Apple

Sign in with Apple makes it easy for millions of users to sign up and log in to your apps and websites using their Apple ID. Instead of using a social media account, or filling out forms and choosing yet another password, your target users see and can use Sign in with Apple to set up an account and start using your app right away. All user accounts are protected by Apple with two-factor authentication for superior security, and Apple will not track users' activity in your app or website. Apple retains only the information needed for users to sign in and manage their accounts. Developers can add Sign in with Apple anywhere they offer their app or service, so users can sign in quickly and easily regardless of the platform.

The Apple social connection allows users to log in to your application using their Apple profile. The Apple App Store Developer Guidelines require that Sign In With Apple (SIWA) must be available in all applications that exclusively use third-party sign-in options, such as Facebook or Google.

By default, Auth0 automatically syncs user profile data with each user login, thereby ensuring that changes made in the connection source are automatically updated in Auth0. Optionally, you can disable user profile data synchronization to allow for updating profile attributes from your application.

Apple does not currently provide a way to change the icon/logo displayed on the Apple login page.

Prerequisites

Before you begin, sign up for an Apple Developer Program account, which is a paid account. A free trial is available if you are a member of the iOS Developer University Program.

If you are using the Classic Universal Login flow or embedding Lock.js in your application, make sure you are using Lock.js version 11.16 or later.

Set up app in Apple

Set up an app in the Apple Developer Portal using Apple's Sign in with Apple documentation. During this process, Apple will generate the following IDs and keys for your application; make note of these:

• Services ID (Client ID)
• Client Secret Signing Key (Client Secret)
• Apple Team ID
• Key ID

When setting up your app, use the following values:

Field	Value to Provide
Bundle ID	com.auth0
Services ID Identifier	Reverse domain name (e.g., .com.auth0.travel0)
Web Domain	https://YOUR_DOMAIN/
Return URL	https://YOUR_DOMAIN/login/callback

Find your Auth0 domain name

If your Auth0 domain name is not shown above and you are not using our custom domains feature, your domain name is your tenant name, your regional subdomain (unless your tenant is in the US region and was created before June 2020), plus.auth0.com. For example, if your tenant name were exampleco-enterprises, your Auth0 domain name would be exampleco-enterprises.us.auth0.com and your callback URL would be https://exampleco-enterprises.us.auth0.com/login/callback. (If your tenant is in the US and was created before June 2020, then your domain name would be https://exampleco-enterprises.auth0.com.)

If you are using custom domains, your callback URL will have the following format: https://<YOUR CUSTOM DOMAIN>/login/callback.

Create and enable connection in Auth0

Set up the Apple social connection in Auth0. Make sure you have the generated IDs and keys:

• Services ID (Client ID)
• Client Secret Signing Key (Client Secret)
• Apple Team ID
• Key ID

Besides the standard social connection settings, the Apple social connection configuration includes the following:

Setting	Description
Team ID	ID of the organization Apple approved to receive their development kit. Developer accounts are associated with an approved team. You can find your Team ID in the Apple Developer Portal under Membership Details.
Key ID	ID of the token signing key that Apple issued to allow your app to communicate with Apple Push Notifications (APNs). You can find your Key ID in the Apple Developer Portal under Certificates, Identifiers & Profiles.

Test connection

You're ready to test your connection.