Hi everyone,
I'm experiencing a persistent issue with Sign in with Apple on my iOS app that I cannot resolve from my side. I've already opened a support case (ID: 20000115382721) and received a reply directing me back to the Developer Forum, so I'm posting here in hopes someone has encountered the same issue or can offer guidance.
Error message: FirebaseAuthException: [firebase_auth/invalid-credential] Invalid OAuth response from apple.com
Critical observation: The Apple authentication screen never appears. When the user taps "Continue with Apple", the error is returned immediately. This suggests the request is being rejected before reaching Apple's authentication servers — pointing to a backend configuration issue on Apple's side for my Team ID.
My setup:
- Team ID: DHKU23JL7H
- Bundle ID: com.expensespy.app
- Framework: Flutter with sign_in_with_apple package v7.0.1
- Backend: Firebase Authentication
- Other auth methods (Google Sign-In, Email/Password): working correctly
Verified configuration (all done correctly):
-
App ID (com.expensespy.app):
- Sign In with Apple capability is enabled
- Configured as a primary App ID
- Not grouped with any other App ID
-
Service ID (com.expensespy.app.auth):
- Created and linked to the primary App ID
- Domain: expensespy-e11ab.firebaseapp.com
- Return URL: https://expensespy-e11ab.firebaseapp.com/__/auth/handler
- All other redundant Service IDs have been removed
-
Sign In with Apple Key:
- Created with Key ID X8T9NLBT4Y
- Linked to the primary App ID
- .p8 file is available
-
Firebase Apple provider:
- Tested with OAuth code flow fields populated (Services ID, Team ID, Key ID, Private Key) — same error
- Tested with OAuth code flow fields empty (recommended for iOS-only) — same error
-
Client-side implementation:
- Proper nonce generation with SHA256 hashing
- OAuthProvider('apple.com').credential() with idToken and rawNonce
- Tested across 3 different builds (Build 12, 13, 14)
- Tested on multiple iOS devices (iOS 18+)
What I've ruled out:
- Client-side code (tested 3 different implementations)
- Firebase configuration (tested both populated and empty)
- Multiple Service IDs (cleaned up to just one)
- App ID configuration (verified primary status)
Context: During my Apple Developer Program enrollment, I experienced an error that was not fully resolved. I suspect this may have left my account in a state where Sign in with Apple is not fully activated on the Apple backend for my Team ID.
Question: Has anyone encountered this where the Apple auth screen never appears at all? Is there a way to verify that Sign in with Apple is properly provisioned for a specific Team ID on Apple's backend? My App Store submission is blocked by this since Sign in with Apple is required when offering third-party authentication.
Any guidance from Apple engineers or developers who solved a similar issue would be deeply appreciated.
Thanks!
Hi Albert,
Thank you for the suggestion — adding the print() statements before passing the credential to Firebase gave us exactly the information we needed.
For anyone else hitting this thread, here is what the logs revealed:
The Apple Sign-In flow on iOS works correctly. The user can authenticate, the Apple ID screen appears, and we receive a valid ASAuthorizationAppleIDCredential from SignInWithApple.getAppleIDCredential(), including:
- identityToken: present (918 chars, well-formed JWT)
- authorizationCode: present
- userIdentifier: present
- rawNonce length: 32
The credential is then passed to FirebaseAuth via OAuthProvider('apple.com').credential(idToken, rawNonce), and only at that point does Firebase reject it with:
[firebase_auth/invalid-credential] Invalid OAuth response from apple.com
So you were right — the Apple side is healthy. The issue is between the credential we receive and how Firebase Auth validates it. We will continue investigating on the Firebase side (provider configuration, nonce handling) and follow up with the Flutter / Firebase community as you suggested.
Thanks again for your time.
Best regards, Dogukan
