On Apple dashboard

To Integrate Apple SSO login on the Appcharge webstore, you'll need to follow these steps:

On the Apple dashboard - Create an App ID and configure Sign in with Apple:

Go to the Apple Developer Portal and sign in with your Apple Developer account.
Click on your account.
In the "Certificates, Ids & Profiles" section please select "Identifiers".
Click the "+" button to create a new App ID.
Edit existing App / Choose "App" and click "Continue".
Fill in the required fields:
1. Description
2. Bundle ID
3. Under "Capabilities" select "Sign in with Apple".
  Click "Continue" and then click "Register" to create the App ID.
  After registering you should be redirected back to the identifiers page.

Create a Service ID for your web application:

In the "Certificates, Ids & Profiles" section please select "Identifiers".
Click the "+" button and select "Services IDs", then click "Continue".
Fill in the required fields:
1. Description
2. Identifier - reversed domain
  click "Continue" and then click "Register".
  After registering you should be redirected back to the identifiers page.
Click on the newly created Service ID, and a details page will open.
Select the checkbox next to the "Sign in with Apple" capability, and then click "Configure".
Add your domain and redirect URLs as follows:
1. Add your domain in the "Domains and Subdomains" section. You'll need to verify your domain by following the instructions provided by Apple.
  1. Example for store domain: https://shop.sweetsugarbakery.com
2. Add your redirect URL(s) in the "Return URLs" section. This is where the user will be redirected after a successful authentication.
  After a successful configuration, confirm the list you’d like to add to this Services ID and click Done.
  To complete the process, click Continue, then click Save.
  1. Example for return URL: https://shop.sweetsugarbakery.com/login?apple=true

Create a private key for client authentication:

In the "Certificates, Ids & Profiles" section, click "Keys".
Click the "+" button to create a new key.
Fill in the key name, check "Sign in with Apple" and click "Configure".
Select the primary App ID you created earlier, then click "Save" and "Continue".
Review the key details and click "Register".
Download the private key (.p8 file) and securely store it. You'll need this to authenticate your server.

See an example of how to open the Player Token generated when a player uses the Sign in with Apple button on the Appcharge webstore:

import jwt
from datetime import datetime, timedelta
client_id = 'CLIENT_SERVICE_ID'
team_id = 'APPLE_DEVELOPER_TEAM_ID'
private_key = '''-----BEGIN PRIVATE KEY-----
YOUR PRIVATE KEY
-----END PRIVATE KEY-----''' # Private key in PEM format
header = {
 'alg': 'ES256',
 'kid': YOUR_PRIVATE_KEY_ID # Key ID for your private key
}
payload = {
 'iss': team_id,
 'iat': datetime.utcnow(),
 'exp': datetime.utcnow() + timedelta(days=180),# 180 days expiration time
 'aud': 'https://appleid.apple.com',
 'sub': client_id
}
client_secret = jwt.encode(payload, private_key, algorithm='ES256', headers=header)
print(client_secret)

Apple Sign-In: Supported Methods

Appcharge supports both code and id_token methods for Apple Sign-In.

id_token: A JWT (JSON Web Token) issued by Apple containing information about the authenticated user.
code: A short-lived authorization code used for server-to-server communication to fetch access tokens.

Both methods will be sent to the publisher and the Player Authentication Webhook.

By default, Appcharge uses the code method. To adjust this configuration, please contact the Appcharge support team.

For further details on Apple’s implementation, refer to their documentation: Sign in with Apple.

On Appcharge Dashboard

In the publisher dashboard, -> Admin area -> authentication tab, activate Apple App and add the Apple App ID
The Sign in with Apple will be presented in the Appcharge webstore
Once a player uses this auth method, a Player Authentication webhook containing the token generated by Apple will be sent.