We recently are adding apple signup in our app and in our db we have 50 chars as max length of user identifiers. i was wondering how long they can be on apple and whether we should tweak the max length on our side.

Hi everyone! I am in the process of transferring an app from account (A) to account (B), and I am wondering how the various steps in the documentation link to the transfer process. In particular: https://developer.apple.com/documentation/sign_in_with_apple/transferring_your_apps_and_users_to_another_team -> I understood that this process can be done BEFORE the migration to create all the transfer_sub beforehand. https://developer.apple.com/documentation/sign_in_with_apple/bringing_new_apps_and_users_into_your_team -> when can this be done? After initiating the transfer or only after the transfer is completed? Moreover, what about the private key used for Sign in With Apple from the old team? Will it still work before/after the transfer, or in which step it will stop work? For example, in Firebase we set-up the Apple Sign in using the (A) team_id and private_key. When should we change this in Firebase? After initiating the transfer, after the transfer is completed? Will the old key stop working after the transfer is completed? Thank you!

According to Apple documents, " Apple’s servers may throttle your call if you attempt to verify a user’s Apple ID more than once a day". that "throttle" means that apple server will return "invalid_client"? when we log in with Sign in with Apple while verifying the refresh token, sometimes log in successfully, and sometimes "invalid_client" is returned.

I have implemented a Sign up with Apple button with usePopup=true. When I click the button I get the popup window. After authenticating I click the final "Continue" button and nothing happens. Well technically there is a request to https://appleid.apple.com/appleauth/auth/oauth/authorize. Clicking "Continue" more than once results in the error "Your request could not be completed because of an error. Please try again later." Where do I go from here?

Hi guys, I have been using a services id for my apps and websites to use Sign in with Apple feature over 3 months. All of a sudden the website urls and return urls I newly add to the services id don't work. I am getting "invalid_request Invalid web redirect url." errrors. I have checked the urls carefully, (https), I also added many new ones but none of them worked. In order to test it I also removed some of the current return urls from my websites to see if it will stop working but no, the ones I removed still work which kind of confirms my theory that it does not update the list, it is bugged. Quite weirdly, the new native apps I submitted to the store also does not work, it gives the error "Sign-up Not Completed" Does any one have any idea? Such a weird problem all of a sudden

Some background: A user must sign up for an account on our platform via a browser before they can sign in to our iOS app using an Apple ID otherwise we present the following error message as shown in the attached image. Authentication and session management is handled using AWS Cognito on our platform and we believe AWS Cognito is using the relevant API for Apple ID Sign Ins. For account deletion we are providing an account deletion option within the app to the user (who has to be signed in) under Account Settings. For a valid deletion request, we are deleting a user’s records from our database. For revoking, generating, and validating tokens we are using AWS cognito to handle token revocation, generation, and validation. Ask: Apple reviewers provided additional information (shown below) to help us resolve this issue. But i am not clear how this addresses their concern and would appreciate some guidance on how i could resolve it. Apple reviewer recommendation Apps that offer Sign in with Apple should use the REST API to revoke user tokens. If you have not retained the user’s refresh token, access token, or authorization code, you must still fulfill the user’s account deletion request. To learn more, we recommend reviewing the following resources: Handling account deletions and revoking tokens for Sign in with Apple Revoke tokens Generate and validate tokens

I'm trying to use the sign in button API documented here. No matter what, it returns a 404. Even going to https://appleid.apple.com/signinwithapple/button and clicking any of the Download links leads to a 404. Is this a documentation error, or is this API to generate buttons no longer available?

I push a new application to store. ;When i try to log in with FaceId, i get an error like this "Sign up not completed". what am i missing? could you help pls :) you can access the app from https://apps.apple.com/tr/app/lone/id6447771266?l=tr

Hi there, when using Touch ID, the call back following a request to auth/authorize does not include any user information ( user={} ), but it does if the user log in using a password. Is there a reason ? How to handle that Thanks

When the user's identity (sub) is changed when the app is migrated. When the migration is initiated, it is still when the receiving team confirms. In addition, when can the Exchange identifiers endpoint be used?

Null Display Name Issue with AppleAuth Provider on Firebase using react native Dear Apple App Review Team, I have been diligently working on my app, which heavily relies on Firebase for authentication purposes. Specifically, I am utilizing the AppleAuth provider to offer seamless authentication options to my users. However, during the review process, it came to my attention that the display name from the AppleAuth provider is being returned as null. This issue is concerning, as it directly affects the user experience and functionality of my app. It prevents users from being able to see their display name correctly, which can lead to confusion and frustration. Moreover, it undermines the trust and reliability of the app, which I have worked hard to establish. I have thoroughly reviewed my code and integration with Firebase, and I can confirm that I have followed all the necessary guidelines and recommendations provided by Apple and Firebase documentation. The null display name issue appears to be an unexpected and unintended consequence. To rectify this problem, I kindly request the assistance and guidance of the Apple App Review Team. I would greatly appreciate it if you could provide me with specific instructions or steps to resolve the null display name issue with the AppleAuth provider on Firebase. I understand the importance of maintaining high-quality standards on the Apple App Store, and I am fully committed to resolving this issue promptly. I value the collaborative relationship between developers and the Apple App Review Team and believe that by working together, we can ensure the best possible experience for our users. Thank you very much for your attention to this matter. I look forward to your prompt response and guidance on how to handle this issue effectively. Please feel free to contact me if you require any additional information or have any further

