This page is a step-by-step guide for the process of opening and setting up an external application in Apple as part of the Site Setup process, to enable the "Sign In with Apple" option on your social login widget.
If your site is defined under one of Customer Data Cloud's non-US data centers, replace domain references to (http:// or https://) " socialize.gigya.com " (or " socialize.us1.gigya.com ") with "socialize.<DC>.gigya.com ". Where <DC> is the region of your Data center (e.g., " socialize.eu1.gigya.com " for European Data center).
Domain references are defined in the Console , externally in social network app definition pages, and when using the SAP Customer Data Cloud SDKs to set the domain (in particular the APIDomain field in class GSRequest ).
When using any 3rd Party Apps with SAP Customer Data Cloud, it is important to ensure that you Enable retrieving user contacts from the Permissions page of the Console prior to making your app live. This enables the user's contacts retrieval from providers that don't consider this an elevated permission.
Phase 1 - Create Your App
- To enable web login using Apple, follow the instructions located at https://help.apple.com/developer-account/#/dev1c0e25352. You can also check out Apple's Getting Started guide. Save your Client ID and Secret for the next step.
Phase 2 - Configure Apple Sign in the SAP Customer Data Cloud Console
- Open the Providers Configuration page of the Console.
- Select Apple from the list of providers.
- In the dialog that appears, from the Apple app configuration page still open from Phase 1, copy and paste the relevant information into the corresponding fields of the dialog.
- Sevices ID: See Apple documentation.
- Key ID: See Apple documentation.
- Team ID: This is the identifier of the ‘Apple developer account’. Can be found in the Membership section of Apple' developer portal.
- Important: The Sandbox and Live credentials are different, ensure you are copying the keys from the Live version of your app.
- Be sure to check the Enable CName box, if you are using a CName in your app's Return URL field from Phase 1 (above).
- Select Secure redirects only to allow only HTTPS redirects from Apple.
- Click OK to close the dialog.
- Press the Save Settings button in the lower-right of the Providers Configurations page.
That's it, Apple configuration is complete! Please note that it can take from up to 3 hours for configurations made in Apple to become synchronized.
If you have issues getting your app to function properly due to entering an incorrect Return URL during the initial app setup, it is often more effective to create a new app, being sure to enter the correct Return URL at setup, then waiting on Apple to synchronize a change.
Sending Email to Apple ID Accounts
To be able to send account related emails to Apple ID email addresses, you must set up a local mail server that SAP Customer Data Cloud can use to send these emails. To begin, you need to complete the following steps.
Additional information regarding private emails: https://developer.apple.com/documentation/signinwithapplejs/communicating_using_the_private_email_relay_service
Sending an Email From Your Domain
There are cases when you may need to send SAP Customer Data Cloud emails to your users from your own domain name and not the SAP Customer Data Cloud server. If that is the case, notify SAP Customer Data Cloud via the Support tab in the Console.
The steps you then need to perform are as follows:
- Provide SAP Customer Data Cloud with the IP or IP's of your email server or servers.,
- Provide SAP Customer Data Cloud with the server credentials (i.e., username and password).
- Provide SAP Customer Data Cloud with at least one email From address.
- This needs to match the email address(es) that you will configure in the email template headers of the SAP Customer Data Cloud Console. It can be a valid address, e.g., firstname.lastname@example.org or an invalid address, e.g., email@example.com, however, it must match what you configure in the console (so the emails are routed correctly).
- Let SAP Customer Data Cloud know if your server(s) use a port other than 25 for SMTP.
SAP Customer Data Cloud will then provide you with information to complete the setup process:
- You will receive a list of DNS records related to SPF and/or DKIM to create on your DNS service.
- You will receive a list of IPs of the mail servers that will forward the emails to your SMTP server that you will need to add to your whitelist, if using one.
Changes To Email Templates
Be sure to update the header information in any email templates you have created to reflect the changes (if necessary). If you are using SAP Customer Data Cloud placeholders, these will update automatically.
It is important to note:
- Server based changes such as these are global for the account (domain/DNS record) and can not be restricted to any single API key.
- Changing the From address of your email templates without first completing the steps outlined above will have no effect on the server that sends the emails and will only allow users to reply to your specified From address.
If you are using email forwarding (SMTP relay) to send emails from your own servers, make sure to whitelist the relevant IP addresses. For an updated list, see Whitelisting Gigya IP Addresses.
DMARC is only applicable when using your own SMTP mail servers, so is not relevant/supported when sending emails through SAP Customer Data Cloud servers.
Apple Email Server Verification
Once your mail server is set up you then need to authorize your server with Apple. See the following link to complete Apple verification.
For more information on configuring your Apple application, see:
Apple only returns an email for the user in the very first (initial) login response to your application for that user. Any additional logins performed by the user will NEVER receive an email address from Apple for the user on logging into your app. This may be an important caveat if you have any flows that require a valid email address to login. For any other flows that require an email, be sure to call getUserInfo after the user logs in so you can access the user's previously stored email address.