habsi/authentik
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
34bcc2df1a0b4f56c38b1edf889ed4f850507025
authentik/website/integrations/sources/apple/index.md

2.3 KiB
Raw Blame History

title
title
Apple

Allows users to authenticate using their Apple ID.

Preparation

:::warning An Apple developer account is required for this. :::

The following placeholders will be used:

  • authentik.company is the FQDN of the authentik install.

Apple

  1. Log into your Apple developer account, and navigate to Certificates, IDs & Profiles, then click Identifiers in the sidebar.
  2. Register a new Identifier with the type of App IDs, and the subtype App.
  3. Choose a name that users will recognise for the Description field.
  4. For your bundle ID, use the reverse domain of authentik, in this case company.authentik.
  5. Scroll down the list of capabilities, and check the box next to Sign In with Apple.
  6. At the top, click Continue and Register.

  1. Register another new Identifier with the type of Services IDs.
  2. Again, choose the same name as above for your Description field.
  3. Use the same identifier as above, but add a suffix like signin or oauth, as identifiers are unique.
  4. At the top, click Continue and Register.

  1. Once back at the overview list, click on the just-created Identifier.
  2. Enable the checkbox next to Sign In with Apple, and click Configure
  3. Under domains, enter authentik.company.
  4. Under Return URLs, enter https://authentik.company/source/oauth/callback/apple/.

  1. Click on Keys in the sidebar. Register a new Key with any name, and select Sign in with Apple.
  2. Click on Configure, and select the App ID you've created above.
  3. At the top, click Save, Continue and Register.
  4. Download the Key file and note the Key ID.

  1. Note the Team ID, visible at the top of the page.

authentik

  1. Under Directory -> Federation & Social login Click Create Apple OAuth Source

  2. Name: Apple

  3. Slug: apple

  4. Consumer Key: The identifier from step 9, then ;, then your Team ID from step 19, then ;, then the Key ID from step 18.

    Example: io.goauthentik.dev-local;JQNH45HN7V;XFBNJ82BV6

  5. Consumer Secret: Paste the contents of the keyfile you've downloaded

Save, and you now have Apple as a source.

:::note For more details on how-to have the new source display on the Login Page see here. :::