Hi, I followed step by step documentation to implement SignIn with Apple in iOS/Android application.
I created an AppId com.nhp.queenergy, a related ServiceId com.nhp.queenergy.apple, and a KeyId.
Authorization request is correctly performed by using ServiceId as client_id and my backend redirect_uri I receive code on my backend
Token request is performed by using ServiceId as client_id, same redirect_uri, the code I have just received and the client_secret as JWT signed with my .p8 certificate with the following decoded structure
Header { "kid": <KeyId>, "typ": "JWT", "alg": "ES256" }
Payload { "iss": <TeamId>, "sub": "com.nhp.queenergy.apple", "aud": "https://appleid.apple.com", "exp": 1756113744, "iat": 1756111944 }
I always receive "invalid_grant" error without any further error description.
Moreover the error is always the same even though I use any fake string as client secret. If the code expires, as expected the error changes by adding "The code has expired or has been revoked."
I really don't know how to solve this issue
Best regards
Please review the forums post below, as well as the technote within, to learn more about resolving Sign in with Apple response errors:
Gathering required information for troubleshooting Sign in with Apple authorization and token requests
https://developer.apple.com/forums/thread/801173
If you're unable to resolve the errors, please follow the steps described in the post above and reply here with the Feedback ID.
Cheers,
Paris X Pinkney | WWDR | DTS Engineer
