User Profile

Hi,In this Verifying a User article:https://developer.apple.com/documentation/signinwithapplerestapi/verifying_a_userTwo sections mention instructing your app to provide a new Identity Token if required without involving user interaction.Obtain a Refresh Token"If any step of the token verification fails, direct your app to fetch a new identity token for the user. Obtaining a new identity token on the device doesn’t require user interaction."Manage the User Session"You may also choose to get a new identity token at any time without user interaction. User sessions are long-lived on device, so calling for a new identity token on every launch, or more frequently than once a day, can result in your request failing due to throttling."Please could someone explain how is this done in AuthenticationServices in an iOS App without triggering the full login dialog + requiring user interaction?There seems to be no documentation on this at all in the AuthenticationServices docs? Additionally blog posts etc. on the topic all seem to indicate that the only way to get a new Identity Token is by triggering the full login dialog again.e.g. https://blog.curtisherbert.com/so-theyve-signed-in-with-apple-now-what/Is this actually possible currently?Thanks

Hi,Just looking at migrating an existing Login with Facebook flow over to Sign in with Apple with the hope of eliminating FB Login entirely from our app.The client side seems straight forward enough, however there's one topic I can't seem to see any documentation or discussion here or on Stack Overflow about - a Sign In with Apple equivalent for FB App Access Tokens.Facebook Login supports different token types (https://developers.facebook.com/docs/facebook-login/access-tokens/) and currently our app back end supports 2 authentication flows.1. From End App Users, they Login with Facebook, send the provided client User Access Token to the app backend which validates the token against Facebook and then issues an app specific JWT token to the app client that is used in further app API calls until expiry.2. From backend server components. These request an App Access Token from Facebook e.g.curl -X GET "https://graph.facebook.com/oauth/access_token ?client_id={your-app-id} &client_secret={your-app-secret} &grant_type=client_credentials"The App Access Token is then send to the app backend which validates the token against Facebook and then issue an app specific JWT token that is used in further server to server API calls until expiry.Replacing 1 above seems straightforward but what about 2? Is there a straightforward mechanism for achieving the same with Sign In with Apple?It seems like the https://developer.apple.com/documentation/signinwithapplerestapi would be the API to use but is there a way to generate an App Access Token equivalent for Sign In with Apple to validate using this REST API?