Abstract:
Need assistance with Certificates, Identifiers and Profiles settings to permit two apps to make use of Register with Apple.
Background:
We’ve an internet software (React, static JavaScript) that permits customers to check in with Apple, Google or Microsoft by way of OAuth/OIDC.
We’re creating a cell software utilizing React Native and Expo.
Each the online software and the cell software use the identical backend (Django).
For the cell software, we added Google and Microsoft check in by way of the identical web-based OAuth/OIDC circulation. For Register with Apple, we’re utilizing the expo-apple-authentication package deal to get the required native check in expertise.
We’ve two energetic app identifiers:
- org.terraso.terraso; net app; main Apple ID
- org.terraso.take a look at.Terraso-LandPKS; cell apple; Group with an present main App ID (chosen (1), the online app)
We’ve one companies identifier:
- org.terraso.app; main ID is net app (app identifier 1) above; URLs have been configured
We’ve one app group:
- group.org.terraso (appears unused)
On our backend app, we have now code:
https://github.com/techmatters/terraso-backend/blob/abc655e83eaca849e2bc24389946cc4f0bcd9d48/terraso_backend/apps/auth/suppliers.py#L84
and APPLE_CLIENT_ID
is ready to org.terraso.app (which matches the companies identifier above
In my native growth atmosphere, I’ve tried a couple of totally different mixtures of IDs making an attempt to get this to work utilizing the iOS simulator:
(i) backend consumer id: org.terraso.app
cell app bundle Id: org.terraso.take a look at.Terraso-LandPKS
consequence: error: jwt.exceptions.InvalidAudienceError: Viewers does not match
(ii) backend: org.terraso.app
cell app: org.terraso.app
consequence: clicking “Signal In” in Apple ID dialog is a no-op (no errors from consumer or server)
(iii) backend: org.terraso.take a look at.Terraso-LandPKS
cell app: org.terraso.take a look at.Terraso-LandPKS
consequence: works (however I am unable to use that in manufacturing, as a result of the consumer ID is unsuitable)
How can I configure Register with Apple to permit each the online app, the cell app (and potential extra cell apps) to work with the identical backend?
Do I have to us app teams? When do you employ app teams vs “group with an present main apple id”?