Post

Replies

Boosts

Views

Activity

Reply to Issue with the Sign in with apple - Revoke Access Token
Finally, we could call revoke token api (appleid.apple.com/auth/revoke) successfully, and the apple id binding information is deleted under Apps Using Apple ID of Settings. The root cause is that the invalid token is used in my case. For details, please refer to this SO. And some details on this About Account deletion when users use the Sign in with Apple - https://developer.apple.com/forums/thread/706792?answerId=717873022#717873022
Topic: Privacy & Security SubTopic: General Tags:
Jun ’22
Reply to About Account deletion when users use the Sign in with Apple
The three required values ​​are required for appleid.apple.com/auth/revoke. client_id: This is the App ID you can find in Apple Developer's Identifiers. Team ID is an excluded identifier, namely the bundle ID. client_secret: A secret JSON Web Token (JWT) that uses the Sign in with Apple private key associated with your developer account. You need to create it using JWT, and download key file from developer.apple.com/account/resources/authkeys/list token: A token that requires revoke. The token is access_token or refresh_token returned from auth/token. As for the auth/token, there are two additional parameters as below code: The authorization code received in an authorization response sent to your app. The code is single-use only and valid for five minutes. Authorization code validation requests require this parameter. It is the same to the authorizationCode key of the response of apple signing, and its type is base64. It should be decoded to utf-8 before assigning to auth/token API. grant_type: (Required) The grant type determines how the client app interacts with the validation server. Authorization code and refresh token validation requests require this parameter. For authorization code validation, use authorization_code. For refresh token validation requests, use refresh_token. Here is one sample of node.js on SO
Topic: App & System Services SubTopic: General Tags:
Jun ’22
Reply to Clarification requirements to revoke tokens through apple rest api
Maybe you could find some suggestions from this Handling account deletions and revoking tokens for Sign in with Apple - https://developer.apple.com/forums/thread/708415 As for revoke token here is one link https://stackoverflow.com/a/72656672/3011380 you could refer to.
Topic: App & System Services SubTopic: General Tags:
Replies
Boosts
Views
Activity
Jun ’22
Reply to Apple Sign In Revoke Token
Hi Ziddi Khattak, the correct token to revoke is access token or refresh token, rather than identity token. For details, please refer to this SO
Topic: Code Signing SubTopic: General Tags:
Replies
Boosts
Views
Activity
Jun ’22
Reply to Disconnect From Sign In With Apple
Maybe you could refer to About Account deletion when users use the Sign in with Apple - https://developer.apple.com/forums/thread/706792?answerId=717873022#717873022
Topic: App & System Services SubTopic: General Tags:
Replies
Boosts
Views
Activity
Jun ’22
Reply to Issue with the Sign in with apple - Revoke Access Token
Finally, we could call revoke token api (appleid.apple.com/auth/revoke) successfully, and the apple id binding information is deleted under Apps Using Apple ID of Settings. The root cause is that the invalid token is used in my case. For details, please refer to this SO. And some details on this About Account deletion when users use the Sign in with Apple - https://developer.apple.com/forums/thread/706792?answerId=717873022#717873022
Topic: Privacy & Security SubTopic: General Tags:
Replies
Boosts
Views
Activity
Jun ’22
Reply to About Account deletion when users use the Sign in with Apple
The three required values ​​are required for appleid.apple.com/auth/revoke. client_id: This is the App ID you can find in Apple Developer's Identifiers. Team ID is an excluded identifier, namely the bundle ID. client_secret: A secret JSON Web Token (JWT) that uses the Sign in with Apple private key associated with your developer account. You need to create it using JWT, and download key file from developer.apple.com/account/resources/authkeys/list token: A token that requires revoke. The token is access_token or refresh_token returned from auth/token. As for the auth/token, there are two additional parameters as below code: The authorization code received in an authorization response sent to your app. The code is single-use only and valid for five minutes. Authorization code validation requests require this parameter. It is the same to the authorizationCode key of the response of apple signing, and its type is base64. It should be decoded to utf-8 before assigning to auth/token API. grant_type: (Required) The grant type determines how the client app interacts with the validation server. Authorization code and refresh token validation requests require this parameter. For authorization code validation, use authorization_code. For refresh token validation requests, use refresh_token. Here is one sample of node.js on SO
Topic: App & System Services SubTopic: General Tags:
Replies
Boosts
Views
Activity
Jun ’22
Reply to App store server api: lookup customer order id return 404
Another question, is there any doc of invoice lookup API? I failed to find it. Is this API released or not for now?
Topic: App & System Services SubTopic: StoreKit Tags:
Replies
Boosts
Views
Activity
Jul ’21
Reply to Storekit: get transaction history return 404
Thank you for your update. Sorry for missing this important notification. The content-length: 0 of the response body, so the body is empty and prove it through pass body in code. Thanks
Topic: App & System Services SubTopic: StoreKit Tags:
Replies
Boosts
Views
Activity
Jul ’21