https://supertokens.com/ logo
Title
d

Diesel

11/08/2022, 7:58 AM
Hey, we implemented supertokens with apple sign in via the web and it works like a charm. Now the IOS developer wanted to do like a native login inside the Application and get a code from apple using the software authentication instead of calling the apple sign in web. The problem is that the code we are getting needs to be exchanged without a redirect uri and the client id is different than the one we use for the web login for some weird reason. Do you have any insight on this? like what are we missing? we know you are working on ios sdk.
n

nkshah2

11/08/2022, 8:00 AM
Hi @Diesel
So you will need a different client for iOS (Seems like the iOS dev already has this set up)
Then in your backend you initialise Apple twice, once with the web credentials and one with the iOS ones
Then from iOS when you call the
/signinup
route you can send the iOS client id as part of the request and SuperTokens will use that one. You also need to pass the code from apple for this
Docs for this are a work in progress at the moment, so in the meantime if you need help feel free to ask here
d

Diesel

11/08/2022, 8:13 AM
i see ok that makes sense with the client id what about the redirect uri? it will still be sent in the exchange request no? or it doesnt matter if it is included?
n

nkshah2

11/08/2022, 8:15 AM
For iOS the redirect uri in the signinup API can be an empty string
d

Diesel

11/08/2022, 8:19 AM
ok i can try this but i looked up in the code about this part in signinup for apple and it seems like you dont care about the redirect uri that is sent in the request and it is override by a redirect uri you have configured. im using the golang sdk by the way version 0.9.7
specifically the redirect uri seems to be override only for apple because that is the only provider that has redirect uri configured for it
n

nkshah2

11/08/2022, 8:23 AM
Im not sure what the question is, for the web client if you set the redirect uri for Apple then yes that will be used regardless of what value is sent in the reuqest
d

Diesel

11/08/2022, 8:45 AM
never mind i will give it a shot thanks
n

nkshah2

11/08/2022, 8:47 AM
Let us know if you run into any issues
d

Diesel

11/08/2022, 9:21 AM
the redirect uri is mandatory in the singinup request - it cant be empty and it must be in the request
n

nkshah2

11/08/2022, 9:22 AM
The property itself is required, the value can be passed as an empty string
Can you post the error you receive from SuperTokens when you try it?
Along with the request body
Also just to clarify, if you are sending the access token to the signinup request then the redirect uri cannot be empty. It can be empty if you sending just the
code
d

Diesel

11/08/2022, 9:28 AM
sorry miss communication with the ios developer looks like it works
n

nkshah2

11/08/2022, 9:29 AM
Ah awesome
d

Diesel

11/08/2022, 9:29 AM
weird that he used the old redirect uri and it worked (but the redirect uri still cant be empty at least not in my sdk)
n

nkshah2

11/08/2022, 9:30 AM
Well with the code flow the redirect uri's value should not matter. Also do you mean that the golang SDK throws an error if the redirect uri is empty?
d

Diesel

11/08/2022, 9:30 AM
yes
this is in the code
if bodyParams.RedirectURI == "" {
        return supertokens.BadInputError{Msg: "Please provide the redirectURI in request body"}
    }
n

nkshah2

11/08/2022, 9:30 AM
Hmm that shouldnt be the case, mind opening an issue about it in supertokens-golang? We can take a look later
In the meantime since the value doesnt really matter for your iOS flow you can simply use the web redirect uri for now
d

Diesel

11/08/2022, 9:35 AM
sure thanks. i have another question about the apple flow but its not relevant to ios login. should i open another question or can i ask you about it here?
n

nkshah2

11/08/2022, 9:36 AM
You can ask here and I can tag someone if I cant answer it
d

Diesel

11/08/2022, 9:46 AM
Is there a way for us to specify a different redirect path to the web in the apple callback backend if the flow didnt start from the web? for example, the mobile app is opening a browser to sign in to apple and send their own state to apple (instead of opening the supertokens login web) then apple will call the backend callback that will redirect to the web apple callback and it fails because it doesnt know the state. so we did a new path in the web for apple callback and in the backend i override the apple callback and check if the state came from mobile or not. if it did then i redirect to the new web apple callback path and if it didnt came from mobile then it redirects it to the original web apple callback. was wondering if this is a good practice or we have something in the sdk we can use? (hope i was understandable i know its a weird case like an hybrid native approach we are trying to do until your ios sdk is fully useable)
n

nkshah2

11/08/2022, 10:52 AM
No that should be fine to do
The ability to override APIs such as the apple callback API exists for custom use cases like this