Sign in with Apple app transfer: recovering legacy users without stored old team-scoped sub

Privacy & Security Sign in with Apple
everynation OP
Created 14h
Replies 0
Boosts 0
Views 9
Participants 1

Hello,

We recently transferred our iOS app to a different Apple Developer team.

App Store URL: https://apps.apple.com/kr/app/id6759354260

Bundle ID: com.kimchisushi.app

Our app uses Sign in with Apple. In our legacy implementation, some existing Apple login users were stored in our backend by email only. For those users, we did not store the original team-scoped Apple user identifier (sub).

The app transfer has already been completed, and we are currently within the 60-day migration window.

For many users, the migration path is clear:

  • If we have the old team-scoped sub, we can generate or exchange the transfer identifier according to Apple’s migration documentation.
  • If a user signs in after the transfer and the identity token contains transfer_sub, we may be able to use that claim to complete the migration.

However, our difficult case is this:

Some legacy users used Sign in with Apple with Hide My Email / Private Relay. For those users, we only have the old private relay email address in our database. We do not have their old team-scoped sub.

Questions:

  1. If we do not have the old team-scoped sub, is there any Apple-supported way to recover or map those legacy users using the old private relay email address?

  2. During the 60-day migration window, if one of these users signs in again after the app transfer, will the identity token include transfer_sub even if we did not generate a transfer identifier for that user before the transfer?

  3. If the identity token includes transfer_sub, is there any Apple-supported way to correlate that transfer_sub back to the user’s old private relay email address or old app account when the old sub was never stored?

  4. If the answer is no, is the recommended recovery path to implement our own account recovery / account relinking flow for these users?

We understand that the Apple user identifier (sub) should have been stored as the stable identifier, and that email should not be treated as stable. We are trying to confirm whether there is any official recovery path for the subset of legacy users where the old sub was not stored before the app transfer.

Thank you.

Replies  0
Boosts  0
Views  9
Participants  1
Sign in with Apple app transfer: recovering legacy users without stored old team-scoped sub
First post date Last post date
 
 
Q