I have been testing the new Sign In with Apple integration and have come across an issue when using “Sync user profile attributes at each login” option with the integration.
There are cases where it seems apple isn’t returning the full profile (so email is missing) and is causing an Identity with verified email (as is supposed to be for Social Identities) to become unverified and causing problems when there are verified email requirements.
To reproduce this:
setup the “Sign In with Apple” integration and turn on the “Sync user profile attributes at each login” option
setup a web app with “Sign In with Apple” option turned on
login to app in Safari, this should be successful with no problems
check the Identity in Auth0 dashboard and see that email is verified
login to same app with same Apple ID in Chrome, this may or may not result in errors depending on your app setup and rules (for us we have a email verified check so results in an error)
check the same Identity in Auth0 dashboard and see that email is no longer verified
If the “Sync user profile attributes at each login” option is turned off then no issue occurs but obviously the profile is never updated.
Will Auth0 attempt to workaround this for the “Sign In with Apple” option? Or is something else going on here?
Hi there @charsleysa, I apologize for the delay in response.
I wanted to follow up on this front to see if you are still experiencing this challenge after the latest changes? If so I would love to sync with you on this front! Can you direct message me your tenant so I can further investigate? Thanks in advance!
I have a ticket open (#00439423) and haven’t received a response that the issue has been resolved.
Have are there changes that haven’t been announced yet?
Since you currently have an open ticket in regards to this front, to eliminate duplicate effort I will let our Support team take the lead on this. However as a solution a rises I will share it here as well. Thanks!
It looks like this was fixed by Apple yesterday actually and should be behaving correctly now. You can turn on the sync user profile option again without running into the issue with the user’s email being unverified. Let me know if you are still seeing the issue.
Edit: now the email isn’t received regardless of whether sync profile option is turned on or not.
I’m sorry to hear you are still running into issues @charsleysa, did you let the engineer know that you were previously working the support ticket with?
Yes I let the engineer know and have heard back. With his help I figured out that the changes that were made don’t seem to apply to all Apple IDs that have already connected to your app before the changes were made and that the connection must be deleted for it to start working again.
To do this I had to go to https://appleid.apple.com, find the “Security” section, find the “APPS & WEBSITES USING APPLE ID” setting and click manage, then click on our app and click the “Stop using Apple ID” button.
