Basic to advance integrate Sign in with Apple in JavaScript
Basic implementation to handle authentication Apple OAuth
Posted by Erwindo SianiparOct 10, 2023 (a year ago) · 3 min read
Photo by Charlesdeluvio on Unsplash
Registering App Identifier and App Secret
Recommend to use reversed domain style like
com.domain.subdomain
Register a services to use Sign in with Apple and complete the configuration like whitelisting the domain and the redirect URI.
JSON Web Token validation
After getting the authorization token from providers like Apple or Google, we must need to verify that the JWT token is really signed from the providers and valid.
⚠️The step bellow is very important steps to ensure that the request that coming into the server is legit for authentication
Apple public keys
When it comes to Apple's public keys for JWKs, they are primarily used for authentication and authorization in Apple's identity and access management systems, such as Apple's Sign in with Apple service. These public keys are made available by Apple to verify the authenticity of JWTs generated during the authentication process.
Google public keys
Google's public keys for JSON Web Keys are used for various authentication and security purposes, particularly in the context of OAuth 2.0. Google provides these public keys to allow third-party applications and services to verify and authenticate tokens issued by Google.
ℹ️The blog is continuing written and research to completely this article, feel free to give me a feedback for this things, I will be very appreciate.
More from Erwindo SianiparSee all