Apple

Configuring Apple as a Social Provider

In this section, we will show you how to provide an option to login with Apple login, on your cidaas Login page.

Configure your login page with social providers


When you configure apple as a social provider in cidaas, you will get a new option called Login with Apple in login page of your cidaas application and Signup with Apple in the registration page of your cidaas application.

Overall process would be

  • On Apple Developer console : Sign in to Apple Developer account
  • On Apple Developer console : Create an App ID
  • On Apple Developer console : Create a Services ID
  • On Apple Developer console : Create a Private Key for Client Authentication
  • On Apple Developer console : Generate client secret
  • On cidaas admin portal : Add Apple app id and client secret in cidaas application
  • On cidaas admin portal : Select appropriate applications for which you want to enable Apple as a social provider

We'll guide you through the process — it's pretty easy.

Sign in to Apple Developer Account

If you are in this section, we assume you already have an active apple developer account, if not create a new account, before proceeding.

1. Login to your Apple developer account.

Create an App ID

In this section, you'll find steps to register a new identifier in the Apple developer portal to create app id and how to enable "sign in with apple" option for the app id.

1. Click on Certificates, Identifiers and Profiles option.

2. From the sidebar, choose Identifiers then click on Add button, as shown below.

3. Choose App IDs and click on Continue.

4. In the next screen, enter a description and Bundle ID for the App ID.

Then you need to scroll down through the list of capabilities and check the box next to Sign In with Apple.

Then click on Continue.

5. Review your app id setup and then click on Register button.

Note : Make note of the team id which you will require to generating the client secret.


Create a Services ID

In this section, you'll find steps to create service id and how to enable "sign in with apple" option for the service id and how to define the domain in which your app is running on and the redirect URLs used during the login flow.

1. From the sidebar, choose Identifiers then click on Add button, as shown below.

2. Choose Services IDs and click on Continue.

3. In the next screen, enter a description and Identifier for the Service ID.

Make sure to check the Sign In with Apple checkbox. Click on the Configure button next to Sign In with Apple.

Note : If Sign In with Apple checkbox is not shown, then save your service and reopen your service setting in edit mode.


4. In the Web Authentication Configuration screen that appears, choose your App id in the Primary App ID dropdown. And also enter the domain name of your app and enter the redirect URL for your app as well. Click on Next.

5. Review your service id details and then click on Save.

Note : Make note of this service id, which will be used as a client id for cidaas configuration.


Create a Private Key

In this section, you'll find steps to create private key by configuring your recently created app id.

1. From the sidebar, choose Keys then click on Add button, as shown below.

2. Give suitable name for your key and check the Sign In with Apple checkbox. Then click on the Configure button.

3. Select your primary App ID you created earlier and click on Save.

4. In the next step, review your key details and click on Register button.

5. Make note of the Key ID which is required to generate client secret. Click on Download button to download your private key.

Note : Apple will generate a new private key for you and let you download it only once. Make sure you save this file, because you won’t be able to get it back again later! The file you download will end in .p8


Generate client secret

Now you need to generate client secret from the private key obtained.

1. To generate client secret, use the following node js script

const fs = require("fs");
const jwt = require("jsonwebtoken");

const privateKey = fs.readFileSync("AuthKey_2AKZJ3L7T5.p8").toString(); //your downloaded private key path

const jwtToken = jwt.sign({}, privateKey, {
    algorithm: "ES256",
    expiresIn: "150d",
    audience: "https://appleid.apple.com",
    subject: "de.cidaas.testservice", //your service id
    issuer: "**********", //your 10-character Team ID which you obtained during app id creation
    header: {
        alg: "ES256",
        kid: "2AKZJ3L7T5" //your Key ID which you obtained during private key creation 
    }
});
console.log("secret:", jwtToken, "\n");

If you run this script, you will get your client secret, as shown below. Make note of this client secret.

secret: eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6IjlWUlVCQTRaNDgifQ.eyJpYXQiOjE1ODg2NzY1NjIsImV4cCI6MTYwMTYzNjU2MiwiYXVkIjoiaHR0cHM6Ly9hcHBsZWlkLmFwcGxlLmNvbSIsImlzcyI6IkJXTU03MlE1TTYiLCJzdWIiOiJkZS5jaWRhYXMudGVzdC1jZGMtcHJvZC1zZXJ2aWNlIn0.XPtxASA__aRBvz1rUfokMVbyZi_OVYQKQy9zyFrtmtNLzkzzvFmJbdQ09x5B4l9K9TOYP8HSWVBuQRNtn5Xc0Q

Configure social provider setup in cidaas

In this section, you'll find steps on how to add apple client id and apple client secret in your cidaas application and how to choose client applications for which you want to enable Apple as a social provider.

1. Now, navigate to cidaas Admin dashboard -> Settings -> Login Providers -> Social Providers

2. Click on edit icon corresponding to the Apple app from the list.

3. Enter the Service ID which you obtained from Apple as Client ID and enter the Client Secret which you obtained by extracting your apple private key. You can also enable/disable Apple option in cidaas admin portal as well as user portal as per your requirement. Click on Save button.

4. Under Configure Clients for Apple section, you find a list of various applications created in your cidaas account. Select appropriate applications for which you want to enable Apple as a social provider.

Note: Administrator can configure single social provider to many clients.

5. After mapping all the required clients, click on Save button.


Reference Link how to configure Custom provider? cidaas allows administrator to configure additional identity providers than what is offered by it, by default. This identity provider can be your favorite/business email ID provider or your own company LDAP/identity server.



results matching ""

    No results matching ""