Versions Compared

Old Version 18

changes.mady.by.user Former user

Saved on

compared with

New Version Current

changes.mady.by.user Former user

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Configuring the identity provider

Follow the steps below to To configure WSO2 Identity Server as an identity provider that uses Apple for federated authentication:

  1. On the Main tab of the Management Console, click Identity > Identity Providers > Add
    Add Identity Provider menu-item
    The Add New Identity Provider screen appears.
    Add New Identity Provider screen

  2. Enter a meaningful name in the Identity Provider Name text box, e.g., AppleSignIn

  3. Under Federated Authenticators, click OAuth2/OpenID Connect Configuration, and enter the required values as given below. 

    FieldDescriptionSample Value
    Enable OAuth2/OpenIDConnectSelecting this option enables OAuth2/OpenID Connect to be used as an authenticator for users provisioned to WSO2 Identity Server.Selected
    DefaultSelecting this option signifies that OAuth2/OpenID Connect is used as the main/default form of authentication. Selecting this removes the selection made for any other Default checkboxes for other authenticators.Selected
    Client IdThis is the client key of your Apple application.idp.demologin.com
    Client SecretThis is the client secret of your Apple application.
    Authorization Endpoint URLThis is the authorization endpoint URL pertaining to Apple Sign In.https://appleid.apple.com/auth/authorize
    Token Endpoint URLThis is the token endpoint URL pertaining to Apple Sign In.https://appleid.apple.com/auth/token
    Callback URLThis is the service provider's URL to which authorization codes are sent. Upon successful authentication, the browser should be redirected to this URL. The URL should be specified in the following format: https://:/acshttps://localhost/callback
    Userinfo Endpoint URLThis is not relevant for this feature.-
    OpenID Connect User ID LocationThis is not relevant for this feature.-
    Additional Query ParametersThese are the additional query parameters that are necessary to authenticate users through Apple Sign In.scope=openid email
    Enable HTTP basic auth for client authenticationThis is not relevant for this feature.
    Warning

    Make sure to keep it unselected.

  4. Click Register

...

Configuring the service provider

Follow the steps below to To configure the client application as a service provider in WSO2 Identity Server.:

  1. In the Main menu of the WSO2 Identity Server Management Console, click Identity > Service Providers > Add

    Add Service Provider menu-item

    The Add New Service Provider screen appears.

    Add New Service Provider screen

  2. Enter a meaningful name for the client application in the Service Provider Name text box and click Register. The Service Providers screen appears. 

    Service Providers screen

  3. Click Inbound Authentication Configuration section and configure based on the authentication protocol that is required for the client application. 

    Inbound Authentication Configuration options

    Tip

    If your client application uses OpenID Connect, click OAuth/OpenID Connect Configuration > Configure

    1. Enter the callback URL or your Apple application.

    2. Click Register. Note that you will be redirected to the Service Providers screen, which displays the client key and client secret.

    Info

    For more information on inbound authentication configurations, see Configuring Inbound Authentication for a Service Provider.

  4. Under Local and Outbound Authentication Configuration section, select Federated Authentication as the Federated Authentication radio button and select the identity provider as AppleSignIn

    Local and Outbound Authentication Configuration

  5. Click Update to save the changes.

...