Hi,
We have an integration with a server that is the responsible of checking the tokens of social networks SDKs we have implemented in the app whilst doing any user action. For example: GET user + SNToken --> in the server is checked the token --> {user data}
So the integration of Apple Sign In in this kind of systems would be:
When the user does login in the app we get a code, which we can forwarded to the server in order to be validated (just once) before creating the account and at the same time, get a refresh token. This token have an expiration time of 10 minutes and can be refreshed every time the user performs any action, so meanwhile we are during this period, we don't have any problem at all.
Let's imagine the user does the registration during the morning, and in the afternoon opens the app.
In the AppDelegate we can ask about the Apple Sign In state, but, if we want to perform any action in the server, is there any way to send any proof of authenticity to the server seamlessly, I mean, something that allows the server to check that the user is who he claims to be without requiring any user interaction? The refresh token is outdated at that time and to get the code is needed to display the Apple Sign In login flow.
Is there something I'm missing?
Regards
