Social Authentication - Infisign UniFed with Apple ID OAuth 2.0



Step 1:

Visit the Apple ID Developer site at https://developer.apple.com/account

Step 2:

Log in using your Apple ID account credentials.

Step 3:

Click on the Identifiers option in the Certificates, IDs & Profiles.

Step 4:

Click on the + icon next to Identifiers

Step 5:

Select App IDs and click continue.

Step 6:

Select App and click continue.

Step 7: 


Add description and Bundle ID(Client ID).

Step 8:

Scroll down in the capabilities and enable Sign in with apple option

Step 9:

Check Enable as a primary App ID is selected as default for Sign in with Apple if not edit it and click Continue.

Step 10:

Note Team ID (App ID prefix) and Bundle ID(Client ID), Click on register.

Step 11:

Switch from the Identifiers to the Keys tab and click the + icon next to Keys.

Step 12:

Add Key Name enable sign-in with Apple and click Configure.

Step 13:

Select Primary App ID from dropdwon and click on save.

Step 14:

Note the Key ID and click download to download the private key file.

Step 15:

To get the Client Secret, you need to run some code. Here is your sample Python code.


import jwt
import time
from datetime import timedelta

# Load your .p8 private key file

with open('AuthKey_XXXXXX.p8', 'r') as f:  # Replace with your actual .p8 file name
private_key = f.read()

# Define the payload (claims for the JWT)

current_time = int(time.time())  # Current time in seconds
expiration_time = current_time + (180 * 24 * 60 * 60)  # 6 months in seconds

# Replace the following values with your actual details

team_id = 'XXXXXX'         # Your Apple Developer Team ID
client_id = 'com.xxx.xxxxx' # Client ID
key_id = 'XXXXXX'            # The Key ID 

# JWT claims

claims = {
'iss': team_id,              # Issuer (Team ID)
'iat': current_time,         # Issued at (current time)
'exp': expiration_time,      # Expiration time (6 months from now)
'aud': 'https://appleid.apple.com',  # Audience (Apple's authorization server)
'sub': client_id             # (Services ID / Client ID)
}

# Generate the JWT token/ Client Secret

token = jwt.encode(
claims,
private_key,
algorithm='ES256',  # Apple requires ES256 algorithm (Elliptic Curve)
headers={
'kid': key_id  # Key ID (from Apple Developer account)
}
)

# If using PyJWT version 2.x, token will be a bytes object, so decode it

Still need help? Contact Us Contact Us