I'm facing an issue with some master sandbox testing cards, the DPAN value displayed on the “Wallet & Apple Pay Setting” different from the value we got after decrypting the payment token. check the below sample values: FPAN: 5204 2477 5000 1497 DPAN on device setting: **********5057 Decrypted DPAN: 520424****5996 The DPAN and the decrypted DPAN should be the same.

We have changed return URLs for one Service ID, but the change is not propagated. The old return URL still works and we get "Invalid web redirect URL". We even tried deleting Service ID with old return URLs and created new Service ID with new redirect URLs. But the only one that works is the one that we deleted.

When I clicked the continue button in the page "https://appleid.apple.com/auth/authorize?client_id=XXXXXXX&redirect_uri=XXXXXX&response_type=code%20id_token&state=asdjhkjhhhs&scope=email&response_mode=web_message&frame_id=XXXXX&m=12&v=1.5.4", I got the error " Your request could not be completed because of an error. Please try again later." the page send a post request Request URL: https://appleid.apple.com/appleauth/auth/oauth/authorize Request Method: POST. Status Code: **403 ** what should I do with that?

Basically title. The UI for the developer console just changed and I need to add a return url for my application, but I can't find the place to do so any longer. Please advise, thanks.

I have implemented a Sign up with Apple button with usePopup=true. When I click the button I get the popup window. After authenticating I click the final "Continue" button and nothing happens. Well technically there is a request to https://appleid.apple.com/appleauth/auth/oauth/authorize. Clicking "Continue" more than once results in the error "Your request could not be completed because of an error. Please try again later." Where do I go from here?

Hi guys, I have been using a services id for my apps and websites to use Sign in with Apple feature over 3 months. All of a sudden the website urls and return urls I newly add to the services id don't work. I am getting "invalid_request Invalid web redirect url." errrors. I have checked the urls carefully, (https), I also added many new ones but none of them worked. In order to test it I also removed some of the current return urls from my websites to see if it will stop working but no, the ones I removed still work which kind of confirms my theory that it does not update the list, it is bugged. Quite weirdly, the new native apps I submitted to the store also does not work, it gives the error "Sign-up Not Completed" Does any one have any idea? Such a weird problem all of a sudden

Null Display Name Issue with AppleAuth Provider on Firebase using react native Dear Apple App Review Team, I have been diligently working on my app, which heavily relies on Firebase for authentication purposes. Specifically, I am utilizing the AppleAuth provider to offer seamless authentication options to my users. However, during the review process, it came to my attention that the display name from the AppleAuth provider is being returned as null. This issue is concerning, as it directly affects the user experience and functionality of my app. It prevents users from being able to see their display name correctly, which can lead to confusion and frustration. Moreover, it undermines the trust and reliability of the app, which I have worked hard to establish. I have thoroughly reviewed my code and integration with Firebase, and I can confirm that I have followed all the necessary guidelines and recommendations provided by Apple and Firebase documentation. The null display name issue appears to be an unexpected and unintended consequence. To rectify this problem, I kindly request the assistance and guidance of the Apple App Review Team. I would greatly appreciate it if you could provide me with specific instructions or steps to resolve the null display name issue with the AppleAuth provider on Firebase. I understand the importance of maintaining high-quality standards on the Apple App Store, and I am fully committed to resolving this issue promptly. I value the collaborative relationship between developers and the Apple App Review Team and believe that by working together, we can ensure the best possible experience for our users. Thank you very much for your attention to this matter. I look forward to your prompt response and guidance on how to handle this issue effectively. Please feel free to contact me if you require any additional information or have any further

This appleid.cdn-apple.com page can’t be foundNo web page was found for the web address: https://appleid.cdn-apple.com/appleid/button/logo?size=44&color=black&border=false&border_radius=50&scale=2 HTTP ERROR 404

We are implementing a web app with Angular as frontend and java springboot as backend. while trying to use signin with Appleid in our application login page, we are getting Invalid_Client. please find the attached log and image of error. log.txt

I have the below code block to call the token endpoint. The endpoint succeeds from Postman with JSON response but from my web application, it fails with CORS error. What could be the reason for this behavior? const axios = require('axios'); const qs = require('qs'); let data = qs.stringify({ 'grant_type': 'authorization_code', 'code': 'xxxxxxyyyyybbb, 'redirect_uri': 'https:myApp/login', 'client_id': 'com.myclient_id', 'client_secret': 'myworkingsecret' }); let config = { method: 'post', maxBodyLength: Infinity, url: 'https://appleid.apple.com/auth/token', headers: { 'Content-Type': 'application/x-www-form-urlencoded' }, data : data }; axios.request(config) .then((response) => { console.log(JSON.stringify(response.data)); }) .catch((error) => { console.log(error); });

Hello, I need to use a apple sign in in ios application, i get my authorization code from hybryde apllication : let options: SignInWithAppleOptions = { clientId: ConstConfig.APPLE_CLIENT_ID, redirectURI: ConstConfig.APPLE_REDIRECT_URI, scopes: ConstConfig.APPLE_SCOPES, state: ConstConfig.APPLE_STATE, nonce: ConstConfig.APPLE_NONCE }; SignInWithApple.authorize(options) .then((result: SignInWithAppleResponse) => { this.authenticate.appleAuthorizationCode = result.response.authorizationCode; this.authenticate.appleUser = result.response.user; this.authenticate.appleIdentityToken = result.response.identityToken; i send this 3 value to my backend JAVA to validate the accessToken and get the refrsh token, validate java Method : logger.info("Apple authorization validation"); // get the subject received from the client String clientSubject = getSubject(identityToken); // verifying the code by the apple server String token = getToken(); logger.debug("Authorize with token:" + token); Map<String, String> params = new HashMap<>(); params.put("client_id", APPLE_CLIENT_ID); params.put("client_secret", token); params.put("code", authorisationCode); params.put("grant_type", "authorization_code"); params.put("redirect_uri", ""); if (redirectURI != null) { } String response = post(APPLE_AUTH_URL, params); logger.info("Apple authorization response:" + response); AppleTokenResponse tokenResponse = objectMapper.readValue(response, AppleTokenResponse.class); if (tokenResponse.getError() != null && tokenResponse.getError().length() > 0) { logger.warn("Error during verification of the code. Reason:" + tokenResponse.getError()); return null; } String serverSubject = getSubject(tokenResponse.getId_token()); if (!serverSubject.equals(clientSubject)) { logger.warn("Validation failed, subject does not match!"); return null; } return getClaims(tokenResponse.getId_token()); the JWT TOken : return Jwts.builder() .setHeaderParam(JwsHeader.KEY_ID, APPLE_KEY_ID) .setHeaderParam(JwsHeader.ALGORITHM,"ES256") .setIssuer(APPLE_TEAM_ID) .setAudience(APPLE_APPLE_ID_URL) .setSubject(APPLE_CLIENT_ID) .setExpiration(new Date(System.currentTimeMillis() + (1000 * 60 * 5))) .setIssuedAt(new Date(System.currentTimeMillis())) .signWith(SignatureAlgorithm.ES256, pKey) .compact(); how i get my private key : File file = new File(APPLE_CERTIFICATE_PATH); try { PEMParser pemParser = new PEMParser(new FileReader(file)); JcaPEMKeyConverter converter = new JcaPEMKeyConverter(); PrivateKeyInfo object = (PrivateKeyInfo) pemParser.readObject(); APPLE_PRIVATE_KEY = converter.getPrivateKey(object); logger.info("load apple private keys Ok."); } catch (Exception ex) { logger.error("error on generate apple sign in private Key : ", ex); } thr response still return : {"error":"invalid_grant","error_description":"client_id mismatch. The code was not issued to bundleID"}, i don't know the reason. i read that i nedd to check in testFlit, ido but i still get the same error, i also put the same redirect_url in front and back (for me that not needed because i dont use u web sign in ) but i still get the same error. for my bundle id i use the APP Identifier not the service Identifier in front and back. its correct ? thank for your help.

I double checked and my redirect url is the same in service id. It looks like the domains I add has no effect. I have another service id that works with apple sign in. I deleted the return url on it and it still works. Is there a delay or something. Can someone help me with this please? I am about to lose my mind

On every attempt of login and logout, I receive email and user name from apple as long as I have not revoked it. But if I revoke, and then try to login again. In that case, I don't get email/name. If I delete my apple account from device, and re login from settings. In that case, I get only user name on first login attempt in app. On subsequent logins, I get nothing. What could be possibly wrong with my flow? My login code is as import { appleAuth } from '@invertase/react-native-apple-authentication'; import auth from '@react-native-firebase/auth'; const appleAuthRequestResponse = await appleAuth.performRequest({ requestedOperation: appleAuth.Operation.LOGIN, requestedScopes: [appleAuth.Scope.EMAIL, appleAuth.Scope.FULL_NAME], }); // Ensure Apple returned a user identityToken if (!appleAuthRequestResponse.identityToken) { Alert.alert('Error', 'Apple Sign-In failed - no identify token returned'); return; } // Create a Firebase credential from the response const { identityToken, nonce } = appleAuthRequestResponse; const appleCredential = auth.AppleAuthProvider.credential(identityToken, nonce); // Sign the user in with the credential const res = await auth().signInWithCredential(appleCredential); console.log(res.user.email) // returns email The revoke code is as follows import { appleAuth } from '@invertase/react-native-apple-authentication'; import { getAppleAuthorizationToken } from '../firebase/cloudFunctions'; const authTokenJWT = await getAppleAuthorizationToken(); // call to get JWT appleAuthRequestResponse = await appleAuth.performRequest({ requestedOperation: appleAuth.Operation.LOGIN, requestedScopes: [appleAuth.Scope.EMAIL, appleAuth.Scope.FULL_NAME], }); const { authorizationCode } = appleAuthRequestResponse; const config = { headers: { 'Content-Type': 'application/x-www-form-urlencoded', }, }; const authTokenBody = { client_id: PACKAGE_NAME, client_secret: authTokenJWT.data.jwt, code: authorizationCode, grant_type: 'authorization_code', }; const generateAuthTokenUrl = 'https://appleid.apple.com/auth/token'; const res1 = await axios.post(generateAuthTokenUrl, authTokenBody, config); const revokeTokenBody = { client_id: PACKAGE_NAME, client_secret: authTokenJWT.data.jwt, token: res1.data.refresh_token, token_type_hint: 'refresh_token', }; const revokeAuthTokenUrl = 'https://appleid.apple.com/auth/revoke'; const res2 = await axios.post(revokeAuthTokenUrl, revokeTokenBody, config); // res2 is empty with status 200.

I have Sign In With Apple working on my website and on my production stage app, but the returned userId's are different. What are possible reasons this is happening?

I'm using apple login in my web app and passing the redirect URI to apple URL. It's working fine on all browsers except Safari. On Safari instead of opening the URL in a new tab it's showing the finger touch enabled login popup. Which is causing the issue and my redirect URI is not getting passed and I'm not able to receive the code and other details from apple. Can anyone please help me resolve this issue. Angular Code: const openNewWindow = window.open( 'https://appleid.apple.com/auth/authorize?response_type=code&response_mode=form_post&scope=name%20email&state=W4cL2JgRJq&client_id=CLIENT_ID&redirect_uri='+ this.AppleURL',"_blank" ); try { openNewWindow.opener = window; window.addEventListener('message', event => { this.signInWithApple(JSON.parse(event.data)); });window.addEventListener('message', event => { this.signInWithApple(JSON.parse(event.data)); }); } catch (error) { console.log("error",error); } Redirect URI js code:

