# Apple Authorisation ### Apple Developer Account Setup for Apple Sign-In Authorisation 1. Sign In: Access your Apple Developer account at . {% hint style="info" %} Note: You need an Apple Developer account with access to [Certificates, Identifiers & Profiles](https://developer.apple.com/account/resources/) to obtain keys for Apple authorization setup. For guidance on setting up a developer account and joining the "[Apple Developer Program](https://developer.apple.com/programs/)" visit: {% endhint %} ### Create App ID: 1. In the Certificates, Identifiers & Profiles section, click "[**Identifiers**](#user-content-fn-1)[^1]". 2. On the "**Identifiers**" page [**click**](#user-content-fn-2)[^2] the "**+**" icon. 3. In "Register a new identifier," select App IDs and click "[**Continue**](#user-content-fn-3)[^3]". 4. In "Select a type," select App and click "[**Continue**](#user-content-fn-4)[^4]". 5. \ а) On the next step "Register an App ID", enter the name of your project in the "Description" field -> for the "Bundle ID" field, select "Explicit" -> in the "Bundle ID" field, enter the reverse domain name of your service in the format: **`domainZone.domain.oauth`** (example **`net.boxexchanger.oauth`**).\ **In case your OP is located on a subdomain, you need to specify in the format ****`domainZone.subDomain.domain.oauth`**.\ The example of the filled fields "Description" and "Bundle ID" is shown in the [**screenshot**](#user-content-fn-5)[^5].\ b) Below on the page, in the "Capabilities" section, check the box next to "Sign in with Apple," click "**Continue**," and then click "**Register**." 6. The App ID has been successfully created. ### Create Service ID: 1. On the **Certificates, Identifiers & Profiles page**, under the Identifiers section, **click** the "+" icon. 2. On the **Register a new identifier page**, select **Services IDs** -> click "[**Continue**](#user-content-fn-6)[^6]". 3. In the Register a Services ID step: Enter your project name in the **Description** field -> In the "**Identifier**" field input the reverse domain name of your application in the format **`domainZone.domain.service`** (example **`net.boxexchanger.service`**).\ **If your application is hosted on a subdomain, use the format ****`domainZone.subDomain.domain.service`**.\ Refer to the example on the [**screenshot**](#user-content-fn-7)[^7] for correctly filled **Description** and **Identifier** fields **->** click "**Continue**" -> then click "[**Register**](#user-content-fn-8)[^8]" to complete the registration. 4. After successfully creating the **Service ID, on the Certificates, Identifiers & Profiles page** in the **Identifiers section**, use the filter in the top-right to select "[**Services IDs**](#user-content-fn-9)[^9]" -> and click on the name of the previously created "**Service ID"**. 5. On the Edit your Services ID Configuration page, check the box for **Sign in with Apple** and click "[**Configure**](#user-content-fn-10)[^10]". 6. \ a) In the pop-up window for Web Authentication Configuration, the previously created App ID will be selected by default.\ b) In the Register Website URLs section "**Register Website URLs**" - For **Domains and Subdomains**, specify your domain in the following format:\ \- If your domain includes "www": **`www.domain.domainZone`**\ **If your app is on a subdomain, use** **`w.subDomain.domain.domainZone`**\ \ \- If your domain does not include "www":**`domain.domainZone`**\ **If on a subdomain, format it as****`subDomain.domain.domainZone`**\ \ c) In Return URLs, provide the callback URL in this format: **`https://www.domain.domainZone/service/auth/apple/callback`**\ **Example**: **`https://www.boxexchanger.net/service/auth/apple/callback`**\ \ **A** [**screenshot**](#user-content-fn-11)[^11] **example illustrates completed fields.**\ **d**) After filling in the fields, click Next.\ e) In the following step, Confirm your web authentication configuration, and click "[**Done**](#user-content-fn-12)[^12]". 7. After closing the window from step 6, on the **Edit your Services ID Configuration page,** click "[**Continue**](#user-content-fn-13)[^13]" in the upper-right corner -> then click "[**Save**](#user-content-fn-14)[^14]". 8. The Service ID has now been successfully created and configured. ### Creating Authorisation Keys 1. In **Certificates, Identifiers & Profiles**, under Keys, "**Keys**" [**clic**](#user-content-fn-15)[^15]**k** the "**+**" icon. 2. On the Register a New Key page: Enter a **Key Name** , e.g., **`oauthKey`** -> Check the box for "**Sign in with Apple**" -> click "[**Configure**](#user-content-fn-16)[^16]". 3. At the next step, "**Configure Key,**" for the "**Primary App ID"** field, select the previously created "App ID" and click "[**Save**](#user-content-fn-17)[^17]". 4. On the "Register a New Key" page, click "[**Continue**](#user-content-fn-18)[^18]" in the top-right corne -> then click "[**Register**](#user-content-fn-19)[^19]". 5. At the next step, "**Download Your Key,**" copy the "**Key ID**" value to a secure location, click "**Download**" to download the secret key file, and then click "**Done**." 6. In the top-right corner of the page, copy the "Team ID" value to a secure location as shown in the [**screenshot**](#user-content-fn-20)[^20]. 7. On the "**Certificates, Identifiers & Profiles**" page, in the "**Identifiers**" section, select "Services IDs" from the filter in the top-right corner, then copy the "**IDENTIFIER**" value for the previously created "**Service ID"** to a secure location, as shown in the [**screenshot**](#user-content-fn-21)[^21]. ### Configuration in the Admin Panel 1. Go to the BoxExchanger admin panel, open the "**Authentication System**" page, and find the "**Apple**" authentication method. 2. In the "[**keyID**](#user-content-fn-22)[^22]" field enter the "**Key ID"** copied from step 5 of the previous section of the instructions. 3. In the "[**teamID**](#user-content-fn-23)[^23]" field enter the "**Team ID"** copied from step 6 of the previous section of the instructions. 4. In the "[**clientID**](#user-content-fn-24)[^24]" field enter the "**IDENTIFIER**" copied from step 7 of the previous section of the instructions. 5. In the "[**clientSecret**](#user-content-fn-25)[^25]" field, enter the secret key from the downloaded file in step 5 of the previous section of the instructions. You can open the downloaded secret key file using a text editor of your choice. 6. Toggle the switch next to the "**Apple**" authentication method to the active position, as shown in [**screenshot**](#user-content-fn-26)[^26]. 7. In the admin panel, go to the "**Site Settings**" page, open the "[**Server**](#user-content-fn-27)[^27]" section -> and restart the **"api-http"** processes following the instructions below.

Algorithm for restarting the process

1. Click "Reboot" next to the required process. 2. Confirm the reboot. 3. Wait 10 seconds. 4. Reload the page and check that the update time shows "A few seconds ago."

8. As a result, the **Apple** authentication method will be available in the **client login and registration window.** [^1]:

[^2]:

[^3]:

[^4]:

[^5]:

[^6]:

[^7]:

[^8]:

[^9]:

[^10]:

[^11]:

[^12]:

[^13]:

[^14]:

[^15]:

[^16]:

[^17]:

[^18]:

[^19]:

[^20]:

[^21]:

[^22]:

[^23]:

[^24]:

[^25]:

[^26]:

[^27]:

--- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://manual-en.boxexchanger.net/authorisation-systems-done/avtorizaciya-apple.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.