email missing in access-token when doing "Sign in with Apple" in some edge cases hard to replicate

Question

katuri OP

Created Jun ’20

Replies 2

Boosts 0

Views 1.4k

Participants 2

Hi,

We recently integrated "Sign in with Apple" into our app.
We observed some weird behaviour at occasions.

We are supposed to get user's masked/un-masked email at all times in access-token as per documentation. But this is not true always. Some times we got this email empty, not able to replicate those scenarios consistently.

NOTE: I am mentioning missing email in token not in User object, I know in User object we get email only once.

Can some one answer "was the documentation wrong or is there are fix that need to be applied on Apple's systems ?

Thanks,
Dinesh

Boost

Answer 1

Najki OP

Jun ’20

I'm having the same problem and really hoping for finding a solution. Its not consistent enought to give a 100% scenario but we do have one AppleID account in our team which fails to have the email field in id_token more often than others. It happens both in our iOS app (built with Cordova using a plugin for supporting native behavior) and on our website using official JS library.

0

Answer 2

Najki OP

Jun ’20

I think I solved the issue in my project. It turned out that someone on the team used SIWA without defining the scope and every Apple account which used his version for the first time, would forever receive id_token's without email cause once you agree on a scope with the user, you stick with it forever. You can't extend the scope on next sign in. Only if user disconnects and reconnects his/hers Apple account with your app.

0