I managed to implement apple sign-in and it works fine locally, but when I deploy to a webserver and it make request to token rest api (https://appleid.apple.com/auth/token) I receive {"error":"invalid_client"} 400 error. I run out of ideas what to do with this helpful message.
Overall I can say that apple API is not user friendly. At least I would expect error description with more specific information.
After two weeks of debug we managed to fix it
The problem was connected with token dates. The following code worked fine:
expires: DateTime.UtcNow.AddDays(2), // expiry can be a maximum of 6 months
issuedAt: DateTime.UtcNow.AddDays(-1),
notBefore: DateTime.UtcNow.AddDays(-1),While the following failed with invalid_client:
expires: DateTime.UtcNow.AddMinutes(5), // expiry can be a maximum of 6 months
issuedAt: DateTime.UtcNow,
notBefore: DateTime.UtcNow,After two weeks of debug we managed to fix it
The problem was connected with token dates. The following code worked fine:
expires: DateTime.UtcNow.AddDays(2), // expiry can be a maximum of 6 months
issuedAt: DateTime.UtcNow.AddDays(-1),
notBefore: DateTime.UtcNow.AddDays(-1),While the following failed with invalid_client:
expires: DateTime.UtcNow.AddMinutes(5), // expiry can be a maximum of 6 months
issuedAt: DateTime.UtcNow,
notBefore: DateTime.UtcNow,