question

A Faulkner avatar image
A Faulkner asked

Sign In with Apple cross-platform

Hi,

We are developing an app that can be used across several devices. As Sign in with Apple is now required for all iOS apps that propose 3rd party authentication we have included it in the iOS version. However we now must allow users to authenticate using Apple on Android and via the web.

In order to do this you must register a "service" with Apple with an ID different to the iOS application, as such the JWT returned from the authentication process has the new service as the audience and not the app and so the PlayFab authentication fails (via /Client/LoginWithApple).

Is there any way around this? We had though of making the client attach an email and password after authenticating but this goes against the guidelines of Apple and removes the advantages of the Apple authentication flow.

This issue was brought up by the last commenter on the thread here: https://community.playfab.com/idea/30528/sign-in-with-apple.html

As this is now obligatory for iOS apps I'm surprised to find no one else encountering this.

Thanks for any thoughts on this problem.

Authenticationandroid
10 |1200
Toggle Comment visibility. Current Visibility: Viewable by all users

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

1 Answer

·
Seth Du avatar image
Seth Du answered

It is not supported. If the current PlayFab Add-on doesn’t fit your requirement, you may consider use the previous solution, which is OpenID connection.

Please also feel free to send a thread on Feature Request forum if there isn't an exisiting one. The previous Feature Request thread is not aimed at this requirement. A dedicated thread may help us track of the feedback from the community.

5 comments
10 |1200
Toggle Comment visibility. Current Visibility: Viewable by all users

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

A Faulkner avatar image A Faulkner commented ·

Thanks for the reply, any chance you'd be able to point me in the direction of any documentation on how to get OpenID Connect working with Apple and PlayFab? I haven't really managed to find anything.

0 Likes 0 ·
Seth Du avatar image Seth Du ♦ A Faulkner commented ·

Please check the following tutorials and even though they are not official documentation, we have referred and manage to get it work:

  • https://developer.okta.com/blog/2019/06/04/what-the-heck-is-sign-in-with-apple
  • After you have generated client secret, you may configure the openID connection on PlayFab Game Manager
    • In Title Settings > Open ID Connect > New Connection

      Connection ID: `client_id` from above steps

      Client ID: `client_id` from above steps

      Client Secret: JWT you have generated

      Issuer: MUST BE https://appleid.apple.com

  • After configuration is done, they are 2 ways for login.
    • Using Login with Apple in PlayFab

      Request Secret from Apple

      Using ASAuthorizationControllerDelegate, didCompleteWithAuthorization save identityToken (as utf8 string, not base 64) from the credential that’s in the authorization. This token will be used to set up open id connect with playfab and to login with playfab.

    • Using Client/LoginWithOpenIdConnect API. Specify same ConnectionId as you did when you created the Open Id Connection IdToken is what apple gives you

0 Likes 0 ·
quinn avatar image quinn Seth Du ♦ commented ·

Wondering if anyone's set this up recently? I'm in the exact situation as the OP, need Apple Sign In for Desktop/Web as well as Mobile. I'm using Unity with apple sign in which has been working great, but now needing to add the desktop PC support. Current trouble now is the ConnectionId is set to the Services ID which is different from the bundle ID. So when I sign in with my iPhone it logs in with a different account than when I login from desktop.

I noticed the "sub" in the id_token is actually the same for both device and desktop so I know it's tied to the same person, I just can't get them to connect between iOS and Desktop to the same user in PlayFab backend.

"Using ASAuthorizationControllerDelegate, didCompleteWithAuthorization save identityToken (as utf8 string, not base 64) from the credential that’s in the authorization. This token will be used to set up open id connect with playfab and to login with playfab."

Could use some clarification on this bit? What is the "this token will be used to set up open id connect.." how is it used exactly?

Thanks!

0 Likes 0 ·
Show more comments
Seth Du avatar image Seth Du ♦ A Faulkner commented ·

In addition, you may also refer to https://sarunw.com/posts/sign-in-with-apple-4/#:~:text=First%2C%20you%20need%20to%20have,in%20the%20Apple%20developer%20portal.&text=Define%20the%20name%20of%20the,Sign%20In%20with%20Apple%20checkbox and combine 2 materials.

0 Likes 0 ·

Write an Answer

Hint: Notify or tag a user in this post by typing @username.

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.