Apple Sign In web Customer Info end point

Hi Team,

We are implementig the Sign In with Apple functionality for web application. We are following the ReST based approach. The authorization call is working fine and weare getting the 'code' and 'state' values on the return request object. But I am not getting the custome info details.

The user info section is completely missing on the apple doc. Could anyone help me to understand which endpoint to hit for getting the user info and what is the request format.


I have tried the token API call from Apple and I'm getting the response as 'unsupported_grant_type'
Endpoint : appleid.apple.com/auth/token
Header : svc.addHeader("Content-Type", "application/x-www-form-urlencoded");
Body : {'client_id' : client_id, 'client_secret_key' : client_secret_key, 'grant_type' : grant_type, 'code' : code, 'redirect_uri' : redirect_uri}
We are setting the grand_type vallue as 'authorization_code'.
We are getting the Response as :
service=AppleSignInTokenService status=ERROR errorCode=400 errorMessage={"error":"unsupported_grant_type"}
Please let me know where I'm going wrong.
Regards,

Shekhar

Up vote post of shekhar_ps Down vote post of shekhar_ps
1.4k views
Posted by
shekhar_ps
Reply
Add a Comment

Replies

Hi.


We had the same issue and solved it by checking that the redirect_url is matching one of the redirect_url enlisted in the service when you setup the ServiceID in https://developer.apple.com/account/resources/identifiers/list/serviceId.

Hope that helps.


--Marco

Posted by
marco_fing
Up vote reply of marco_fing Down vote reply of marco_fing
Add a Comment

Assumption: RESTful applicaiton/ web application


When sending a HTTP message of content-type 'application/x-www-form-urlencoded', the body cannot be a JSON message. In your case your complete message would have to look like this:


Method: POST

URL: https://appleid.apple.com/auth/token

Header: content-type=application/x-www-form-urlencoded


Body:

client_id={client_id}&client_secret={client_secret_key}&grant_type=authorization_code&redirect_uri={redirect_uri}&code={code}


Each value in {...} must be URL encoded. The {code} must be the one that was issued by Apple as result of the initial call to .../authorize.

Posted by
SaschaZeGerman
Up vote reply of SaschaZeGerman Down vote reply of SaschaZeGerman
Add a Comment