Hey,
Appreciate the response but this is regarding the new Sign In With Apple API - Apple Developer Documentation.
I noticed that auth0 created a few blog posts on Sign In With Apple and was hoping the auth0 team could provide some insight on my question above. But I think I figured it out. After the user is authenticated, the client app receives the credentials, sends the credentials to my server. My server will verify the identity_token provided by Apple’s server, I’ll have my server create a refresh token, send it down to the client and then the next time the client calls my server, I’ll verify the refresh token and then send down an access token.
I won’t do steps 4, 5, 6 and the TokenResponse step in 3.