I am working on a financial application that falls under Indian jurisdiction, which has specific regulations prohibiting the use of relay or proxy emails for sign-up processes. Given that the "Hide My Email" feature in "Sign in with Apple" provides a relay email, I'm trying to understand how I can remain compliant with these regulations while offering "Sign in with Apple" as a sign-up option. My proposed flow: Allow users to use "Sign in with Apple" for authentication. Check if the user has opted for the "Hide My Email" feature. If they have, show an error message explaining the regulatory restriction and prompt them to either: a) Use "Sign in with Apple" without the "Hide My Email" option OR b) Use our standard "Sign up with Email and Password" flow. I would like to understand if such an approach is acceptable according to Apple's guidelines. Would there be any issues or recommendations from Apple's side on implementing this flow? Thank you for your assistance and guidance!

Hi everyone, we are developing Ionic mobile app with .NET server part, now we are trying to implement apple authorization, it works properly with web(user can authorize and server receives callback), but it is not working with mobile, we can authorize and get response on client side with token and code, but it not initiate callback to server, we found a difference in apple endpoint that we call for web and for mobile(in query parameters for mobile- response_mode = web_message and for web- response_mode = form_post), we can't change url for mobile app, because we are using SignInWithApple from @capacitor-community/apple-sign-in, does anyone have experience with this problem? Thanks in advance.

I cannot receive full name from Apple sign in and the app review fails. What I receive from the call is the following: { "familyName": null, "identityToken": "XXXXX", "givenName": null, "authorizationCode": "XXXXX", "user": "XXXXX", "email": null } while decoding the identityToken, I get: { iss: 'https://appleid.apple.com', aud: 'popularise.app', exp: 1697700330, iat: 1697613930, sub: 'XXXXX', nonce: 'nonce', c_hash: 'XXXX', email: 'XXXXXX', email_verified: 'true', auth_time: 1697613930, nonce_supported: true } As you can see, I have no information about given or family name. Body I am sending via api rest: { clientId: 'popularise.app', scopes: 'email name', redirectURI: '', state: '12345', nonce: 'nonce', } My tools: I am using nestJS and node (v16).

Hello, I have integrated Sign In with Apple into my Swift App. Now I'd like to add Sign In with Apple into my website. I followed the instructions at https://developer.apple.com/documentation/sign_in_with_apple/sign_in_with_apple_js/configuring_your_webpage_for_sign_in_with_apple and resulted in an html page: <html> <head> <meta name="appleid-signin-client-id" content="colourworker.SPAD"> <meta name="appleid-signin-scope" content="name email"> <meta name="appleid-signin-redirect-uri" content="https://colourworker.com/apps/photofolia/applesignedin.html"> <meta name="appleid-signin-state" content="init"> <meta name="appleid-signin-nonce" content="NONCE"> <meta name="appleid-signin-use-popup" content="true"> </head> <body> <h1>Sign in with Apple</h1> <div id="appleid-signin" data-color="black" data-border="true" data-type="sign in"></div> <script type="text/javascript" src="https://appleid.cdn-apple.com/appleauth/static/jsapi/appleid/1/en_US/appleid.auth.js"></script> </head> </html> I have added https://colourworker.com/apps/photofolia/applesignedin.html to the list of Return URLs at https://developer.apple.com/account/resources/identifiers/serviceId/edit/ZSM7Q3SMVH. But when clicking on the Sign In With Apple button I get the following error: "invalid_request Invalid client id or web redirect url." Any ideas of what I'm doing wrong?

I just raised the iOS version to 17, but the login with face id doesn't appear in the react native webview. The login with face id doesn't appear, and the website loads. If the user is on iOS 16 in the same app, the login with face id appears. Is there something I'm missing?