Hi, I am trying to implement Apple Sign In, after SDK response I have

identityToken

and

authorizationCode

. Which fields do I need to fill when make request to SuperTokens? Currenly, I have following error:

the client for whom this key is for is different than the one provided

.

hey @lavrd you need to call the signinup API with the auth code

yea, but then i have following error (i can send logs as a file if you want)

whats the value of redirectURI? IS is pointing to your backend API?

i tried with real url and it is not working so basically we are trying to do it for mobile app, i see in docs that from iOS we don't need to provide correct url?

so the body you are passing is correct, but the clientId being passed is wrong. You need pass the right clientId from the ios app.

am i right that access_token is identityToken from Apple and id_token it is authorizationCode from Apple?

no

if i ignore access_token field i have in response:

{
  "message": "Please provide the access_token inside the authCodeResponse request param"
}

set it to an empty string

thanks a lot! we will try and will answer you

that, i don't recall at the moment. Perhaps @nkshah2 can help here

App id for ios apps

okay, thanks

If you have a web app as well you’ll need a service I’d for web (you’ll still need the app id for ios)

thanks! and as i understand app bundle id it is client id which we need to use in mobile app and set it in backend while configuring supertokens?

When you create an app I’d in the apple portal and associate it with your app it will set the bundle id as the app id and then you use that with the SuperTokens config

https://supertokens.com/docs/thirdparty/custom-ui/thirdparty-login i don't see any links here, can you send me, please?

Hi! Thanks for the help, we managed all, we had some problems with Expo for RN. I have some more questions, maybe you have time to answer: 1. Why request with authorization code requires identity token in Apple flow? 2. Unfortunately Google flow is not working for me with authorization flow With SuperTokens:

curl --location 'backend_with_supertokens>' \
--header 'rid: thirdparty' \
--header 'Content-Type: application/json' \
--data '{
    "redirectURI": "<redirect_url>",
    "thirdPartyId": "google",
    "code": "<code>",
    "clientId": "<client_id>"
}'

Provider API returned response with status `401 Unauthorized` and body `{
  "error": {
    "code": 401,
    "message": "Request is missing required authentication credential. Expected OAuth 2 access token, login cookie or other valid authentication credential. See https://developers.google.com/identity/sign-in/web/devconsole-project.",
    "status": "UNAUTHENTICATED"
  }
}
`

When I try to exchange authorization code to access token manually by cURL, it works, example:

curl \
--request POST \
--data "code=<code>&client_id=<client_id>&client_secret=<client_secret>&redirect_uri=http://localhost:3000/callback&grant_type=authorization_code" \
https://accounts.google.com/o/oauth2/token

Thanks!

Hey. @nkshah2 can help here

Hi @lavrd You can refer to this example https://github.com/supertokens/supertokens-react-native/blob/master/examples/with-thirdpartyemailpassword/google.js

Hi It looks like you sent flow 2, when user gets access token from google, I mean flow 1a, when user gets just one time authorization code which we need to exchange to access code

that's for web apps, and not for mobile apps (i think)

Yep for mobile you follow the id token + access token flow (The native libraries can be configured to use the code flow but at the time the react native versions didnt have the option, you could refer to their docs to see if they have support for that now)

Thanks for patient, we already managed flow for mobile devices, and now I am asking for flow with authorization code. I can create different thread if it will be better for you.

ah right. So that's applicable for web apps. You should use our frontend SDK for it. It takes care of calling the signinup API + verifying state etc