ConfigurationAuthenticationSocial Login

Apple

Using Apple social login requires an active Apple Developer account, which is a paid service starting at $99/year.

To enable Auth.it to authenticate users with Apple, perform the following steps.

1. Enable Apple social login in Auth.it

In Auth.it’s Authentication view:

  1. In the Apple section, click Enable Apple.
  2. In the configuration pop-up, click the toggle to enable Apple integration.
  3. Copy the redirect URI that Auth.it displays. You will paste this later into your Apple Developer settings.

2. Configure your Apple Developer account

Go to your Apple Developer account and perform the following configuration steps.

2.1. Copy your team ID

In the Account view that opens after sign-in, scroll down to the Membership details section and copy your Team ID: Apple Developer team ID

2.2. Create an app ID

Although an app ID is not used directly in your Auth.it configuration, you still need it to generate a key in one of the following steps.

  1. Scroll back up to the Program resources section. Under Certificates, IDs & Profiles, click Identifiers: Link to Identifiers in the Apple Developer Account
  2. Click the + button to create a new identifier: Add Identifier button
  3. Select App IDs, then click Continue.
  4. Select the App type, then click Continue.
  5. Enter a description (e.g. App ID for social login) and a bundle ID (for example, com.example.authit.apple-app-id): Creating a new App ID
  6. Under Capabilities, scroll down and select the Sign in with Apple checkbox.
  7. Click Continue, then Register.

2.3. Create and copy a service ID

  1. In the list of identifiers, click + again to create a new identifier.
  2. Select Services IDs, then click Continue.
  3. Enter a description (e.g. “Apple social login”) and a reverse-domain-name-style identifier (e.g. com.example.authit.apple-login — note that this must not match the bundle ID of your app ID), then click Continue.
  4. On the next screen, click Register.
  5. Once the new service ID is created, click its entry in the list of IDs. This opens the details view for the service ID.
  6. Copy the identifier from the details view. This is your Apple service ID: Copying the Apple service ID
  7. In the same details view, select the Sign In with Apple checkbox.
  8. Click the Configure button next to Sign in with Apple. This opens the Web Authentication Configuration pop-up.
  9. Under Domains and Subdomains, add a comma-separated list of your application’s domains, including any non-production instances. Do not include the scheme or the delimiter: enter example.com instead of https://example.com.
    localhost will not work here. For testing purposes, consider using ngrok or a similar service to expose your local development instance to the internet. If you do, remember to add the external domain to the list of Redirect URIs for the frontend application in Auth.it’s Applications page.
  10. Under Return URLs, paste the redirect URI you copied from Auth.it. The Web Authentication Configuration pop-up should now look like this: Web Authentication Configuration pop-up
  11. Click Next, then Done.
  12. Back on the service ID details screen, click Continue.
  13. On the Edit your Services ID Configuration screen, click Save.

2.4. Create and download a private key and copy the key ID

  1. Back in Certificates, Identifiers & Profiles, click Keys: Link to Keys in the Apple Developer Account
  2. Click the + button to create a new key.
  3. In the Register a New Key view, enter a key name (e.g. Key for social login).
  4. Select the Sign in with Apple checkbox: Selecting Sign in with Apple in the Register a New Key view
  5. Click Configure for Sign in with Apple.
  6. In the Configure Key view, select the app ID you created earlier in the Primary App ID dropdown.
  7. Click Save.
  8. Back in the Register a New Key view, click Continue, then Register.
  9. In the Download Your Key view, click Download. Save the downloaded .p8 key file. This file is your Apple private key. Keep it secure — it cannot be downloaded again.
  10. Copy the Key ID displayed in the Download Your Key view. This is your private key ID: Copying the private key ID

3. Complete Auth.it’s Apple configuration

Back in Auth.it’s Apple configuration pop-up:

  1. Paste your Apple service ID into Apple Client ID.
  2. Open the .p8 key file you downloaded and paste its contents into Apple Client Secret.
  3. Paste your Apple team ID into Apple Team ID.
  4. Paste the private key ID into Apple Key ID. Here’s what the final configuration should look like: Final Apple configuration
  5. Click Save changes.

4. Test that the Apple integration is working

  1. In your application, go to the login page. Notice that it now contains a button to log in with Apple: Login page with an Apple login button
  2. Click the Apple login button.
  3. You should see the Apple login dialog. Enter your Apple ID and password, then authorize the application. Apple's authorization flow
  4. You are now logged in with your Apple ID and redirected back to your application.