Apple Sign in: revoke token


I have successfully implemented the Apple Sign In/Sign Up flows into my iOS app. However, I am not sure how to proceed regarding the account deletion which, as you may know, has been made mandatory by Apple:

  • If your app offers Sign in with Apple, you’ll need to use the Sign in with Apple REST API to revoke user tokens when deleting an account.

So, only deleting the user account through the Atlas Services is not enough.
I took a look at the revoke flow and tried to follow the tutorial here (for Firebase) but I am encountering an error 'crypto' module: error signing message when running the makeJWT() function.

I think I have an issue with the encoding of the private key if I save it directly as a string. AFAIK I cannot read a file from the function…
Did anyone try to implement the revoke flow on MongoDB/Realm?

Ok so… it has been a mess but I have finally managed to code the whole flow with App Services and Swift. I’ll try to summarize the steps on a repository because there is a lot of unnecessary trial and error involved…

EDIT: GitHub - Sonisan/apple-token-revoke-in-realm
@Ian_Ward in case any of this might be interesting to add in the doc…

1 Like

This topic was automatically closed 5 days after the last reply. New replies are no longer allowed.