Hello, I have created a Swift app which has Apple Sign In integrated with it. We now want to add Apple Sign In to a web app but can't seem to find enough documentation on how to do this. We have followed the instructions at https://developer.apple.com/documentation/sign_in_with_apple/sign_in_with_apple_js/configuring_your_webpage_for_sign_in_with_apple and have ended up with a script like so: <head> <meta name="appleid-signin-client-id" content="colourworker.SPAD"> <meta name="appleid-signin-scope" content="name email"> <meta name="appleid-signin-redirect-uri" content="https://colourworker.com/apps/photofolia/applesignedin.html"> <meta name="appleid-signin-state" content="init"> <meta name="appleid-signin-nonce" content="NONCE"> <meta name="appleid-signin-use-popup" content="true"> </head> <body> <h1>Sign in with Apple</h1> <div id="appleid-signin" data-color="black" data-border="true" data-type="sign in"></div> <script type="text/javascript" src="https://appleid.cdn-apple.com/appleauth/static/jsapi/appleid/1/en_US/appleid.auth.js"></script> </head> </html> But have we populated the client-id, state, and NONCE correctly? When clicking on the Sign In with Apple button we get the error in this screenshot: I look forward to hearing from someone. Kind regards, Miguel

Hello everyone! I have a question (issue). I need to write a test for an app, and everything is okay with my tests, but I need to test login with an Apple ID, and I don't want to use my private Apple ID because I plan to post this test on GitHub. Is there any possibility to create, for example, a dummy Apple ID account? Or how do developers typically handle this situation?

I am attempting to use sign in with apple id based on the documentation at https://developer.apple.com/documentation/sign_in_with_apple/sign_in_with_apple_js/incorporating_sign_in_with_apple_into_other_platforms My authorization url ishttps://appleid.apple.com/auth/authorize?client_id=REDACTED&redirect_uri=REDACTED&response_type=code&response_mode=form_post&scope=name%20email The response data does not contain the documented "user".. The post data contains only "state" and "code" params. Is there something else which must be done with the authorization url? Is there something which must be configured for the app?

I have a problem that after the transfer the old users with private email addresses get new email addresses generated upon apple login and I can not connect them to their account in my database. I read that the account that initiates the transfer should "generate a transfer identifier for each user in their database" Is it possible to do this and migrate users after the application has already been transferred successfully to another account?

I know that apple requires apple sign in to be added to app , if , in case user adds any sort of social sign in in their app, . But if the purpose of these social sign in is to just fetch profile pictures only, is it also required then. If it is required , then is there any other way , to get user profile picture from facebook account , without adding any social sign in of any kind. to preserve some development and testing time.

Hi, I'm developing an app that supports sign-in with Apple. From the documentation, it seems that the name provided during registration with Apple Sign In isn't saved by Apple and isn't accessible later on. However, in the event of a server issue during registration, how should I manage the flow? In my opinion, it should be possible to retrieve the chosen name later or programmatically cancel the association of the user's Apple ID from the app to restart the registration process. What are your thoughts?

Hello. I'm gilgim. I have some questions regarding the review guidelines while working on the project. Therefore, I would like to ask them. If I implement Apple login on mobile, do I need to implement it on the website as well? May I inquire if it is permissible to implement a feature that matches a user's Apple ID after they have logged in with Apple and undergone authentication within the app to distinguish users? Could you please provide detailed information on whether not implementing or implementing such a feature would be a reason for rejection?"

Hello, I have integrated Sign In with Apple into my Swift App. Now I'd like to add Sign In with Apple into my website. I followed the instructions at https://developer.apple.com/documentation/sign_in_with_apple/sign_in_with_apple_js/configuring_your_webpage_for_sign_in_with_apple and resulted in an html page: <html> <head> <meta name="appleid-signin-client-id" content="colourworker.SPAD"> <meta name="appleid-signin-scope" content="name email"> <meta name="appleid-signin-redirect-uri" content="https://colourworker.com/apps/photofolia/applesignedin.html"> <meta name="appleid-signin-state" content="init"> <meta name="appleid-signin-nonce" content="NONCE"> <meta name="appleid-signin-use-popup" content="true"> </head> <body> <h1>Sign in with Apple</h1> <div id="appleid-signin" data-color="black" data-border="true" data-type="sign in"></div> <script type="text/javascript" src="https://appleid.cdn-apple.com/appleauth/static/jsapi/appleid/1/en_US/appleid.auth.js"></script> </head> </html> I have added https://colourworker.com/apps/photofolia/applesignedin.html to the list of Return URLs at https://developer.apple.com/account/resources/identifiers/serviceId/edit/ZSM7Q3SMVH. But when clicking on the Sign In With Apple button I get the following error: "invalid_request Invalid client id or web redirect url." Any ideas of what I'm doing wrong?

