![]() ![]() curl -X POST -d 'grant_type=authorization_code&code= &redirect_uri= &client_id= &client_secret= 'Īfter running the above you should end up with an access token and an id token. Run the following cURL command in the terminal after replacing the code with the code you got performing the above, the redirect_uri and client_id as previously used and the client_secret obtained by running secret_gen.rb. And in the end, you will be redirected to the redirect_uri and end up with a code. You will be prompted to authenticate (I had to enable two-factor authentication for my Apple Id to continue). Okay… Now we are ready to test Sign In with Apple :)Īdd your redirect_uri(should be a Return URL we configured previously) and the client_id and paste this in your browser and hit enter. Use the same value as client_id as this token is meant for your application.Īfter setting up Ruby run the command sudo gem install jwt this will setup ruby-jwt.Īdd the necessary details and save the following as secret_gen.rb sub - The value of which identifies the principal that is the subject of the JWT. Since this token is meant for Apple, use. aud - The value of which identifies the recipient the JWT is intended for. Accroding to the docs the value must not be greater than 15777000 (6 months in seconds) from the Current Unix Time on the server. exp - Indicates the expiry time of the token expiration, in terms of the number of seconds since Epoch, in UTC. You can find it here iat - Indicates the time at which the token was generated, in terms of the number of seconds since Epoch, in UTC. Payload- iss - 10 character Team ID give to you. You can get it from Certificates, Identifiers & Profiles > Keys > (click on the key you created). kid - The 10 charachter Key ID of the private key you create. Header- alg - The encryption algorithm used to encrypt the token. Firstly check whether you already have Ruby setup if not you can get it from here.īelow are the details we will need to include in the JWT. One of the easy ways to get this done is using ruby-jwt. The client secret has to be a JWT and according to Apple docs, we need to encrypt the token using the Elliptic Curve Digital Signature Algorithm (ECDSA) with the P-256 curve and the SHA-256 hash algorithm. We already have our client_id now we need one more thing to call the API the client_secret which we will create using the private key we just downloaded. Well, that's pretty much it with configurations. Download the key and keep it in a safe place as you will never be able to download it again.And in the screen that appears next(Configure Key) select the same App Id we used previously under Choose a Primary App ID and click Save. Here also we will have to click on Configure. Give a Key Name and make sure to tick Sign In with Apple.Go to Certificates, Identifiers & Profiles > Keys and click on the + sign in the upper left next to “Keys”.Now we need to create a secret key that will be used to get our client_secret which will also be needed to make a token request from the Apple. Click on Continue and in the next page verify the details and click Register.Finally, add the Return URLs (you can add multiple) which will be the valid URLs to redirect the user after the user authenticates with Sign In with Apple (for quick testing purposes I used ). Next, you will have to add the Web Domain you will be using this service in (however I did not have to verify the domain to try out Sign In with Apple, but its best if you can get this done). Make sure the App ID we obtained previously is selected as the Primary App ID. Clicking the Configure button from the previous step will display a screen with Web Authentication Configuration.Here you will have to click on the Configure button next to “Sign In with Apple”. Here enter any Description and an Identifier (Apple recommends using a reverse-domain name style string ex: ).This time select Services IDs and hit continue.Again go to Certificates, Identifiers & Profiles > Identifiers and click on the + sign in the upper left next to “Identifiers”.This will also serve as the cliend_id when you will be making API calls to authenticate the user. And finally, click continue and in the next page verify the details and click Register. ![]() Scroll down the Capabilities and make sure to tick on Sign In with Apple. Here enter any Description and a Bundle ID (Apple recommends using a reverse-domain name style string ex: ).Go to Certificates, Identifiers & Profiles > Identifiers and click on the + sign in the upper left next to “Identifiers”.We will need to obtain an App Id with “Sign In with Apple” capabilities. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |