Hey, we implemented supertokens with apple sign in via the web and it works like a charm. Now the IOS developer wanted to do like a native login inside the Application and get a code from apple using the software authentication instead of calling the apple sign in web. The problem is that the code we are getting needs to be exchanged without a redirect uri and the client id is different than the one we use for the web login for some weird reason. Do you have any insight on this? like what are we missing? we know you are working on ios sdk.

Hi @Diesel

i see ok that makes sense with the client id what about the redirect uri? it will still be sent in the exchange request no? or it doesnt matter if it is included?

For iOS the redirect uri in the signinup API can be an empty string

ok i can try this but i looked up in the code about this part in signinup for apple and it seems like you dont care about the redirect uri that is sent in the request and it is override by a redirect uri you have configured. im using the golang sdk by the way version 0.9.7

Im not sure what the question is, for the web client if you set the redirect uri for Apple then yes that will be used regardless of what value is sent in the reuqest

never mind i will give it a shot thanks

Let us know if you run into any issues

the redirect uri is mandatory in the singinup request - it cant be empty and it must be in the request

The property itself is required, the value can be passed as an empty string

sorry miss communication with the ios developer looks like it works

Ah awesome

weird that he used the old redirect uri and it worked (but the redirect uri still cant be empty at least not in my sdk)

Well with the code flow the redirect uri's value should not matter. Also do you mean that the golang SDK throws an error if the redirect uri is empty?

yes

Hmm that shouldnt be the case, mind opening an issue about it in supertokens-golang? We can take a look later

sure thanks. i have another question about the apple flow but its not relevant to ios login. should i open another question or can i ask you about it here?

You can ask here and I can tag someone if I cant answer it

Is there a way for us to specify a different redirect path to the web in the apple callback backend if the flow didnt start from the web? for example, the mobile app is opening a browser to sign in to apple and send their own state to apple (instead of opening the supertokens login web) then apple will call the backend callback that will redirect to the web apple callback and it fails because it doesnt know the state. so we did a new path in the web for apple callback and in the backend i override the apple callback and check if the state came from mobile or not. if it did then i redirect to the new web apple callback path and if it didnt came from mobile then it redirects it to the original web apple callback. was wondering if this is a good practice or we have something in the sdk we can use? (hope i was understandable i know its a weird case like an hybrid native approach we are trying to do until your ios sdk is fully useable)

No that should be fine to do