Sign in with Apple ID is no longer possible after revoking access

App & System Services General
charles-zola OP
Created Mar ’20
Replies 5
Boosts 0
Views 4.7k
Participants 4

Our app is using both the Apple id provider and the password provider when presenting the ASAuthorizationController:


let authorizationRequests: [ASAuthorizationRequest] = [
     ASAuthorizationAppleIDProvider().createRequest(), 
     ASAuthorizationPasswordProvider().createRequest()
]


If we perform the following steps:

1. Signup/login to our app via Apple id

2. Go to Settings.app -> Apple ID -> Password & Security -> Apps Using Your Apple ID -> Our App, and then tap "Stop Using Apple ID"

3. Go back to our app, sign out, and try to login with Apple again


The option to login with an Apple id is never presented again IF the password provider has options (eg: other emails/passwords that may have been used on the service). At this point, the user can effectively never sign in with their Apple ID ever again. The only way that I've found to get the Apple ID option to return is to remove the password provider request from the authorization requests.


Is this a bug? We'd ideally like to keep the password provider as an option for our users, but doing so would mean that revoking access to the Apple ID via Settings would be a permanent action... which would also mean that anyone using email forwarding would have no way to ever access their account ever again after revoking access.

Replies  5
Boosts  0
Views  4.7k
Participants  4
Frameworks Engineer OP
Apple
Mar ’20

Hi,


When using the native API, Having both a password request and an appleID request performs a search for existing credentials (either Apple ID or Password) if none are found the API will not return any credentials.


To create a Sign in with Apple credential you need to only pass an AppleID request. this will show the UI and allow the user to create a Sign in with Apple credential with your application.

0
1davidnorman OP
Apr ’20

I'm running into this problem now I think. If I understand correctly then I need to pass both a password request and an appleID request first to check if there are existing credentials.
If there are existing credentials then I pass only the password request to the authorizationController.
If there are not existing credentials then I pass only the appleID request to the authorizationController.

Is that correct?

0
Frameworks Engineer OP
Apple
Apr ’20

Hi David

When passing both types of requests, you will get the result in the delegate method (just as you would when you pass only one).

If there are existing credentials they will be there in the delegate method where you can get the information depending if you get a PasswordCredential or an AppleIDCredential.


If there are no existing credentials, you will receive most likely an error in the delegate method. At this point which most likely will happen on your login screen, the user will have the option to create a credential by clicking on the Sign in with Apple button which should contain the code with only the AppleID request.


I would recommend adding the code with both requests when the login view is loaded, so that if there are any credentials, the user can see the prompt and select their credential and move right on to your application.


the Single request (AppleID only request) code should be executed when the user selects "Sign in with Apple" with the button.

1
1davidnorman OP
Apr ’20

Ok thank you that makes sense, will do.

0
tmukun OP
May ’24
  1. Go to Settings.app -> Apple ID -> Password & Security -> Apps Using Your Apple ID -> Our App, and then tap "Stop Using Apple ID"

It does nothing for my newly built testflight react native app. Any idea why nothing happens when I click on "Stop Using Apple ID" tested this for multiple user and all are unable to delete Apple ID after installation/login.

0
Sign in with Apple ID is no longer possible after revoking access
First post date Last post date
 
 
Q