Environment
- App: Web app (Sign in with Apple JS / redirect flow)
- Hosted over HTTPS (valid TLS cert via AWS ALB)
- Tested on latest Chrome, Safari, and Firefox
- Reproducible in normal + incognito/private windows
Expected behavior When clicking "Sign in with Apple", the popup should render the Apple login form and then redirect to our configured callback endpoint
Actual behavior
- Apple Sign-In popup opens successfully
- Page loads only the Apple header shell:
• Apple logo • "Apple Account" • Collapsed "Sign in" section
- The actual login form (email/password entry) never renders
- No visible error shown to the user
- No requests ever reach our backend callback endpoint
Configuration status
- Services ID created and enabled for Sign in with Apple
- Domain verified and added to Services ID:
- Return URL configured exactly:
- Primary App ID has Sign in with Apple capability enabled
- Key created and associated with the App ID
- CSP allows
What we have already tried
- Re-saving Services ID configuration multiple times
- Regenerating Key and re-binding to App ID
- Verifying
client_idmatches Services ID identifier exactly - Waiting >24 hours for propagation
- Testing across multiple browsers and devices
Key observation The flow appears to stop before authentication UI renders fully, and no redirect/callback is ever triggered, suggesting the issue occurs within Apple’s authorization session before completion.
Question Is there any known requirement or verification step for Services IDs using a domain-style identifier, or any additional Apple-side configuration/activation step that could prevent the login form from rendering even though the initial authorize page loads?