We are developing a mobile app that allows users to purchase gift cards from popular retailers, and this app requires valid email address during login/register which is needed for mapping all user’s wallet and gift card details. This app also supports social login like Apple, Facebook and Google and we are also providing a web platform where users can check their gift cards and wallet informations. We are currently facing an issue with Apple SignIn when using “Hide by Email” flow. We observed that in this flow, the app generates a tokenised email address for user to login, and the same tokenised email address will be mapped to the user's gift card and wallet information. Assume that an user register with mobile app using tokenised email address and the same user login into the web platform with a valid email address. In this flow, the user will not be able to see the wallet and  purchased gift card information which could result in data issues and discrepancies between web and mobile apps. We would like to know for any option to disable or remove “Hide by Email” from Apple’s SignIn popup. If not, could you suggest us a way to fix this issue. Appreciate your quick response. Thank you!

Below is app rejection message. The issues we previously identified still need your attention. If you have any questions, we are here to help. Reply to this message in App Store Connect and let us know. Bug Fix Submissions The issues we've identified below are eligible to be resolved on your next update. If this submission includes bug fixes and you'd like to have it approved at this time, reply to this message and let us know. You do not need to resubmit vour app for us to proceed. Alternatively, if you'd like to resolve these issues now, please review the details, make the appropriate changes, and resubmit. Guideline 4.0 - Design Your app still offers Sign in with Apple as a login option but does not follow the design and user experience requirements for Sign in with Apple. Specifically: Your app requires users to provide their mobile number after using Sign in with Apple. This information is already provided by the Authentication Services framework. Next Steps Please revise the Sign in with Apple experience in your app to address the issues we identified above.

When I tested Sign in with Apple after completing the transfer of the app, I noticed that when I Sign in with Apple, I became a different user (sub). After reviewing the document below, I realized that before transferring the app, I needed to generate a transfer identifier and hand it over to the receiving team. https://developer.apple.com/documentation/sign_in_with_apple/transferring_your_apps_and_users_to_another_team Is it possible to transfer Sign in with Apple users now, after completing the transfer of the app? I tried to generate generate access token with parameters that indicate in the document below but i can't. https://developer.apple.com/documentation/sign_in_with_apple/transferring_your_apps_and_users_to_another_team On the other hand, I can generate access token with parameters that indicate in the document below. https://developer.apple.com/documentation/sign_in_with_apple/bringing_new_apps_and_users_into_your_team

Hello, Due to legal reason (tax configuration), our organization had to create a new team and migrate iOS apps to a new team. We have an authentication server (Keycloak) configured to use “Sign In With Apple” on the web. Apps currently use the webview provided by Keycloak to proceeed to user login. To do so in the “Certificates, identifiers & Profiles” we have an App ID and Service ID Now we’d like to use “Sign In With Apple” within the apps on the new team and we’d like to keep users created on the old team. So we followed this documentation to transfer users from the old team to the new one : https://developer.apple.com/documentation/sign_in_with_apple/transferring_your_apps_and_users_to_another_team We are able to create transfer subs without any issue. The next step is described in this doc : https://developer.apple.com/documentation/sign_in_with_apple/bringing_new_apps_and_users_into_your_team When we try to get the exchange identifier, (at this step : https://developer.apple.com/documentation/sign_in_with_apple/bringing_new_apps_and_users_into_your_team#3559300), we receive an error 400. Is this because we haven’t done any transfer demand from old team to new team ? Regarding the doc we must : “Coordinate with the sending team transferring their users and apps over to your team. Then accept transfer identifers for all of the migrating users, and exchange the transfer identifiers for team-scoped identifiers and private email addresses to complete the process” As “Sign In With Apple” has been configured to be used for the web and not within an iOS app, we have no transfer identifier and we cannot init a transfer of the AppID and the Service ID used by “Sign In with Apple”. What is the correct way to proceed to users migration from the old team to the new one in this case ? Thank you.

delayed "Sign in with Apple" in android, web page "https://appleid.apple.com/auth/authorize" delayed more than 30 sec to load on Android or web Is there a solution to this issue?

