Sign In with Apple

cloud

(Oscar Apeland) #1

Hey!

Has anyone implemented Sign In with Apple against the Realm Cloud? I haven’t made my own auth solution before, and am a little confused as to how I should proceed. How should I authenticate against the Realm Cloud SyncUser API with the new Apple auth? I’d appreciate some simple guidelines/steps/links on how I should do it.


#2

You need to have a server side function that extracts the user ID from the Apple auth token and creates a JWT for signing in with Realm Cloud.

I am doing this with Firebase Auth but the process would pretty much be the same for Sign In With Apple.

1: Sign in with Apple on your phone
2: Send the Auth token to your server
3: Validate the token with Apples servers and get the UID
4: Create a signed JWT with the UID and return this to your app.
5: Now Sign in to Realm Cloud using the JWT

This guide is written for Firebase, but many of the steps are the same:
https://docs.realm.io/sync/v/3.x/guides/firebase-authentication-with-realm-cloud


(naman johnson101) #3

hello,

thanks for sharing this information this is really helpfull or informative for me thanks again

thanks and regards 9apps apk
cartoon hd


#4

I might be wrong but steps 1 through 3 can be done in swift. At least, in the WWDC presentation, everything from Apple server validation to extracting user info is done in swift. Once you extract the uid, you can send it to your server which will then create a signed JWT, send it back as a response, and your app will use that to login to Realm Cloud or create a user + login.


#5

Step 1 and 2 is done in the app, but you have to validate the token on the server side too. Otherwise, how are you supposed to protect access to your cloud instance? If you don’t do this, anyone could log in if they only now the uid.


#6

You have a point. I didn’t think about that.
So in this case, the token is validated twice? Once in the app because that’s how the token is generated, and once in the server.


#7

Yeah, I assume that’s true. I mean, in the app you should be able to trust that the token you get from the SDK is valid. But the server can’t trust it unless it is validated there too :wink:


#8

Thanks for clarifying Sipe :wink:


#9

Here is an excellent guide on how to implement Sign in with Apple with a backend:

If the authentication succeeds, sign a jwt with the userID using your private key and send it back to the client which will use it to communicate with Realm using SyncCredentials.jwt().