--- description: Learn how to implement Apple Sign-In in your Capacitor app using the Apple Sign-In plugin on Android, iOS, and Web. title: How to Sign In with Apple Using Capacitor - Capawesome image: https://capawesome.io/docs/assets/images/social/blog/how-to-sign-in-with-apple-using-capacitor.png --- [ Skip to content](#how-to-sign-in-with-apple-using-capacitor) [ πŸ” Introducing the **Capacitor Vault** plugin β€” store secrets behind biometrics or a device passcode.](/blog/announcing-the-capacitor-vault-plugin/) * [ SDKs ](/docs/sdks/) * [ Formbricks ](/docs/sdks/capacitor/formbricks/) * [ Geocoder ](/docs/sdks/capacitor/geocoder/) * [ Google Sign-In ](/docs/sdks/capacitor/google-sign-in/) * [ Grafana Faro ](/docs/sdks/capacitor/grafana-faro/) * [ libSQL ](/docs/sdks/capacitor/libsql/) * [ Live Update ](/docs/sdks/capacitor/live-update/) * [ Managed Configurations ](/docs/sdks/capacitor/managed-configurations/) * [ Media Session ](/docs/sdks/capacitor/media-session/) * [ ML Kit ](/docs/sdks/capacitor/mlkit/) * [ Navigation Bar ](/docs/sdks/capacitor/navigation-bar/) * [ NFC ](/docs/sdks/capacitor/nfc/) * [ OAuth ](/docs/sdks/capacitor/oauth/) * [ Pedometer ](/docs/sdks/capacitor/pedometer/) * [ Photo Editor ](/docs/sdks/capacitor/photo-editor/) * [ PostHog ](/docs/sdks/capacitor/posthog/) * [ Printer ](/docs/sdks/capacitor/printer/) * [ Purchases ](/docs/sdks/capacitor/purchases/) * [ RealtimeKit ](/docs/sdks/capacitor/realtimekit/) * [ Screen Orientation ](/docs/sdks/capacitor/screen-orientation/) * [ Screenshot ](/docs/sdks/capacitor/screenshot/) * [ Secure Preferences ](/docs/sdks/capacitor/secure-preferences/) * [ Speech Recognition ](/docs/sdks/capacitor/speech-recognition/) * [ Speech Synthesis ](/docs/sdks/capacitor/speech-synthesis/) * [ Share Target ](/docs/sdks/capacitor/share-target/) * [ Square Mobile Payments ](/docs/sdks/capacitor/square-mobile-payments/) * [ SQLite ](/docs/sdks/capacitor/sqlite/) * [ Superwall ](/docs/sdks/capacitor/superwall/) * [ Torch ](/docs/sdks/capacitor/torch/) * [ Vault ](/docs/sdks/capacitor/vault/) * [ Wifi ](/docs/sdks/capacitor/wifi/) * [ Zip ](/docs/sdks/capacitor/zip/) * [ Cordova ](/docs/sdks/cordova/) * [ Cloud ](/docs/cloud/) * [ Integrations ](/docs/cloud/live-updates/integrations/) * Concepts * Reference * [ Troubleshooting ](/docs/cloud/live-updates/troubleshooting/) * [ FAQ ](/docs/cloud/live-updates/faq/) * [ Native Builds ](/docs/cloud/native-builds/) * [ Set Up Environments ](/docs/cloud/native-builds/environments/) * [ Overwrite Native Configurations ](/docs/cloud/native-builds/native-configurations/) * [ Auto-Increment Build Numbers ](/docs/cloud/native-builds/auto-incrementing-build-numbers/) * [ Configure the Web Build Script ](/docs/cloud/native-builds/web-build-script/) * [ Build from a Monorepo ](/docs/cloud/native-builds/monorepo/) * [ Use pnpm or Yarn ](/docs/cloud/native-builds/package-managers/) * [ Install Private npm Packages ](/docs/cloud/native-builds/npm-private-registry/) * [ Override the Java Version ](/docs/cloud/native-builds/override-java-version/) * [ Custom iOS Provisioning Profiles ](/docs/cloud/native-builds/custom-ios-provisioning-profiles/) * [ Build without Git ](/docs/cloud/native-builds/build-without-git/) * [ Access Git Behind a Firewall ](/docs/cloud/native-builds/firewall-access/) * [ Integrations ](/docs/cloud/native-builds/integrations/) * Reference * [ Troubleshooting ](/docs/cloud/native-builds/troubleshooting/) * [ FAQ ](/docs/cloud/native-builds/faq/) * [ App Store Publishing ](/docs/cloud/app-store-publishing/) * [ Submit a Build ](/docs/cloud/app-store-publishing/submit-a-build/) * [ Submit Automatically After a Build ](/docs/cloud/app-store-publishing/submit-automatically/) * [ Troubleshooting ](/docs/cloud/app-store-publishing/troubleshooting/) * [ FAQ ](/docs/cloud/app-store-publishing/faq/) * [ Automations ](/docs/cloud/automations/) * [ Reference ](/docs/cloud/automations/reference/) * [ Troubleshooting ](/docs/cloud/automations/troubleshooting/) * [ FAQ ](/docs/cloud/automations/faq/) * [ Assist ](/docs/cloud/assist/) * [ CLI ](/docs/cloud/cli/) * APIs and SDKs * [ Webhooks ](/docs/cloud/webhooks/) * [ Integrations ](/docs/cloud/integrations/) * Account * [ Organization ](/docs/cloud/organizations/) * [ Two-Factor Enforcement ](/docs/cloud/organizations/two-factor-authentication/) * [ Audit Logs ](/docs/cloud/organizations/audit-logs/) * [ Billing ](/docs/cloud/organizations/billing/) * [ License Keys ](/docs/cloud/license-keys/) * [ AI ](/docs/ai/) * [ Insiders ](/docs/insiders/) * [ Billing & Plans ](/docs/insiders/billing-and-plans/) * [ FAQ ](/docs/insiders/faq/) * [ License ](https://capawesome.io/legal/eula/) * [ Support ](/docs/support/) * [ Contributing ](/docs/contributing/) * Contributing code * [ Code of Conduct ](/docs/contributing/code-of-conduct/) * [ Questions ](https://docs.github.com/en/discussions/collaborating-with-your-community-using-discussions/participating-in-a-discussion#creating-a-discussion) * [ Blog ](/blog/) * Categories * [ Configuring Your Capacitor App ](#configuring-your-capacitor-app) * [ Implementing the Sign-In Flow ](#implementing-the-sign-in-flow) * [ Bonus: Verifying the Identity Token on the Backend ](#bonus-verifying-the-identity-token-on-the-backend) * [ Conclusion ](#conclusion) * Related links # How to Sign In with Apple Using Capacitor[ΒΆ](#how-to-sign-in-with-apple-using-capacitor "Permanent link") Sign in with Apple lets users authenticate with their Apple ID, offering a privacy-focused alternative to other social logins. Apple requires apps that offer third-party sign-in to also support Sign in with Apple. The [Capacitor Apple Sign-In plugin](/docs/sdks/capacitor/apple-sign-in/) provides a straightforward way to integrate Apple Sign-In into your Ionic or Capacitor app on Android, iOS, and web. This guide walks you through setting up the required credentials, configuring the plugin for each platform, and implementing the sign-in flow. [ ![Build and deploy your Capacitor app with Capawesome Cloud](../../assets/external/cloud.capawesome.io/assets/banners/cloud-build-and-deploy-capacitor-apps.69628c3f.png) ](/) ## Prerequisites[ΒΆ](#prerequisites "Permanent link") Before you begin, make sure you have the following: * An **Apple Developer Program** membership with access to the [Apple Developer Portal](https://developer.apple.com/). * A **Capacitor app** with the [Capacitor Apple Sign-In plugin](/docs/sdks/capacitor/apple-sign-in/) installed. To install the plugin, please refer to the [Installation](/docs/sdks/capacitor/apple-sign-in/#installation) section in the plugin documentation. ## Setting Up Apple Developer Credentials[ΒΆ](#setting-up-apple-developer-credentials "Permanent link") ### Creating an App ID[ΒΆ](#creating-an-app-id "Permanent link") If you haven't already, you need to create an App ID with the "Sign in with Apple" capability enabled: 1. Go to the [Apple Developer Portal](https://developer.apple.com/) and navigate to **Certificates, Identifiers & Profiles** \> **Identifiers**. 2. Click the **+** button to create a new identifier and select **App IDs**. 3. Select **App** as the type and click **Continue**. 4. Enter a **Description** (e.g. `My Capacitor App`) and a **Bundle ID** that matches your iOS app (e.g. `com.example.app`). 5. Scroll down to the **Capabilities** section, check **Sign in with Apple**, and click **Continue**. 