apple_request_auth
This endpoint gets you link for user to request an authorization to the Sign in with Apple server. This endpoint request authorization for your app to receive the user’s information with Sign in with Apple. After signing in the user, Apple API will send the user back with the POST data to Redirect URI. You will have to receive that POST data, especially the code variable that you can use to get access_token using apple_connect endpoint.
When the Sign in with Apple UI appears in the opened browser tab, the user can sign in and accept any terms and conditions for your app. After Apple processes the authorization request, the handling of the response, for the form_post value in this case, an HTTP POST request containing the results of the authorization is sent to the redirectURI. The HTTP body contains the result parameters.
Screenshot of Postman API call example:
User Plus Apple Connect Settings
You will need to provide Redirect URI, Client ID, Team ID, Key ID and Private Key in the specified options in the plugin settings panel. A client secret will be generated based in these information and used to Apple REST API calls.
You can check the screenshot of Apple Connect Panel options of the User Plus plugin:
Redirect URI
The destination URI provided in the authorization request when authorizing a user with your app, Plugin requires it to be: https://www.domain.com/?action=apple_connect and must include action=apple_connect parameter. The URI must use the HTTPS protocol, include a domain name, and can’t contain an IP address or localhost. Authorization code requests require Redirect URI.
Client ID
The identifier (App ID or Services ID) for your app. The identifier must not include your Team ID, to help prevent the possibility of exposing sensitive data to the end user. The value is case-sensitive. >> https://developer.apple.com/account/resources/identifiers/list/serviceId . Find something like com.domain.appName
Team ID
The 10-character Team ID associated with your developer account. >> . Find something like “CVGAJH3GSW” on https://developer.apple.com/account/#/membership/
Key ID
A 10-character key identifier generated for the Account and Organizational Data Sharing private key associated with your developer account. >> https://developer.apple.com/account/resources/authkeys/list
Private Key
Contents of AuthKey_TEAM_ID.p8. p8 file contains the PRIVATE KEY that is used to SIGN the JWT content for APNS messages. The file itself is a pure text file, the KEY inside is formatted in PEM format. The part between the —–BEGIN PRIVATE KEY—– and —–END PRIVATE KEY
Client Secret Creation
If checked, client secret will be created automatically. You can also provide manually by leaving it unchecked.
Client Secret is a secret JSON Web Token, generated by the developer, that uses the Sign in with Apple private key associated with your developer account. Authorization code and refresh token validation requests require this parameter. To create this token, see Creating a client secret.
User Import Options for the WordPress website
User will be created in WordPress automatically on Apple Connect and following selected or default user role will be assigned. You can select the user role and option to notify the user for his account creation in the WordPress website.
These settings work for both REST API endpoints and Web frontend Login buttons to sign in Apple user.
These options also include Apple Sign in Button & Shortcodes to display in pages, posts and widgets and to add and display Apple Sign in Button on WordPress login screen.
Resource URL
https://www.domain.com/api/userplus/apple_request_auth/
Method
Required Parameters
- key – get API key from Settings > User Plus
Optional Parameters
redirect_uri: https://www.domain.com/?action=app_receive
You will ned to receive POST information on this url yourself to further process the user data, name, email and especially code for apple_connect endpoint call.
Endpoint Returns
auth_url
Sample Request URL
https://www.domain.com/api/userplus/apple_request_auth/
Sample Response
{
"status": "ok",
"auth_url": "https://appleid.apple.com/auth/authorize?response_type=code%20id_token&response_mode=form_post&client_id=com.domain.authExample&redirect_uri=https://www.domain.com/?action=apple_connect&state=4ef6f2c6fd&scope=name%20email"
}