Skip to main content

Sign in with Apple Authentication

Forem allows you to authenticate using Sign in with Apple. In order to use this authentication method you'll need to be enrolled to the Apple Developer Program in order to retrieve the necessary credentials and an HTTPS supported URL for the callback configuration (HTTP won't work). Then you'll need to provide the keys to the Rails application.

Apple Developer Portal Configuration

Register/Sign in to your Apple Developer Account.

Service ID Configuration#

  1. Create a Service ID

Create Service ID

  1. Name the Service and finalize the registration

Naming Service ID

  1. Configure Domains and Subdomains & the callback URL. This example uses ngrok for HTTPS support.

Callback URLS

Key Configuration#

  1. Register a new Key. Enable the "Sign in with Apple" option and configure it so it's associated with the corresponding App ID

Register a new Key

  1. Download the Key

Download the Key

Configuring the Rails Application

Now with both the Service ID and Key you'll need to enable Apple Authentication and pass in the credentials in the admin dashboard /admin/customization/config.

Admin Authentication Configuration Dashboard

Fill in each of the configuration fields.

Make sure the PEM key is copied exactly the way it appears in the file you downloaded from the Apple Developer portal, including newlines. If this isn't done correctly users will encounter an Invalid curve name error. Make sure a newline is added at the very end of the Apple PEM field.

Apple config

Save the changes and you're ready.

Email configuration#

Apple uses what they call Private Email Relay Service to hide user's emails. For this to work first create a new email source.

Email configuration

Emails sent need to be authenticated and the configuration depends on the different providers available: