Apple
Configure "Sign in with Apple" for your mobile application.
"Sign in with Apple" provides a native, privacy-preserving SSO experience on iOS. Use the system Apple button and the Apple Authentication APIs to sign users in, then verify the identity token on your backend and create a session with your auth server.
Apple ID authentication is available on iOS only
Native Apple ID authentication is available on iOS only. You are advised to present the official system button (or our custom component - also compliant!) and follow Apple's Human Interface Guidelines for best practices.
Why use native Apple ID authentication?
First-class native UX
System sheet + official button, aligned with Apple's Human Interface Guidelines for trust and conversion.
Privacy-forward
Private relay email and limited data by design, ensuring your users' privacy is protected and compliant with App Store guidelines.
Fewer passwords
Fast, low-friction sign-in on iOS enabling your users to sign in without the need to remember or create additional passwords.
Secure by default
JWT verification on the server with Better Auth, keeping your users' credentials secure.
Seamless sessions
We exchange Apple credentials for an app session and persist it in the app.
Requirements
- Enable the "Sign in with Apple" capability for your bundle identifier in the Apple Developer Portal
- Add the entitlement and build with EAS (or configure natively)
- Ensure your app's deep link scheme is added to the auth server's trusted origins configuration
Check the Better Auth documentation for more details on how to configure all the required keys and certificates.
High-level flow
- Check availability with
AppleAuthentication.isAvailableAsync(). - Render the system
AppleAuthenticationButtonor custom TurboStarter component. - Call
AppleAuthentication.signInAsync()requestingFULL_NAMEand/orEMAILas needed. - Send the returned
idTokebidentifier to the API powered by Better Auth to verify and establish a session. - Optionally track credential state with
AppleAuthentication.getCredentialStateAsync(user).
Verify on the server
Always verify the JWT signature from idToken on your backend using Apple's
public keys before creating a session.
For a more in-depth overview of Apple ID authentication—including implementation details, platform caveats, and advanced configuration—see the following resources:
How is this guide?
Last updated on