Has anyone tried integrating?
Would love to know if this is even a capability within the Bubble framework!
Although I don’t have the definitive answer, I think it is. Here’s the REST documentation: https://developer.apple.com/documentation/signinwithapplerestapi
(I share because it took me a while to find it. Maybe I can save someone a few minutes.)
1 Like
So to piggy back off @rico.trevisan - I believe this is right for a couple reasons. I also am going to be trying this tomorrow or over the weekend so I am not claiming this is definitely working yet. A little deeper dive into Apple’s “Sign In With Apple” docs it details the steps taken to authenticate a user with their Apple ID. 
This isn’t any different than authentication with almost any of the other Auth providers. The docs walk through how the JWT(JSON Web Tokens) is used as well a how to request information needed from Apple’s servers. Granted I haven’t attempted this yet and am sure to have countless issues, I included some other pertinent information in case anybody gets around to building this plugin or would like to try at least.
The following is pasted from:
Authenticate users with Apple ID
The identity token is a JSON Web Token (JWT) and contains the following claims:
iss
The issuer-registered claim key, which has the value https://appleid.apple.com .
sub
The unique identifier for the user.
aud
Your client_id in your Apple Developer account.
exp
The expiry time for the token. This value is typically set to 5 minutes.
iat
The time the token was issued.
nonce
A String value used to associate a client session and an ID token. This value is used to mitigate replay attacks and is present only if passed during the authorization request.
email
The user’s email address.
email_verified
A Boolean value that indicates whether the service has verified the email. The value of this claim is always true because the servers only return verified email addresses.
Use the authorization code to verify the token claims with Apple servers, and exchange them for refresh tokens.
I would say it’s more than likely possible to build this process by creating a plugin but the safest bet would be to see if Bubble has any information on this in the Plugins forum section/ developer docs. I will also reach out to Bubble’s support team to try to get an answer on this. Please share if anybody has either attempted this or knows the status of implementing it with Bubble.
Brendan W.
Thats great! Thanks - I was just about to check and see if the providers with existing Bubble plugins have added Apple ID as an option yet but I went off assumption on how to recreate this in a new plugin. see above
Yes, it is fairly standard oauth and OIDC.
But bubble SSO doesn’t work with refresh tokens, so any plugin is likely to be compromised in this regard. Depends on your usecase of course 
Personally I am not spending $99 to find out !
This topic was automatically closed after 70 days. New replies are no longer allowed.