On Apple dashboard

To Integrate Apple SSO login on the Appcharge webstore, you'll need to follow these steps:

On the Apple dashboard - Create an App ID and configure Sign in with Apple:

1. Go to the Apple Developer Portal and sign in with your Apple Developer account.
2. Click on your account.
3. In the "Certificates, Ids & Profiles" section please select "Identifiers".
4. Click the "+" button to create a new App ID.
5. Edit existing App / Choose "App" and click "Continue".
6. Fill in the required fields:
   1. Description
   2. Bundle ID
   3. Under "Capabilities" select "Sign in with Apple".
      Click "Continue" and then click "Register" to create the App ID.
      After registering you should be redirected back to the identifiers page.

Create a Service ID for your web application:

1. In the "Certificates, Ids & Profiles" section please select "Identifiers".
2. Click the "+" button and select "Services IDs", then click "Continue".
3. Fill in the required fields:
   1. Description
   2. Identifier - reversed domain
      click "Continue" and then click "Register".
      After registering you should be redirected back to the identifiers page.
4. Click on the newly created Service ID, and a details page will open.
   Select the checkbox next to the "Sign in with Apple" capability, and then click "Configure".
5. Add your domain and redirect URLs as follows:
   1. Add your domain in the "Domains and Subdomains" section. You'll need to verify your domain by following the instructions provided by Apple.
      1. Example for store domain: https://shop.sweetsugarbakery.com
   2. Add your redirect URL(s) in the "Return URLs" section. This is where the user will be redirected after a successful authentication.
      After a successful configuration, confirm the list you’d like to add to this Services ID and click Done.
      To complete the process, click Continue, then click Save.
      1. Example for return URL: https://shop.sweetsugarbakery.com/login?apple=true

Create a private key for client authentication:

1. In the "Certificates, Ids & Profiles" section, click "Keys".
2. Click the "+" button to create a new key.
3. Fill in the key name, check "Sign in with Apple" and click "Configure".
4. Select the primary App ID you created earlier, then click "Save" and "Continue".
5. Review the key details and click "Register".
6. Download the private key (.p8 file) and securely store it. You'll need this to authenticate your server.

See an example of how to open the Player Token generated when a player uses the Sign in with Apple button on the Appcharge webstore:

import jwt
from datetime import datetime, timedelta
client_id = 'CLIENT_SERVICE_ID'
team_id = 'APPLE_DEVELOPER_TEAM_ID'
private_key = '''-----BEGIN PRIVATE KEY-----
YOUR PRIVATE KEY
-----END PRIVATE KEY-----''' # Private key in PEM format
header = {
 'alg': 'ES256',
 'kid': YOUR_PRIVATE_KEY_ID # Key ID for your private key
}
payload = {
 'iss': team_id,
 'iat': datetime.utcnow(),
 'exp': datetime.utcnow() + timedelta(days=180),# 180 days expiration time
 'aud': 'https://appleid.apple.com',
 'sub': client_id
}
client_secret = jwt.encode(payload, private_key, algorithm='ES256', headers=header)
print(client_secret)

On Appcharge Dashboard

1. In the publisher dashboard, -> Admin area -> authentication tab, activate Apple App and add the Apple App ID
2. The Sign in with Apple will be presented in the Appcharge webstore
3. Once a player uses this auth method, a Player Authentication webhook containing the token generated by Apple will be sent.