I'm trying to automate a testing flow in my app, that requires signing in with apple first. I've figure out how open settings and login with a test apple ID. I've wrapped that up in a function and call that first (with a check to see if its already logged in). When I return to my app, and tapping the sign in with apple button, I can't find anyway to interact with the sign in with apple modal, e.g. asking me if I want to share my email address or not, tapping "continue with password" and so on I've tried setting up an interruption handler, but it doesn't get triggered let test = addUIInterruptionMonitor(withDescription: "") { alert in print("inside alert:\( alert )") return true } I've tried checking for springboard alerts, but its not an alert let springboardApp = XCUIApplication(bundleIdentifier: "com.apple.springboard") springboardApp.alerts.exists I don't know any other tricks, or how to find the bundle ID of this popup. Any advice?

Currently as part of project, we are decoding the token at server side which we received from iPhone app after apple login. iOS code snippet: let appleIDToken = appleIDCredential.identityToken let idTokenString = String(data: appleIDToken, encoding: .utf8) idTokenString value is passed to server. Server side code snippet: jwt.decode(token, { complete: true }); token value is idTokenString which we received from iOS app. We are facing security concern as this token is able to decode directly without any security key. Is there any way by which we can get token from apple with encrypted key. This key will be kept as a secret key at apple and our project side as well. Hence, it will be secured or is there any apple link where this token can be decoded. Please check on this concern. We have attached screenshot for your reference.

I double checked and my redirect url is the same in service id. It looks like the domains I add has no effect. I have another service id that works with apple sign in. I deleted the return url on it and it still works. Is there a delay or something. Can someone help me with this please? I am about to lose my mind

I want to know if the user identity(sub) maintains the same when the user un-links the linked app from the Apple ID setting and re-links it. I would be grateful if you could give me an reply.

I was referring to documentation provided at here for implementing "Sign In With Apple" feature for macOS. Everything works well, except I need one more feature, user can login with another apple ID (not registered in macOS) if user want to. I saw multiple apps have that in apple authentication screen, but I can't find any documentation/articles to support that. Anyone has any idea ?

I implemented Sign in with Apple but in all cases the button is always black. I would like to show it in light/ dark mode depending on the phone settings. This is my code: class MyAuthorizationAppleIDButton: UIButton { private var authorizationButton: ASAuthorizationAppleIDButton! @IBInspectable var cornerRadius: CGFloat = 3.0 @IBInspectable var authButtonType: Int = ASAuthorizationAppleIDButton.ButtonType.default.rawValue @IBInspectable var authButtonStyle: Int = ASAuthorizationAppleIDButton.Style.black.rawValue override public init(frame: CGRect) { super.init(frame: frame) } required public init?(coder aDecoder: NSCoder) { super.init(coder: aDecoder) } override public func draw(_ rect: CGRect) { super.draw(rect) // Create ASAuthorizationAppleIDButton authorizationButton = ASAuthorizationAppleIDButton(authorizationButtonType: .signIn, authorizationButtonStyle: .black) let type = ASAuthorizationAppleIDButton.ButtonType.init(rawValue: authButtonType) ?? .default let style = ASAuthorizationAppleIDButton.Style.init(rawValue: authButtonStyle) ?? .black authorizationButton = ASAuthorizationAppleIDButton(authorizationButtonType: type, authorizationButtonStyle: style) authorizationButton.cornerRadius = cornerRadius // Show authorizationButton addSubview(authorizationButton) // Use auto layout to make authorizationButton follow the MyAuthorizationAppleIDButton's dimension authorizationButton.translatesAutoresizingMaskIntoConstraints = false NSLayoutConstraint.activate([ authorizationButton.topAnchor.constraint(equalTo: self.topAnchor, constant: 0.0), authorizationButton.leadingAnchor.constraint(equalTo: self.leadingAnchor, constant: 0.0), authorizationButton.trailingAnchor.constraint(equalTo: self.trailingAnchor, constant: 0.0), authorizationButton.bottomAnchor.constraint(equalTo: self.bottomAnchor, constant: 0.0), ]) } } So basically with the code above, I can set on Storyboard the style of the button but it seems that even if I change the value at my code, the result is based on what I chose on Storyboard's variable. Is there any solution where I would be able to show the button in light/ dark mode depending on the phone settings ?

