invalid_client on sign-in with Apple

App & System Services General
Jaedotfi OP
Created Sep ’21
Replies 1
Boosts 0
Views 1.2k
Participants 2

Greetings, We have been trying to implement the 'Sign-in with Apple' thing for quite some time now, but we are blocked by this 'invalid_client' error.

The backend itself is made with Python Flask and the error itself is returned when posting to the https://appleid.apple.com/auth/token endpoint.

I doubled checked all JWTs via the website jwt.io and everything checks out. We have tried regenerating the keys multiple times without any success.

For the client secret, we are indeed using the ES256 algorithm as specified in the documentation.

The code itself looks like this:

token_url = 'https://appleid.apple.com/auth/token'
headers = {'content-type': "application/x-www-form-urlencoded"}
data = {
	'client_id': client_id,
	'client_secret': client_secret,
	'code': authorization_code,
	'grant_type': 'authorization_code',
	'redirect_uri': redir_uri,
}
token_response = requests.post(token_url, data=data, headers=headers)

Anyone has any idea?

Thanks!

Replies  1
Boosts  0
Views  1.2k
Participants  2
DTS Engineer OP
Apple
Sep ’21

Hi Jaedotfi,

The client_id value must match the value used in the initial authorization request. If you authorized the App ID, you must validate the code for the same App ID; otherwise, providing the Service ID would fail, and vice versa. The same ID must match the sub claim value provided in the client secret (JWT). The expected values and descriptions of the required query parameters are documented below:

Generate and Validate Tokens

If you have further questions about Sign in with Apple, please submit a Technical Support Incident and I'll be happy to assist.

Cheers,

Paris

0
invalid_client on sign-in with Apple
First post date Last post date
 
 
Q