...
- On the Main tab of the Management Console, click Identity > Identity Providers > Add.
The Add New Identity Provider screen appears. Enter a meaningful name in the Identity Provider Name text box, e.g.,
AppleSignIn
.Under Federated Authenticators, click OAuth2/OpenID Connect Configuration, and enter the required values as given below.
Field Description Sample Value Enable OAuth2/OpenIDConnect Selecting this option enables OAuth2/OpenID Connect to be used as an authenticator for users provisioned to WSO2 Identity Server. Selected Default Selecting this option signifies that OAuth2/OpenID Connect is used as the main/default form of authentication. Selecting this removes the selection made for any other Default checkboxes for other authenticators. Selected Client Id This is the client key
of your Apple application.idp.demologin.com
Client Secret This is the client secret
of your Apple application.Authorization Endpoint URL This is the authorization endpoint URL pertaining to Apple Sign In. https://appleid.apple.com/auth/authorize
Token Endpoint URL This is the token endpoint URL pertaining to Apple Sign In. https://appleid.apple.com/auth/token
Callback URL This is the service provider's URL to which authorization codes
are sent. Upon successful authentication, the browser should be redirected to this URL. The URL should be specified in the following format:https://:/acs
https://localhost/callback
Userinfo Endpoint URL This is not relevant for this feature. - OpenID Connect User ID Location This is not relevant for this feature. - Additional Query Parameters These are the additional query parameters that are necessary authenticate users through Apple Sign In. scope=openid email
Enable HTTP basic auth for client authentication This is not relevant for this feature. Notewarning Make sure to keep it unselected.
- Click Register.
...