I have an "identifier" for my app in Certificates, Identifiers & Profiles.. I am trying to change the "Sign In with Apple" capability for the identifier. I click "Edit" (see image 1) to open the "Sign In with Apple: App ID Configuration" modal. In this modal, I change the radio button to "Group with an existing primary App ID", and then select my App ID from the dropdown; (see image 2). I click "Save" on the modal and it closes as expected. Then I click "Save" on the main page, and then "Confirm". After clicking "Confirm", I get the error message below: "There is a problem with the request entity. Please choose a different app identifier to set up related consent." (See image 3) I tried do the same process for another app and its identifier, but encountered the same problem. Can anyone point me in the right direction? I've been in contact with Apple support but haven't made any progress in weeks. Thanks. My goal is to enable Sign In with Apple in my app; maybe my approach is wrong, but I saw somewhere that I needed to enable 'Group with an existing primary App ID'.

We're trying to release a social media app that uses social sign in. The two sign in options are google sign in and apple sign in. Our app keeps getting rejected because the testers cannot login to the demo account. Apple requires a 2 factor verification, and google requires a 2 factor verification. At this point, we are stuck. We don't want to go through the process of keeping track of usernames and passwords just for app review. What do we do?

Some background: A user must sign up for an account on our platform via a browser before they can sign in to our iOS app using an Apple ID otherwise we present the following error message as shown in the attached image. Authentication and session management is handled using AWS Cognito on our platform and we believe AWS Cognito is using the relevant API for Apple ID Sign Ins. For account deletion we are providing an account deletion option within the app to the user (who has to be signed in) under Account Settings. For a valid deletion request, we are deleting a user’s records from our database. For revoking, generating, and validating tokens we are using AWS cognito to handle token revocation, generation, and validation. Ask: Apple reviewers provided additional information (shown below) to help us resolve this issue. But i am not clear how this addresses their concern and would appreciate some guidance on how i could resolve it. Apple reviewer recommendation Apps that offer Sign in with Apple should use the REST API to revoke user tokens. If you have not retained the user’s refresh token, access token, or authorization code, you must still fulfill the user’s account deletion request. To learn more, we recommend reviewing the following resources: Handling account deletions and revoking tokens for Sign in with Apple Revoke tokens Generate and validate tokens

Hi guys, I have been using a services id for my apps and websites to use Sign in with Apple feature over 3 months. All of a sudden the website urls and return urls I newly add to the services id don't work. I am getting "invalid_request Invalid web redirect url." errrors. I have checked the urls carefully, (https), I also added many new ones but none of them worked. In order to test it I also removed some of the current return urls from my websites to see if it will stop working but no, the ones I removed still work which kind of confirms my theory that it does not update the list, it is bugged. Quite weirdly, the new native apps I submitted to the store also does not work, it gives the error "Sign-up Not Completed" Does any one have any idea? Such a weird problem all of a sudden

I have implemented a Sign up with Apple button with usePopup=true. When I click the button I get the popup window. After authenticating I click the final "Continue" button and nothing happens. Well technically there is a request to https://appleid.apple.com/appleauth/auth/oauth/authorize. Clicking "Continue" more than once results in the error "Your request could not be completed because of an error. Please try again later." Where do I go from here?

We recently are adding apple signup in our app and in our db we have 50 chars as max length of user identifiers. i was wondering how long they can be on apple and whether we should tweak the max length on our side.

Hi there, This is the first time to post here and I hope someone can share similar experience. Our company app update was rejected twice within a week by this reason. (Your app requires users to provide their name and/or email address after using Sign in with Apple. ) Which we already submitted a new build of this fix along with an explanation and screen recording. However as you may know, there's no way to retrieve username after the first-time Apple sign in (value is null), so what our solution is to save the username in our server instantly after the 1st time API callback. It works as expected in several physical devices and simulators. However, I wonder the situation now is: The device / robot that use to check our APP didn't clear the "Apps Using Apple ID" in iOS setting, the fix will not work because it has already passed the 1st time login. Otherwise in our side, we cannot find and resolve the issue. Anything I can do other than file an appeal to App Review Team? Thanks for your time.