Subject: Request for Resolution on Guideline 4.0 - Design: Null Display Name Issue with AppleAuth Provider by Firebase in React Native App Dear Apple App Review Team, I am writing to express my concern and seek assistance regarding the rejection of my React Native app from being published on the Apple App Store. The rejection reason cited is Guideline 4.0 - Design, specifically stating that my app requires users to provide their name and/or email address after using Sign in with Apple. Additionally, there is a null display name issue from the AppleAuth provider by Firebase. I want to assure you that I have made every effort to comply with Apple's guidelines and provide a seamless user experience. However, it appears there may be a misunderstanding or miscommunication regarding the implementation of the name and email address requirement as well as the null display name issue. Regarding the name and email address requirement: My app integrates Firebase's AppleAuth provider to facilitate Sign in with Apple. During the authentication process, the necessary permissions and scopes are requested to retrieve the user's name and email address from Apple. The obtained name and email address are stored securely within my app, eliminating the need for users to provide this information separately after using Sign in with Apple. Regarding the null display name issue: Upon thorough testing, I have identified a problem where the display name returned from the AppleAuth provider by Firebase occasionally appears as null. This issue is unexpected and unintended, as the display name should be populated correctly based on the information retrieved from Apple during the authentication process. I have reviewed my code and integration with Firebase, following all the guidelines and recommendations provided by Apple and Firebase documentation. I kindly request your guidance and assistance in resolving both the name and email address requirement misunderstanding and the null display name issue from the AppleAuth provider by Firebase. I am committed to rectifying these issues promptly to ensure compliance with Apple's guidelines and provide an optimal user experience. Thank you for your attention to this matter. I eagerly await your response and guidance on how to address the Guideline 4.0 rejection and the null display name issue effectively. Please feel free to reach out to me if you require any additional information or have further questions. Sincerely, dev nihar

Can we remove apple sign in /signup option from iOS and can only have signup with email id

Hi, I'm building a MacOS app that will be published outside of the AppStore (Using an installer). In the app we have an option to sign-in with Apple & Google. While trying to archive the app and distribute with a Developer ID, xcode presented us with this error, and once the entitlements were removed the sign-in with Apple/Google stopped working. Is there a way to archive the app and distribute with Developer ID and also support sign-in with Apple/Google? Thanks!

We're trying to release a social media app that uses social sign in. The two sign in options are google sign in and apple sign in. Our app keeps getting rejected because the testers cannot login to the demo account. Apple requires a 2 factor verification, and google requires a 2 factor verification. At this point, we are stuck. We don't want to go through the process of keeping track of usernames and passwords just for app review. What do we do?

hello. I am using "@invertase/react-native-apple-authentication" library in react native, but the identityToken value is different. Could you provide some data to compare against previous values? We recently replaced the Provisioning Profile certificate, but the Team ID remains the same I am attaching example code. import {appleAuth} from '@invertase/react-native-apple-authentication' ... const appleAuthRequestResponse = await appleAuth.performRequest({ requestedOperation: appleAuth.Operation.LOGIN, requestedScopes: [appleAuth.Scope.EMAIL, appleAuth.Scope.FULL_NAME], }) await appleAuth.getCredentialStateForUser(appleAuthRequestResponse.user) const {identityToken} = appleAuthRequestResponse as any

I use the Apple login function, but all of them were treated as new users because the existing Apple login user information and sub-value did not match. I haven't done anything recently except change to a public certificate, but both the app and the web are getting sub-values for jwt tokens that differ from existing user information. How do I fix this problem?

We are currently developing a new iOS application, and we plan to use Sign in with Apple for user authentication. We have a few questions related to this. We understand that Sign in with Apple is compliant with OpenID Connect. However, in our service, the use cases for access_token and refresh_token are limited. Therefore, even if we do not use these tokens, is there a possibility that we will receive a rejection in the Apple Store Review process? Specifically, we are thinking of saving the user's identifier, which can be obtained at the time of authentication, on our server and using it to identify the user. ASAuthorizationAppleIDCredential According to Apple's guidelines (5.1.1 Data Collection and Storage), we need to invalidate the user's tokens when the account is deleted. Does this requirement apply even if the token has already expired? App Store Review Guidelines 5.1.1 Revoke tokens Thank you in advance for your help!

In the app I am currently creating, I want to make the user logged in only after signing in with apple and making in-app purchases. In other words, if the user only creates an account and does not make in-app purchases, he/she is not logged in, and we do not want to display the "delete account" button. However, if the user leaves the app without making an in-app purchase, the account information will be kept on the server. I understand that after 6/30/2022, users must be able to delete their accounts. Can we use a batch process to periodically delete accounts that have not made in-app purchases and hit the API for token deletion to satisfy the app's review requirements? Also, would it be a problem if we mention in the terms of service, etc. that accounts that have not made in-app purchases are to be deleted periodically?