I have implemented Sign in with Apple in my app. The flow goes like this: User taps sign in button In the delegate method I take the auth code and post it to my server. My server sends an activation request to apple and gets an id, refresh, and access tokens. This is where I have a problem: A user requests account deletion. The server sends a request to revoke the access and refresh tokens User may or may not go to settings and revoke "Sign in with Apple" access to the app (the following happens either way) The user then load the app again and taps the Sign in with Apple button. The delegate method provides a valid id token, but the same original auth code instead of generating a new one. The server now gets an invalid response from apple as the auth code is had already expired, and so can't get a new refresh token. The server also can't use the old refresh token as it's been revoked during deletion. Can someone tell me where I'm going wrong? I can't find any documentation for regenerating a refresh token after revoking it. Thank you

I am implementing Sign in with Apple using the JS framework.When the user (me, right now) signs in for the first time, I get data I need!The parameters look like thisParameters:{"state"=&gt;"[state]", "code"=&gt;"[code]", "id_token"=&gt; "[jws token]", "user"=&gt;"{\"email\":\"[the email I need]\"}"}My scope is just "email," I don't need (or want) their name.Next, I try signing in again (same everything)But, I get this optionWhen I click "continue" the data looks like thisParameters:{"state"=&gt;"[state]", "code"=&gt;"[code]", "id_token"=&gt; "[id token]"}As you can tell, there is no user object, no email, nothing I can use!If I do the code response and get an access token, I can't use it. There's no public, known endpoints to just get the email they used. There's no point in storing the email if I can never check for it the next time they sign in.This is happening on multiple browsers on macOS 10.14.4.On my iPhone running iOS 13 developer beta 3, every time I click the button, I get the option to "share" or "hide" my email (even though, as shown above, I've sign in before), and sharing the email actually shares it, while hiding it.. well hides it.However, the user data is always there.This bug(?) only appears when clicking Continue, which I can assume appears on devices that aren't running iOS 13. It's quite a problem on devices that aren't this small set of devices, so I hope this is either known, easily fixable, or something! Thanks for any help you can provide.

All app icon sizes are correct in assets catalog, but app icon does not appear under Apps Using Apple ID in device settings. Is there another place to set app icon for sign in with apple?Thanks.

I have old site with Apple users. Some of users selected hide my email, so that users created private email id in my old site. I have launch new website and here some old user registered using Apple sign in with same procedure. But I am not sure, these users registered new site with hide my email or not. I have to migrate old site users and there content on new site, but I am not sure same user selected hide my user or not in my both site. For Example 1: User 1 registered on old site with hide my email, so User 1 id created like Email: @privaterelay.appleid.com User 1 registered on new site with show my email, so User 1 id created like Email: @domainname.com Now I want to migrate old site users and data to new site. I cheeked email present on new site or not. If email present then I migrated the data. If email not found in new site, then I will create the user on new site and then migrate the data. But in above example user1 already created account with Hide my email in old site and show my email in new site. So I am not able to recognize user present in new site, so I created a new user entry in new site. That means user1 has created 2 account in new site. Is anyone know how to handle this issue?

I have implemented a Sign up with Apple button with usePopup=true. When I click the button I get the popup window. After authenticating I click the final "Continue" button and nothing happens. Well technically there is a request to https://appleid.apple.com/appleauth/auth/oauth/authorize. Clicking "Continue" more than once results in the error "Your request could not be completed because of an error. Please try again later." Where do I go from here?

Some background: A user must sign up for an account on our platform via a browser before they can sign in to our iOS app using an Apple ID otherwise we present the following error message as shown in the attached image. Authentication and session management is handled using AWS Cognito on our platform and we believe AWS Cognito is using the relevant API for Apple ID Sign Ins. For account deletion we are providing an account deletion option within the app to the user (who has to be signed in) under Account Settings. For a valid deletion request, we are deleting a user’s records from our database. For revoking, generating, and validating tokens we are using AWS cognito to handle token revocation, generation, and validation. Ask: Apple reviewers provided additional information (shown below) to help us resolve this issue. But i am not clear how this addresses their concern and would appreciate some guidance on how i could resolve it. Apple reviewer recommendation Apps that offer Sign in with Apple should use the REST API to revoke user tokens. If you have not retained the user’s refresh token, access token, or authorization code, you must still fulfill the user’s account deletion request. To learn more, we recommend reviewing the following resources: Handling account deletions and revoking tokens for Sign in with Apple Revoke tokens Generate and validate tokens

I cannot receive full name from Apple sign in and the app review fails. What I receive from the call is the following: { "familyName": null, "identityToken": "XXXXX", "givenName": null, "authorizationCode": "XXXXX", "user": "XXXXX", "email": null } while decoding the identityToken, I get: { iss: 'https://appleid.apple.com', aud: 'popularise.app', exp: 1697700330, iat: 1697613930, sub: 'XXXXX', nonce: 'nonce', c_hash: 'XXXX', email: 'XXXXXX', email_verified: 'true', auth_time: 1697613930, nonce_supported: true } As you can see, I have no information about given or family name. Body I am sending via api rest: { clientId: 'popularise.app', scopes: 'email name', redirectURI: '', state: '12345', nonce: 'nonce', } My tools: I am using nestJS and node (v16).