Forem allows you to authenticate using Sign in with Apple. In order to use this authentication method you'll need to be enrolled to the Apple Developer Program in order to retrieve the necessary credentials and an HTTPS supported URL for the callback configuration (HTTP won't work). Then you'll need to provide the keys to the Rails application.
Register/Sign in to your Apple Developer Account.
- Name the Service and finalize the registration
- Configure Domains and Subdomains & the callback URL. This example uses ngrok for HTTPS support.
- Register a new Key. Enable the "Sign in with Apple" option and configure it so it's associated with the corresponding App ID
- Download the Key
Now with both the Service ID and Key you'll need to enable Apple Authentication
and pass in the credentials in the admin dashboard
Fill in each of the configuration fields.
Make sure the PEM key is copied exactly the way it appears in the file you downloaded from the Apple Developer portal, including newlines. If this isn't done correctly users will encounter an
Invalid curve name error. Make sure a newline is added at the very end of the Apple PEM field.
Save the changes and you're ready.
Apple uses what they call Private Email Relay Service to hide user's emails. For this to work first create a new email source.
Emails sent need to be authenticated and the configuration depends on the different providers available: