Your suggested change has been received. Thank you.

close
Thales Logo

All

  • All
  • CipherTrust Manager
  • CipherTrust Application Data Protection (CADP)
  • CipherTrust Application Key Management (CAKM)
  • CipherTrust Batch Data Transformation (BDT)
  • CipherTrust Cloud Key Management (CCKM)
  • CipherTrust Data Discovery and Classification (DDC)
  • CipherTrust Data Protection Gateway (DPG)
  • CipherTrust Database Protection (CDP)
  • CipherTrust Intelligent Protection (CIP)
  • CipherTrust Integrations
  • CipherTrust Migrations
  • CipherTrust RESTful Data Protection (CRDP)
  • CipherTrust Transparent Encryption (CTE)
  • CipherTrust Transparent Encryption Userspace (CTE-U)
  • CipherTrust Secrets Management (CSM)
  • CipherTrust Vaulted Tokenization (CT-V)
  • CipherTrust Vaultless Tokenization (CT-VL)
  • CTE-Linux
  • CTE-Windows
  • CTE-AIX
  • CTE-K8s
  • CTE-U
  • Crypto Command Center
  • Data Protection on Demand
  • Luna Cloud HSM
  • Luna Network HSM
  • Luna PCIe HSM
  • Luna USB HSM
  • OneWelcome Identity Platform
  • ProtectApp LUKS
  • ProtectServer 2 HSM
  • ProtectServer 3 HSM
  • SafeNet Trusted Access (STA)
  • SafeNet MobilePASS+
  • SafeNet MobilePASS+ for Android
  • SafeNet MobilePASS+ for Chrome
  • SafeNet MobilePASS+ for macOS
  • SafeNet MobilePASS+ for iOS
  • SafeNet MobilePASS+ for WatchOS
  • SafeNet MobilePASS+ for Windows
  • SafeNet Synchronization Agent
  • SafeNet Logging Agent
  • SafeNet Agent for FreeRADIUS
  • SafeNet Agent for NPS
  • SafeNet Agent for Windows Logon
  • SafeNet Authentication Service Private Cloud Edition (SAS PCE)
  • SafeNet Remote Logging Agent
  • SafeNet Keycloak Agent
  • SafeNet IDPrime Virtual (IDPV)
  • SafeNet FIDO Key Manager
  • SafeNet FIDO Key Manager for Android
  • SafeNet FIDO Key Manager for iOS
  • SafeNet FIDO Key Manager for Windows
back

Identity broker

Apple external IDP

search
printsuggest an edit

Apple external IDP

Apple can provide identity data during the onboarding and authentication processes. Apple is considered a social identity provider. It is available in the Identity Broker for authentication. During onboarding, Apple can be ingested in User Journey Orchestration.

The Apple social connection allows users to log in to your application using their Apple account. The Apple App Store Developer guidelines require Sign In With Apple (SIWA) to be available in applications that only use third-party sign-in options, such as Facebook or Google.

copy link to clipboardRequest Sign in with Apple at Apple

Apple also described this registration process.

copy link to clipboardPrerequisites

This process requires:

  • An Apple developer program account

copy link to clipboardCreate an app ID at Apple

  1. Log in to the Apple developer portal using your Apple developer account.

  2. Go to your account.

  3. Under Certificates, IDs & Profiles open Identifiers.

  4. Click the + (plus sign).

  5. On the Register a New Identifier page, ensure that App IDs is selected and click Continue.

  6. Select a type: App.

  7. Enter a description and a bundle ID.

  8. Scroll down through the Capabilities list and select Sign In with Apple.

  9. Save your changes.

copy link to clipboardCreate a services ID

  1. To return to Identifiers, click All Identifiers.

  2. In the drop-down list on the right, select Services IDs.

  3. Click the + (plus sign).

  4. On the Register a New Identifier page, ensure that Services IDs is selected and click Continue.

  5. Set the name of the app as the Description, and an identifier. Users see this description during the login flow. The identifier is used as the BundleID in the Identity Broker configuration.

  6. Open the Service ID you just registered and enable Sign in with Apple. Select Configure.

  7. Select the AppID that you created. And add your tenant domain and callback URL, which looks like https://<tenant-domain>/broker/authentication/callback.

  8. Save your changes.

copy link to clipboardCreate a signing key

  1. In the menu on the left, open the Keys.

  2. Click the + (plus sign).

  3. Add a keyname and enable Sign in with Apple below. Select Configure.

  4. Select the AppID of the application that you created.

  5. Save your changes.

  6. Continue and register. Download your key and copy the KeyID.

copy link to clipboardConfigure Sign in with Apple in the Identity Broker

  1. Click Add identity provider and select Sign in with Apple.

    In a typical scenario, you fill in the following information on the connection level:

copy link to clipboardVariant

You always need at least one variant. For Sign in with Apple, you only need to configure a variant name, such as Authentication.

On this page