12

When user do first time login with 'Sign in with Apple', ASAuthorizationAppleIDCredential returns correct email address in 'email' field. But after signing out and doing login again with the same Apple ID, ASAuthorizationAppleIDCredential gives nil in `email' field.

What if first time 'Sign in with Apple' was successfull but due to some reason sign up with our own server gets failed? Second time we'll not be able to get the user email.

rmaddy
  • 314,917
  • 42
  • 532
  • 579
Mr.Javed Multani
  • 12,549
  • 4
  • 53
  • 52
  • 1
    You can store value in `UserDefault` or in `Keychain` from `didCompleteWithAuthorization` while you login first time. You can read briefly about it here:https://www.raywenderlich.com/4875322-sign-in-with-apple-using-swiftui – Bhavin Ramani Sep 25 '19 at 03:34
  • But what if user fails to get response after sucess mean loosing of internet or anything else.... – Mr.Javed Multani Sep 25 '19 at 09:32
  • As you said, I stored the values in `UserDefaults` and it is working fine. But I found a new problem i.e., getting same `nil` values after changing the Apple ID in the settings also. Now, the stored values in the `UserDefaults` are related to previous Apple ID, but we need latest Apple ID values. – Harsha Nov 25 '19 at 09:15
  • 1
    Yes exactly @Harsha, I asked question. here we are facing issue for email field but no any solution till now we found. – Mr.Javed Multani Nov 25 '19 at 09:22
  • @Harsha you can check the Apple ID still valid or not by using `getCredentialState `, it will help you know when will you need to show the login again. – Quang Dam Apr 18 '20 at 03:22
  • Hi guys, our team find some solution. Every time we get `appleIDCredential.user` from apple account, if `appleIDCredential.user` already exists (in our database) means that user already have an account with us, so we will login directly without checking `name` and `email` from apple, otherwise we will ask for those details in an `UIAlertController`. Hope, this will resolve one scenario. – Harsha Apr 25 '20 at 07:35
  • Hi Guys, If delete app from device then again use 'Sign in with Apple' with 'Hide My Email' then i am get blank email. So how can i get that random email? – Ankur Sep 14 '20 at 12:17
  • @Ankur Apparently if you sign in using password/passcode, you don't get private relay random email (even on first time), you do if using touch/face id in my experience – vu le Feb 18 '21 at 08:36

1 Answers1

0

When using Apple SignIn via web (https://appleid.apple.com/auth/authorize + https://appleid.apple.com/auth/token) in id_token you will always have email available and user name is available only first time user signs in but not in id_token but in $_REQUEST["user"] when redirected to your redirect_uri..

On the other side when using Apple SignIn via swift you will have only first time available both user name and email. So if you would like to avoid solution mentioned in ask comment of @Harsha (creating internal table with pairs of user identificator and email) you can rather get autorizationCode in swift, transfer it to your backend/server and continue as in case of web SignIn - make request to https://appleid.apple.com/auth/token and you will have id_token with email field available for every sign-in not just first time sign-in. This is way how we solve it. In our case we however implemented also web login for website version of native app so it is no problem.

Just be careful.... in case web login client_id is your service identifier from https://developer.apple.com/account/resources/identifiers/list/serviceId + its client_secret created for example by lib https://github.com/gradus0/appleAuth . But in case native app client_id is app budle identifier which must be registered here https://developer.apple.com/account/resources/identifiers/list/bundleId + its client_secret generated with e.g. the same lib mentioned earlier.

let appleIDCredential = authorization.credential as? ASAuthorizationAppleIDCredential,
let authCodeData = appleIDCredential.authorizationCode,
let authCodeString = String(data: authCodeData, encoding: .utf8) {
    // send authCodeString to your backend/server and continue as for web sign-in
    // so you must make request to https://appleid.apple.com/auth/token to get id_token
    // with user email
}
mikep
  • 5,880
  • 2
  • 30
  • 37