Skip to main content

Sign in with Apple Authentication


We’re currently making rapid changes to the product so our docs may be out of date. If you need help, please email

Forem allows you to authenticate using Sign in with Apple. In order to use this authentication method you'll need to be enrolled to the Apple Developer Program in order to retrieve the necessary credentials and an HTTPS supported URL for the callback configuration (HTTP won't work). Then you'll need to provide the keys to the Rails application.

Apple Developer Portal Configuration

Register/Sign in to your Apple Developer Account.

Service ID Configuration

  1. Create a Service ID.

Create Service ID

  1. Name the Service and finalize the registration.

Naming Service ID

  1. Configure Domains and Subdomains & the callback URL. This example uses ngrok for HTTPS support.

Callback URLS

Key Configuration

  1. Register a new Key. Enable the "Sign in with Apple" option and configure it so it's associated with the corresponding App ID.

Register a new Key

  1. Download the Key.

Download the Key

Configuring the Rails Application

Now with both the Service ID and Key you'll need to enable Apple Authentication and pass in the credentials in the admin dashboard /admin/customization/config.

Admin Authentication Configuration Dashboard

Fill in each of the configuration fields.

Make sure the PEM key is copied exactly the way it appears in the file you downloaded from the Apple Developer portal, including newlines. If this isn't done correctly users will encounter an Invalid curve name error. Make sure a newline is added at the very end of the Apple PEM field.

Apple config

Save the changes and you're ready.

Email configuration

Apple uses what they call Private Email Relay Service to hide user's emails. For this to work first create a new email source.

Email configuration

Emails sent need to be authenticated and the configuration depends on the different providers available: