## Apple login

Enabling Apple login allows users to sign in using their Apple accounts, simplifying the login process. To enable Apple login, first activate Apple in the builder, then create the required credentials through Apple’s developer portal.

Follow the steps below for a seamless integration.

### Enabling Apple login in builder

1. Navigate to **Home** and open the **Login Box** builder.
2. In the left panel, toggle **Apple** to on.


![Apple-Login-1](/assets/apple-login-1.d31177e682d36fd1d08d5aa802dcdb2661a385aa9a3472c55e8dc9e8b50bd1a8.01141472.png)

br
You can have up to four social login options on your login page.

br
After modifying any settings, commit your changes and publish them to apply across your environments.

br
### Creating Apple credentials

Log in to your [Apple Developer Account](https://developer.apple.com/account). This will be referred to as the **Home Page** throughout the setup.

![Apple-Login-2](/assets/apple-login-2.556c063b7c78dddaec4452a443abd690ecd0e2c4cd6f1dbea5b6f1fb2e8e7ca4.01141472.png)

Follow the steps below to set up Apple Login.

### Step 1: Create an application

1. In the **Home Page**, under **Certificates, Identifiers & Profiles**, click on **Identifiers**.
2. Ensure **App IDs** is selected at the top right, then click the blue plus button to add a new App ID.


![Apple-Login-3](/assets/apple-login-3.5b2d3c6add755d93209e7ff05d85138c9fbf2254775faa48a2fc6c8a30ba13d4.01141472.png)

1. Select **App IDs** on the new screen and click **Continue**.


![Apple-Login-4](/assets/apple-login-4.dde2f922583bebf0dee533be5eeecf876a0a795421c78fc4526fbcc708f378f7.01141472.png)

1. Set **App** as the Identifier type and click **Continue**.


![Apple-Login-5](/assets/apple-login-5.68e3fd267c041df10970889ec0500c1252b1933edee24fc2b436946127dc8a1d.01141472.png)

1. Provide a **Description** and a **Bundle ID** (use a reverse-domain format, e.g., `com.example.myapp`). Ensure the **Explicit** option is selected for the Bundle ID.


![Apple-Login-6](/assets/apple-login-6.e5c6ceaeec60dfa1a65f1820a57d20f6fc85e3956c5a381ec572f38037401aab.01141472.png)

1. Scroll down to **Capabilities** and select **Sign In with Apple**.
2. Make sure the app is enabled as the **Primary App ID**.


![Apple-Login-7](/assets/apple-login-7.ef2f05b7e0edd7f0a48d9bbcbc9142b1b7f003a15e01370b6ecc1ada2327f900.01141472.png)

1. (Optional) To group this App ID with other App IDs, click **Edit** next to **Sign In with Apple** and select the relevant App IDs.
2. Click **Continue** ➜ **Register**. Your new App ID will appear in the list.


![Apple-Login-8](/assets/apple-login-8.2961da45c2b557faed01dc0e0467b7713f8629b85f594fe2b708a65c9e1da0ad.01141472.png)

### Step 2: Register your service ID

1. In the **Home Page**, go to **Identifiers** and select **Service IDs** at the top right.
2. Click the blue plus button to add a new Service ID.


![Apple-Login-9](/assets/apple-login-9.5afd3073de3d10c3783ee14def6029401d8b5312c3eeb2cb7cf3cbc56bccedec.01141472.png)

1. Set **Service ID** as the Identifier type and click **Continue**.


![Apple-Login-10](/assets/apple-login-10.da50aa2ada777fe9fd3009444afd82719f6a8ee6f97cced0db8a967195ee9ce6.01141472.png)

1. Add a **Description** and **Identifier** (this will serve as your Client ID in Frontegg). Save the Identifier.


![Apple-Login-11](/assets/apple-login-11.22f1b479e5fa6a6f39587691c2edec7cf76706067f436a2ea6da15c580f5b791.01141472.png)

1. Click **Continue** ➜ **Register**.


![Apple-Login-12](/assets/apple-login-12.5434905113916f019ae64fdd8bc5294e395ed249eb2baf83167c9d9e539b93d6.01141472.png)

1. Back in **Certificates, Identifiers & Profiles**, click on the new row that has just been created and select **Sign In with Apple** ➜ **Configure**.


