Hey there, I'm trying to get Sign In with Apple integrated into a native iOS app, and am running into troubles trying to validate the data coming back in ASAuthorizationAppleIDCredential over the REST API on my app's server-side.
I am using the endpoint https://appleid.apple.com/auth/token with the body data containing client_id, code, grant_type and client_secret.
The values for these are as follows:
client_id: <the iOS app's ID com.blah.blah.blah..>
code: <authorizationCode from ASAuthorizationAppleIDCredential>
grant_type: <authorization_code - as I am trying to verify the authorization code>
client_secret: <identityToken from ASAuthorizationAppleIDCredential>
When I submit the post request, I constantly get invalid_client on grant_type of authorization_code. No further error response is present at all, so I'm grasping at straws a bit.
If anyone has experience fetching the code/secret from native, and then verifying these over the REST API from a server, I'd be very appreciative to hear any insights.
Thanks!