Apple login

Enabling Apple login allows users to sign in using their Apple accounts, simplifying the login process. To enable Apple login, first activate Apple in the builder, then create the required credentials through Apple’s developer portal.

Follow the steps below for a seamless integration.

Enabling Apple login in builder

1. Navigate to Home and open the Login Box builder.
2. In the left panel, toggle Apple to on.

Creating Apple credentials

Log in to your Apple Developer Account. This will be referred to as the Home Page throughout the setup.

Follow the steps below to set up Apple Login.

Step 1: Create an application

1. In the Home Page, under Certificates, Identifiers & Profiles, click on Identifiers.
2. Ensure App IDs is selected at the top right, then click the blue plus button to add a new App ID.

3. Select App IDs on the new screen and click Continue.

4. Set App as the Identifier type and click Continue.

5. Provide a Description and a Bundle ID (use a reverse-domain format, e.g., com.example.myapp). Ensure the Explicit option is selected for the Bundle ID.

6. Scroll down to Capabilities and select Sign In with Apple.
7. Make sure the app is enabled as the Primary App ID.

8. (Optional) To group this App ID with other App IDs, click Edit next to Sign In with Apple and select the relevant App IDs.
9. Click Continue ➜ Register. Your new App ID will appear in the list.

Step 2: Register your service ID

1. In the Home Page, go to Identifiers and select Service IDs at the top right.
2. Click the blue plus button to add a new Service ID.

3. Set Services ID as the Identifier type and click Continue.

4. Add a Description and Identifier (this will serve as your Client ID in Frontegg). Save the Identifier.

5. Click Continue ➜ Register.

6. Back in Certificates, Identifiers & Profiles, click on the new row that has just been created and select Sign In with Apple ➜ Configure.

7. In the Web Authentication Configuration dialog, complete the following:
   • Set Primary App ID to the App ID created earlier.
   • Under Domains and Subdomains, enter {YOUR_DOMAIN_IN_FRONTEGG}.
   • Under Return URLs, enter https://${YOUR_DOMAIN_IN_FRONTEGG}/identity/resources/auth/v2/user/sso/apple/postlogin.

8. Click Next ➜ Done ➜ Continue ➜ Save.

Save your Service ID for later use.

Step 3: Register a private key

1. In the Home Page, under Certificates, Identifiers & Profiles, select Keys.

2. Click the blue plus button to add a new Key.

3. Provide a Key Name and select Sign In with Apple ➜ Configure.

4. Select your App ID as the Primary App ID ➜ Save. You can only create two keys per App ID.

5. Click Continue ➜ Register. Your Private Key will be provided for download. This key is only available once, so save it securely.

6. Write down the Key ID provided, as well as the Service ID created on STEP 2.

Step 4: Retrieve your team ID

1. On the Home Page, go to Membership.
2. Note your Team ID along with the Service ID and Key ID created earlier.

Step 5: Configure Apple in Frontegg

1. In the Frontegg portal, go to Configurations ➜ Authentication → Social logins.
2. Click the Apple Manage button, then select Custom and enter the following:
   • Client ID: The Service ID from Step 2.
   • Private Key: The private key contents from Step 3.
   • Key ID: The Key ID from Step 3.
   • Team ID: The Team ID from Step 4.
   • Redirect URL: Set to the URL where you want users redirected after login.

Save your changes.

Step 6: Test Apple login integration

1. In your application, attempt a login or signup with Apple to ensure successful integration.

Customizing authentication scopes for Apple

Scopes specify what information your application can access. By default, Frontegg fetches the user profile and email. You can add custom scopes in [ENVIRONMENT] → Authentication → Social Login → Custom → Scopes. For more information, refer to Apple’s supported scopes.