Back to Details

ionic-apple-sign-in

Compare original and translation side by side

🇺🇸

Original

English
🇨🇳

Translation

Chinese

Sign in with Apple

使用Apple登录

Apple requires apps that offer any other social login (Google / Facebook / etc.) on iOS to also offer Sign in with Apple. Ship Google sign-in without it and App Review will reject the build.
Don't use this skill in a Firebase project. If your app already uses Firebase Auth, integrate Sign in with Apple via 
@capacitor-firebase/authentication
 instead. That plugin uses the same native dialog on iOS and the same Apple OAuth flow on Android, but hands the JWT directly to Firebase Auth so you don't end up running two different identity layers. Installing both 
@capacitor-community/apple-sign-in
and 
@capacitor-firebase/authentication
is wasteful and easy to misconfigure.
Use this skill when:
  • You're not on Firebase (e.g., Supabase — see 
    ../ionic-supabase/references/auth.md#native-apple-sign-in
    , or your own backend).
  • You verify the Apple JWT yourself on a custom backend.
Apple要求在iOS平台提供任意其他社交登录(Google / Facebook等)的应用,也必须提供使用Apple登录功能。如果仅上线Google登录而未提供该功能,应用审核会拒绝你的构建包。
请勿在Firebase项目中使用该技能。 如果你的应用已使用Firebase Auth,请通过
@capacitor-firebase/authentication
集成使用Apple登录。该插件在iOS上使用相同的原生弹窗,在Android上使用相同的Apple OAuth流程,并且会将JWT直接传递给Firebase Auth,避免同时运行两个不同的身份验证层。同时安装**
@capacitor-community/apple-sign-in
@capacitor-firebase/authentication
**不仅冗余,还容易配置错误。
以下场景可使用该技能:
  • 未使用Firebase(例如Supabase——详见
    ../ionic-supabase/references/auth.md#native-apple-sign-in
    ,或自有后端)。
  • 在自定义后端自行验证Apple JWT。

When to consult

参考场景

  • App ID setup + entitlement: setup.md
  • Sign-in flow + nonce verification: sign-in-flow.md
  • App ID配置 + 权限设置setup.md
  • 登录流程 + nonce验证sign-in-flow.md

Hard rules

硬性规则

  • ✅ Required if you offer Google / Facebook / Twitter / OAuth login on iOS.
  • ✅ The Apple-issued user identifier is opaque and stable per app — store it as the user's primary key.
  • ✅ Apple returns the user's name and email only on the first sign-in. If your backend doesn't capture them then, you don't get a second chance unless the user revokes and re-grants in iOS Settings → Apple ID → Sign in with Apple.
  • ✅ Generate and verify a nonce to prevent replay attacks.
  • ❌ Don't store the Apple email as the user identifier — Apple's "Hide My Email" returns a relay address that the user can change.
  • ❌ Android side: this plugin uses Apple's web flow (popup) on Android — works, but it's an OAuth web redirect, not a native dialog.
  • ✅ 若在iOS平台提供Google / Facebook / Twitter / OAuth登录,则必须提供该功能。
  • ✅ Apple颁发的用户标识符对每个应用来说是不透明且稳定的——请将其存储为用户的主键。
  • ✅ Apple仅在首次登录时返回用户的姓名和邮箱。如果后端未在此时捕获这些信息,除非用户在iOS设置→Apple ID→使用Apple登录中撤销并重新授权,否则无法再次获取。
  • ✅ 生成并验证nonce以防止重放攻击。
  • ❌ 请勿将Apple邮箱存储为用户标识符——Apple的「隐藏我的邮箱」会返回一个用户可更改的中继地址。
  • ❌ Android端:该插件在Android上使用Apple的网页流程(弹窗)——可以正常工作,但属于OAuth网页重定向,而非原生弹窗。

Library

依赖库

bash
npm install @capacitor-community/apple-sign-in
npx cap sync
bash
npm install @capacitor-community/apple-sign-in
npx cap sync