Post

Replies

Boosts

Views

Activity

The email claim is missing in JWT identityToken
The Sign In with Apple functionality has been implemented in our application a while ago and was working with no issue. Yesterday we have found that for some AppleIDs the identityToken did stop to contain the email address. This is definitely not caused by our changes because the issue is reproduced on the production version too and it definitely has been properly tested and was working. The issue reproduces on some AppleIDs and does not appear on others. The only fix we have found this far is to delete the application association on the appleid.apple.com. After this the subsequent authorisations succeeded and the identityToken again contains an email address. What is a correct way to handle cases like this? Suggesting our users to remove an association is not an option because the user may have active purchases.
0
0
639
Sep ’22