2021-10-18 14:35:12 +00:00
---
title: Apple
---
2022-06-15 19:31:34 +00:00
< span class = "badge badge--primary" > Support level: authentik< / span >
2021-10-18 14:35:12 +00:00
Allows users to authenticate using their Apple ID.
## Preparation
:::warning
2022-08-16 15:04:44 +00:00
An Apple developer account is required.
:::
:::warning
Apple mandates the use of a [registered TLD ](https://en.wikipedia.org/wiki/List_of_Internet_top-level_domains ), as such this source will not work with .local and other non-public TLDs.
2021-10-18 14:35:12 +00:00
:::
The following placeholders will be used:
2022-05-09 19:22:41 +00:00
- `authentik.company` is the FQDN of the authentik install.
2021-10-18 14:35:12 +00:00
## Apple
1. Log into your Apple developer account, and navigate to **Certificates, IDs & Profiles** , then click **Identifiers** in the sidebar.
2. Register a new Identifier with the type of **App IDs** , and the subtype **App** .
3. Choose a name that users will recognise for the **Description** field.
4. For your bundle ID, use the reverse domain of authentik, in this case `company.authentik` .
5. Scroll down the list of capabilities, and check the box next to **Sign In with Apple** .
6. At the top, click **Continue** and **Register** .
![](app_id.png)
7. Register another new Identifier with the type of **Services IDs** .
8. Again, choose the same name as above for your **Description** field.
9. Use the same identifier as above, but add a suffix like `signin` or `oauth` , as identifiers are unique.
10. At the top, click **Continue** and **Register** .
![](service_id.png)
11. Once back at the overview list, click on the just-created Identifier.
12. Enable the checkbox next to **Sign In with Apple** , and click **Configure**
13. Under domains, enter `authentik.company` .
14. Under **Return URLs** , enter `https://authentik.company/source/oauth/callback/apple/` .
![](app_service_config.png)
15. Click on **Keys** in the sidebar. Register a new Key with any name, and select **Sign in with Apple** .
16. Click on **Configure** , and select the App ID you've created above.
17. At the top, click **Save** , **Continue** and **Register** .
18. Download the Key file and note the **Key ID** .
![](key.png)
19. Note the Team ID, visible at the top of the page.
## authentik
2022-05-17 22:03:02 +00:00
20. Under _Directory -> Federation & Social login_ Click **Create Apple OAuth Source**
2021-10-18 14:35:12 +00:00
21. **Name** : `Apple`
22. **Slug** : `apple`
23. **Consumer Key:** The identifier from step 9, then `;` , then your Team ID from step 19, then `;` , then the Key ID from step 18.
Example: `io.goauthentik.dev-local;JQNH45HN7V;XFBNJ82BV6`
24. **Consumer Secret:** Paste the contents of the keyfile you've downloaded
Save, and you now have Apple as a source.
:::note
2022-12-12 15:52:00 +00:00
For more details on how-to have the new source display on the Login Page see [here ](../general#add-sources-to-default-login-page ).
2021-10-18 14:35:12 +00:00
:::