Something seems to be wrong in the Apple Sign In modal. After pressing the Continue button and going through Face ID, it displays Sign Up Not Completed and does not proceed. This was working fine a few days ago, but then I had to download a new provisioning profile and now it is broken. There are no errors in the log when this happens, but when I close the sign in modal it logs: [core] Authorization failed: Error Domain=AKAuthenticationError Code=-7003 "(null)" The operation couldn’t be completed. (com.apple.AuthenticationServices.AuthorizationError error 1001.) Please help! I even spun up a fresh new project and made new ID / Provisioning profile and this error is still happening. Thanks!

My existing chrome extension has "Sign in with Apple" given that we have iOS users. When user clicks "Continue with Apple" button in the extension log in pop up, this is what we do: javascript window.open( 'https://appleid.apple.com/auth/authorize?client_id=' + clientID + '&redirect_uri=' + backEndURL + '&response_type=id_token%20code&response_mode=form_post&scope=email%20name', 'Sign in with Apple', 'height=500,width=400,left=600,top=200,status=no,location=no,toolbar=no,menubar=no' ) In chrome, this opens a popup window with that URL. In Safari Converted Web Extension, it opens custom Apple sign in flow, where it says: "Do you want to sign in to *** with your Apple ID YYY?" and then with my mac password I'm able to authenticate. Afterwards, nothing happens. Expected: a redirect to the URL specified in the window.open. Now let's do a trick: I'll wrap the above window.open code into javascript setTimeout (() = {window.open (...)}, 3000) Because of security reasons, safari then won't open the popup after 3s and will display a notification in the toolbar "Popup blocked..". If we allow the popup, then it finally opens as a normal window popup and after sign in, it redirects to our backend and it successfully authenticates. Any ides what how to solve this? P.S. We're not able to use embedded Sign in with Apple JS - https://developer.apple.com/documentation/sign_in_with_apple/sign_in_with_apple_js/configuring_your_webpage_for_sign_in_with_apple script because we can't host a remote code in the extension (it will be deprecated soon). So, we arere using this. - https://developer.apple.com/documentation/sign_in_with_apple/sign_in_with_apple_js/incorporating_sign_in_with_apple_into_other_platforms

We have changed return URLs for one Service ID, but the change is not propagated. The old return URL still works and we get "Invalid web redirect URL". We even tried deleting Service ID with old return URLs and created new Service ID with new redirect URLs. But the only one that works is the one that we deleted.

In the following environment: iOS 14 beta, Xcode Version 12.0 beta 6 (12A8189n) try to implement user Apple Login with Firebase. Works until password entering screen and then hangs up on simulator or finished with error on device. Sign In with Apple is enabled in App.

All app icon sizes are correct in assets catalog, but app icon does not appear under Apps Using Apple ID in device settings. Is there another place to set app icon for sign in with apple?Thanks.

https://developer.apple.com/documentation/signinwithapplerestapi/verifying_a_userAs per the above link, to verify an IDToken signature, Apple's public key needs to be used.I am able to fetch Apple's public key, but I am unable to verify the signature of IDToken via the public key. I am trying to implement this in Java.. What exactly is meant by "JWS E256 signature"? Which algorithm?Also, once public key is fetched (sample PK posted below), which algorithm to use to form the public key? { "keys": [ { "kty": "RSA", "kid": "AIDOPK1", "use": "sig", "alg": "RS256", "n": "someValue", "e": "someValue" } ] }

We've implementing SIWA on iOS and a web application using Sign in with Apple JS. I've setup a service ID tied to the application ID and can succesfully get callbacks on both platforms. I'm noticing that the user id provided by the iOS app is different than the id provided by the web application.We were expecting these to be different so we can store on our end and identify the user without having to use their email.