean the apple disable the sign in because of the security reason since the browser is from in-app web view?
I use this user agent : 'Mozilla/5.0 (iPhone; CPU iPhone OS 10_2 like Mac OS X) AppleWebKit/602.3.12 (KHTML, like Gecko) Mobile/14C92 [FBAN/FBIOS;FBAV/163.0.0.54.96;FBBV/96876057;FBDV/iPhone7,2;FBMD/iPhone;FBSN/iOS;FBSV/10.2;FBSS/2;FBCR/vodafoneP;FBID/phone;FBLC/pt_PT;FBOP/5;FBRV/96876057]'
the flutter package is : webview_flutter: [^3.0.4]
I'm unable to setup Login with Apple on my website. I have created an App Id, Services Id and generated a key as well. However, I get a Bad Request response when hitting the https://appleid.apple.com/auth/token endpoint with these credentials.
Is there something that I'm doing wrong?