![Apple-Login-13](/assets/apple-login-13.0dd60f4baa070bc7cf5b4dbfab804cbdc492edd387d51ec3b5659b9250ddb0ec.01141472.png)

![Apple-Login-14](/assets/apple-login-14.67d0b17879405d9fa9a691c1148ad7a2d0cb7167a29a7b1672faf12b4eabae80.01141472.png)

1. In the **Web Authentication Configuration** dialog, complete the following:
  - Set **Primary App ID** to the App ID created earlier.
  - Under **Domains and Subdomains**, enter `{YOUR_DOMAIN_IN_FRONTEGG}`.
  - Under **Return URLs**, enter `https://${YOUR_DOMAIN_IN_FRONTEGG}/identity/resources/auth/v2/user/sso/apple/postlogin`.


![Apple-Login-15](/assets/apple-login-15.c7bf410a1a62817b8ad6206945c22e2dc8ac7bb32474d342ef5d1e0cfb42b90d.01141472.png)

1. Click **Next** ➜ **Done** ➜ **Continue** ➜ **Save**.


![Apple-Login-16](/assets/apple-login-16.9582309b329c524f6fdd5769ab3927026fb22115295146f60890f4dfe40b361d.01141472.png)

Save your **Service ID** for later use.

### Step 3: Register a private key

1. In the **Home Page**, under **Certificates, Identifiers & Profiles**, select **Keys**.
2. Click the blue plus button to add a new Key.


![Apple-Login-17](/assets/apple-login-17.f8e5ec44ab3b9fceae5912efa33728b3ed7f90b560262c583d7e8c7bc9c51792.01141472.png)

1. Provide a **Key Name** and select **Sign In with Apple** ➜ **Configure**.
2. Select your App ID as the **Primary App ID** ➜ **Save**. You can only create two keys per App ID.


![Apple-Login-18](/assets/apple-login-18.dee50543f9e341f52b345bcea22b6beeb4c1e5128824afe4930532edad1a67f9.01141472.png)

![Apple-Login-19](/assets/apple-login-19.3cd30600c25773b65f623bf2dd5eba14ed0cda1aae68ef498197eec7f7bcbd43.01141472.png)

1. Click **Continue** ➜ **Register**. Your Private Key will be provided for download. **This key is only available once, so save it securely.**


![Apple-Login-20](/assets/apple-login-20.51c1126e70c69f535e8c1cf7bf153a20746fe1e8b9a9dbca696fb6ac22393a98.01141472.png)

1. Write down the **Key ID** provided, as well as the **Service ID** created on STEP 2.


![Apple-Login-21](/assets/apple-login-21.536e422a11c28ff0cd73c8960c69de591d3a8d889b8cfb5ebd0ef44b64f5cf2f.01141472.png)

### Step 4: Retrieve your team ID

1. On the **Home Page**, go to **Membership**.
2. Note your **Team ID** along with the **Service ID** and **Key ID** created earlier.


### Step 5: Configure Apple in Frontegg

1. In the **Frontegg portal**, go to Configurations ➜ Authentication → Social logins.
2. Click the Apple **Manage** button, then select **Custom** and enter the following:
  - **Client ID**: The Service ID from Step 2.
  - **Private Key**: The private key contents from Step 3.
  - **Key ID**: The Key ID from Step 3.
  - **Team ID**: The Team ID from Step 4.
  - **Redirect URL**: Set to the URL where you want users redirected after login.


![Apple-Login-22](/assets/apple-login-22.40b6771c30b5620c84dc127b4a9527f31b2a3120070ff563e0f230c12899ac5d.01141472.png)

Save your changes.

### Step 6: Test Apple login integration

1. In your application, attempt a login or signup with Apple to ensure successful integration.


br
Configuring Apple Login Permissions
By default, only invited users can log in with Apple. To allow new users to sign up via Apple, enable **Allow Signup** in the Login Box builder's left panel.

br
## Customizing authentication scopes for Apple

Scopes specify what information your application can access. By default, Frontegg fetches the user profile and email. You can add custom scopes in [ENVIRONMENT] → Authentication → Social Login → Custom → Scopes. For more information, refer to Apple’s [supported scopes](https://developer.apple.com/documentation/sign_in_with_apple/sign_in_with_apple_js/incorporating_sign_in_with_apple_into_other_platforms).