6. Review the details and click **Register**. ### Creating a Service ID (Android and Web)[ΒΆ](#creating-a-service-id-android-and-web "Permanent link") On Android and web, Apple Sign-In uses a web-based OAuth flow. You need a Service ID to identify your app in this flow: 1. In the Apple Developer Portal, navigate to **Certificates, Identifiers & Profiles** \> **Identifiers**. 2. Click the **+** button, select **Services IDs**, and click **Continue**. 3. Enter a **Description** (e.g. `My Capacitor App - Web`) and an **Identifier** (e.g. `com.example.app.web`). This identifier will be used as the `clientId` when initializing the plugin. 4. Click **Continue**, then **Register**. 5. Click on the newly created Service ID and check **Sign in with Apple**. 6. Click **Configure** next to Sign in with Apple. 7. Under **Domains and Subdomains**, add the domain where your app is hosted (e.g. `example.com`). Enter just the domain without a protocol or trailing slash. 8. Under **Return URLs**, add the redirect URL that the plugin will use after authentication (e.g. `https://example.com/callback`). The URL must use the `https://` scheme. 9. Click **Save**, then **Continue**, and **Save** again. ## Configuring Your Capacitor App[ΒΆ](#configuring-your-capacitor-app "Permanent link") ### Android[ΒΆ](#android "Permanent link") No additional configuration is required on Android beyond installing the plugin. ### iOS[ΒΆ](#ios "Permanent link") On iOS, you need to add the "Sign in with Apple" capability in Xcode: 1. Open your project in Xcode by running `npx cap open ios`. 2. Select your app target and navigate to the **Signing & Capabilities** tab. 3. Click **\+ Capability** and search for **Sign in with Apple**. 4. Add the capability. Xcode will automatically update your entitlements file. ### Web[ΒΆ](#web "Permanent link") No additional configuration is required on Web beyond installing the plugin. ## Implementing the Sign-In Flow[ΒΆ](#implementing-the-sign-in-flow "Permanent link") ### Initializing the Plugin[ΒΆ](#initializing-the-plugin "Permanent link") On Android and web, you need to initialize the plugin before calling any other method. Use [initialize(...)](/docs/sdks/capacitor/apple-sign-in/#initialize) and pass the **Service ID** you created earlier as the `clientId`: `[](#%5F%5Fcodelineno-0-1)import { AppleSignIn } from '@capawesome/capacitor-apple-sign-in'; [](#%5F%5Fcodelineno-0-2) [](#%5F%5Fcodelineno-0-3)const initialize = async () => { [](#%5F%5Fcodelineno-0-4) await AppleSignIn.initialize({ [](#%5F%5Fcodelineno-0-5) clientId: 'com.example.app.web', // Your Service ID from the Apple Developer Portal [](#%5F%5Fcodelineno-0-6) }); [](#%5F%5Fcodelineno-0-7)}; ` On iOS, initialization is not required because the plugin uses the native Sign in with Apple framework directly. ### Signing In[ΒΆ](#signing-in "Permanent link") Use the [signIn(...)](/docs/sdks/capacitor/apple-sign-in/#signin) method to start the Apple Sign-In flow. You can request scopes for the user's name and email: `[](#%5F%5Fcodelineno-1-1)import { AppleSignIn, SignInScope } from '@capawesome/capacitor-apple-sign-in'; [](#%5F%5Fcodelineno-1-2) [](#%5F%5Fcodelineno-1-3)const signIn = async () => { [](#%5F%5Fcodelineno-1-4) const result = await AppleSignIn.signIn({ [](#%5F%5Fcodelineno-1-5) redirectUrl: 'https://example.com/callback', // Only required on Android and Web [](#%5F%5Fcodelineno-1-6) scopes: [SignInScope.Email, SignInScope.Name], [](#%5F%5Fcodelineno-1-7) }); [](#%5F%5Fcodelineno-1-8) console.log('Identity token:', result.identityToken); [](#%5F%5Fcodelineno-1-9) console.log('Authorization code:', result.authorizationCode); [](#%5F%5Fcodelineno-1-10) console.log('User ID:', result.userId); [](#%5F%5Fcodelineno-1-11) console.log('Email:', result.email); [](#%5F%5Fcodelineno-1-12) console.log('Given name:', result.givenName); [](#%5F%5Fcodelineno-1-13) console.log('Family name:', result.familyName); [](#%5F%5Fcodelineno-1-14)}; ` Warning Apple only