App Store Requirement: Apple requires that if you implement any third-party authentication options (like Google Sign-In) in your iOS app, you must also implement Apple Sign-In to pass the App Store review process. This is a mandatory requirement from Apple, not optional.

Prerequisites

Before setting up Apple Sign-In, make sure you have:
  • Set up your Supabase project with basic configuration
  • An Apple Developer account (requires paid enrollment in the Apple Developer Program)
  • Access to the Apple Developer Portal

Setting Up Apple Sign-In

1

Create an App ID in the Apple Developer Portal

  1. Go to the Apple Developer Portal
  2. Under Certificates, IDs & Profiles, click on Identifiers.
  3. Click the + button to create a new identifier
  4. Select App IDs and click Continue
  5. Choose App as the type and click Continue
  6. Fill in a description (e.g., “My App”)
  7. Enter your Bundle Identifier that matches your app.json (e.g., com.buildwithai.travelapp)
  8. Scroll down to Capabilities and enable Sign In with Apple
  9. Click Continue then Register on the top right
2

Create a Service ID

  1. Go to the Apple Developer Portal
  2. Under Certificates, IDs & Profiles, click on Identifiers.
  3. Click the + button to create a new identifier
  4. Select Service IDs and click Continue
  5. Fill in a description (e.g., “My App - Apple Sign In”)
  6. Enter a unique identifier, which could be your app ID with .signin appended (e.g. com.buildwithai.travelapp.signin)
  7. Click Continue then Register on the top right
After registration:
  1. Click on your newly created Service ID from the list
  2. Check Sign In with Apple and click Configure
  3. Add your Supabase domain as a Website URL (your Supabase project URL in .env)
  4. Add your return URL (your Supabase project URL in .env + /auth/v1/callback)
  5. Click Save, then Continue, and Save again
3

Create a Private Key

  1. Go to the Apple Developer Portal
  2. Under Certificates, IDs & Profiles, click on Keys in the sidebar
  3. Click the + button to create a new key
  4. Enter a name for your key (e.g., “My App Sign In Key”)
  5. Check Sign In with Apple and click Configure
  6. Select your primary App ID (e.g., com.buildwithai.travelapp) and click Save
  7. Click Continue then Register
  8. Download your private key file (a file with .p8 at the end) - this can only be downloaded once
  9. Note your Key ID for later use

Generate a client_secret

The secret key you downloaded is used to create the client_secret string you’ll need to authenticate your users. According to the Apple Docs it needs to be a JWT token encrypted using the Elliptic Curve Digital Signature Algorithm (ECDSA) with the P-256 curve and the SHA-256 hash algorithm. This integration includes scripts to generate the required client secret JWT for Apple Sign-In - choose either the interactive or manual method below. We’ve included an interactive script that guides you through the process step-by-step:
  1. Prepare your credentials:
    • Have your Apple Developer credentials ready (Team ID, Service ID, Key ID)
    • Copy your downloaded .p8 private key file to the project root directory
  2. Run the interactive script: 
    npm run apple-secret
  3. Follow the prompts:
    • Enter your Team ID when asked
    • Enter your Service ID (e.g., com.buildwithai.travelapp.signin)
    • Enter your Key ID
    • The script will automatically find your .p8 file if it’s in the project root
  4. Copy the result:
    • The script will output a long JWT token
    • Copy the entire token (it starts with eyJ...)
  5. Add to Supabase:
    • Go to your Supabase Dashboard
    • Navigate to Authentication → Sign In / Providers
    • Find “Apple” and click to configure
    • Enable “Sign in with Apple”
    • Paste the JWT as “Secret Key (for OAuth)”
    • Set “Client IDs” to your Service ID
    • Click Save

Alternative: Manual Script

If the interactive script doesn’t work for your setup or you prefer a manual approach, you can use the alternative manual script:
  1. First, open and update integrations/apple-auth/gen-apple-secret.js with your Team ID, Service ID, Key ID, and private key file path
  2. Then run the script: 
    npm run apple-secret-manual

Enabling Apple Sign-In in Your App

Now that you’ve set up Apple Sign-In with Supabase, you need to enable the feature in your app codebase:
1

Implementation

Follow the implementation instructions in the integrations/apple-auth/README.md file included in your boilerplate codebase. This file contains all necessary steps for setting up Apple Sign-In in your application.
Once you’ve completed the implementation steps, the Apple Sign-In button will appear in the authentication screens and be fully functional - on iOS only.

Testing Your Configuration

To test your Apple Sign-In configuration:
  1. Rebuild development build
  2. Navigate to the sign-in screen
  3. Tap the “Sign in with Apple” button
  4. Complete the Apple authentication flow
  5. Verify that you are successfully signed in to your app

Additional Resources