Issues configuring Sign in with Apple


I’m having a difficult time getting sign with apple to work with Realm. I followed the guide but I guess I’m still a bit confused:

  • Why do I need a serviceID if my app is only running on iPhone? Is that required if I have a website?
  • Same question applies to universal links. When I fetch the identityToken from the apple server, I can just make a call to and wait for a response? Why would I need my own backend and a universal link?

My main issue with the guide is that upon generating a jwt per step 4 of the guide (, I create a secret in Realm under values but it’s complaining about the length of the secret value: clientSecret length should be less than or equal to 500

Any help would be appreciate.

Hi @Trunks99

Have many characters is the script generating? I remember an issue where there was a garbage character at the end and I just had to delete those characters and it worked.

Hi @Lee_Maguire1 ,

Thqnks for the prompt response.

  • When I create a serviceID, it’s asking me for a domain. That is what confuses me – why would I need a backend myself?

  • I will take a look.

The script is generating over 2900 characters which seems excessive:
2961 client_secret.txt

Hey what have u entered in the “domain” and “return Url” field?

Hi Jannis,

I left those fields empty.

I figured I don’t need them if I handle the binding logic in the client. Basically, follow the Sign In With Apple tutorial provided by Apple (ignore Realm’s sample code for this part). Once you get the token back, feed it to realm’s sign in with Apple function.

I can provide more specifics next week if you are interested, as I don’t have my laptop with me right now.


Hey Trunks,

im very interested. I still couldn’t figure it out.


Hey Jannis,

No need for redirect URIs if you do it as follows:

func handleAuthorizationAppleIDButtonPress() {
    let appleIDProvider = ASAuthorizationAppleIDProvider()
    let request = appleIDProvider.createRequest()
    request.requestedScopes = [.fullName, .email]
    let authorizationController = ASAuthorizationController(authorizationRequests: [request])
    authorizationController.delegate = self
    authorizationController.presentationContextProvider = self

@available(iOS 13.0, *)
func presentationAnchor(for controller: ASAuthorizationController) -> ASPresentationAnchor {
    return self.view.window!

@available(iOS 13.0, *)
func authorizationController(controller: ASAuthorizationController, didCompleteWithError error: Error) {
    print("Something bad happen, \(error)")

@available(iOS 13.0, *)
func authorizationController(controller: ASAuthorizationController, didCompleteWithAuthorization authorization: ASAuthorization) {
    switch authorization.credential {
    case let appleIDCredential as ASAuthorizationAppleIDCredential:
        // Create an account in your system.
        let userIdentifier = appleIDCredential.user
        let firstName = appleIDCredential.fullName?.givenName ?? ""
        let lastName = appleIDCredential.fullName?.familyName ?? ""
        let fullName = appleIDCredential.fullName
        let email =
        let identityToken = String(data: appleIDCredential.identityToken ?? Data(), encoding: .utf8)
        let app = App(id: "your-app-id")
        // Fetch IDToken via the Apple SDK
        let credentials = identityToken ?? "")
        app.login(credentials: credentials) { (result) in
            switch result {
            case .failure(let error):
                print("Login failed: \(error.localizedDescription)")
            case .success(let user):
                print("Successfully logged in as user \(user)")
    case let passwordCredential as ASPasswordCredential:
1 Like

Could you make it work without a server?

I’m pretty sure Realm asks for a backend because it needs to verify the token you provide I believe.

It would be great if Realm Sync could handle Apple SIWA only with its userId instead of idToken.

Yes – unless I’m missing something. I posted the code above.

First, I generate the token using Sign in with Apple, then I feed it to Realm and I’m assuming that Realm does the verification and talks to the Apple servers for that. Once that process is done, I receive a response and log my user in.

Hello, I’m trying to figure out how to make a services ID for an iOS App. you cannot leave the fields empty anymore. What can I do for the domain and return url?