Hi.
I implemented "sign in with Apple" on my web app using a "Service ID" (com.mywebsite.app.web), this is working fine. User is forwarded to Apple's website and forwarded back to us after logging in.
We are now building a mobile app and it is going to use the same server as the web app, this is where the problem lies.
The server uses the "Service ID" to do the user authentication with Apple, but the mobile app uses an "App ID" that is different from the "Service ID", because they are unique identifiers and the mobile team say they can't change it.
App ID (also primary App ID for sign in with Apple) = com.mywebsite.app
Service ID = com.mywebsite.app.web
When the mobile team tried to authenticate the user with the server using the authorizationCode, the response is
{ error: 'invalid_grant', error_description: 'The code was not issued to com.mywebsite.app.web' }
, probably because it was created for the App ID, not for the Service ID
But the Service ID (com.mywebsite.app.web) is nested under the primary App ID (com.mywebsite.app).
What can I do to have the same server to authenticate users coming from the web app and from the mobile app?
We are using Django Allauth for the backend / web app and React Native with https://www.npmjs.com/package/@invertase/react-native-apple-authentication for the mobile app.
Thanks in advance!