returns the user's name and email on the **first** sign-in. Subsequent sign-ins will not include this information, so make sure to store it on your backend after the initial authentication. ### Handling Errors[ΒΆ](#handling-errors "Permanent link") If the user cancels the sign-in flow, the plugin throws an error with the code `SIGN_IN_CANCELED`. You can handle this to distinguish between user cancellation and actual errors: `[](#%5F%5Fcodelineno-2-1)import { AppleSignIn, SignInScope } from '@capawesome/capacitor-apple-sign-in'; [](#%5F%5Fcodelineno-2-2) [](#%5F%5Fcodelineno-2-3)const signIn = async () => { [](#%5F%5Fcodelineno-2-4) try { [](#%5F%5Fcodelineno-2-5) const result = await AppleSignIn.signIn({ [](#%5F%5Fcodelineno-2-6) scopes: [SignInScope.Email, SignInScope.Name], [](#%5F%5Fcodelineno-2-7) }); [](#%5F%5Fcodelineno-2-8) console.log('Identity token:', result.identityToken); [](#%5F%5Fcodelineno-2-9) } catch (error: any) { [](#%5F%5Fcodelineno-2-10) if (error.code === 'SIGN_IN_CANCELED') { [](#%5F%5Fcodelineno-2-11) console.log('User canceled sign-in'); [](#%5F%5Fcodelineno-2-12) } else { [](#%5F%5Fcodelineno-2-13) console.error('Sign-in failed:', error); [](#%5F%5Fcodelineno-2-14) } [](#%5F%5Fcodelineno-2-15) } [](#%5F%5Fcodelineno-2-16)}; ` ## Bonus: Verifying the Identity Token on the Backend[ΒΆ](#bonus-verifying-the-identity-token-on-the-backend "Permanent link") The `identityToken` returned by [signIn(...)](/docs/sdks/capacitor/apple-sign-in/#signin) is a JSON Web Token (JWT) signed by Apple. You should always verify it on your backend before trusting the information. This ensures the token was actually issued by Apple and hasn't been tampered with. To verify the token, fetch Apple's public keys from `https://appleid.apple.com/auth/keys` and validate the JWT signature and claims. Here's an example using the [jose](https://github.com/panva/jose) library for Node.js: `[](#%5F%5Fcodelineno-3-1)import { createRemoteJWKSet, jwtVerify } from 'jose'; [](#%5F%5Fcodelineno-3-2) [](#%5F%5Fcodelineno-3-3)const APPLE_JWKS_URL = new URL('https://appleid.apple.com/auth/keys'); [](#%5F%5Fcodelineno-3-4)const jwks = createRemoteJWKSet(APPLE_JWKS_URL); [](#%5F%5Fcodelineno-3-5) [](#%5F%5Fcodelineno-3-6)const verifyIdentityToken = async (identityToken: string) => { [](#%5F%5Fcodelineno-3-7) const { payload } = await jwtVerify(identityToken, jwks, { [](#%5F%5Fcodelineno-3-8) issuer: 'https://appleid.apple.com', [](#%5F%5Fcodelineno-3-9) audience: 'com.example.app', [](#%5F%5Fcodelineno-3-10) }); [](#%5F%5Fcodelineno-3-11) console.log('User ID:', payload.sub); [](#%5F%5Fcodelineno-3-12) console.log('Email:', payload.email); [](#%5F%5Fcodelineno-3-13)}; ` The `audience` should match your app's **Bundle ID** (for tokens from iOS) or your **Service ID** (for tokens from Android and web). If your app uses both, verify against both values. ## Conclusion[ΒΆ](#conclusion "Permanent link") In this guide, we covered how to set up Apple Sign-In in a Capacitor app using the [Capacitor Apple Sign-In plugin](/docs/sdks/capacitor/apple-sign-in/). From creating App IDs and Service IDs in the Apple Developer Portal to configuring platform-specific settings and implementing the sign-in flow, the plugin handles the complexity across Android, iOS, and web so you can focus on building your app. Explore the complete [API Reference](/docs/sdks/capacitor/apple-sign-in/#api) to see all available methods and options. Have suggestions or questions? [Create an issue](https://github.com/capawesome-team/capacitor-plugins/issues/new/choose) in our [GitHub repository](https://github.com/capawesome-team/capacitor-plugins). Stay connected with us on [X](https://x.com/capawesomeio) and subscribe to our [newsletter](/newsletter/) for the latest updates. June 8, 2026 Back to top