Add Apple's new single-signon feature to your site with ease.

Fund package maintenance!

Installs: 376 541

Dependents: 0

Suggesters: 0

Security: 0

Stars: 429

Watchers: 9

Forks: 65

0.7.0 2023-02-26 15:15 UTC

This package is auto-updated.

Last update: 2024-03-26 17:38:49 UTC



Supporting This Package

This is an MIT-licensed open source project with its ongoing development made possible by the support of the community. If you'd like to support this, and our other packages, please consider sponsoring us via the button above.

We thank the following sponsors for their generosity, please take a moment to check them out:

Table of Contents


  • PHP 7.3+
  • Laravel 8.0+
  • Socialite 5.0+
  • Apple Developer Subscription



  1. Install the composer package:

    composer require genealabs/laravel-sign-in-with-apple

    We also recommend using geneaLabs/laravel-socialiter to automatically manage user resolution and persistence:

    composer require genealabs/laravel-socialiter


  1. Create an App ID for your website ( with the following details:

    • Platform: iOS, tvOS, watchOS (I'm unsure if either choice has an effect for web apps)
    • Description: (something like " app id")
    • Bundle ID (Explicit): (or something similar)
    • Check "Sign In With Apple"
  2. Create a Service ID for your website ( with the following details:

    • Description: (something like " service id")
    • Identifier: com.example.service (or something similar)
    • Check "Sign In With Apple"
    • Configure "Sign In With Apple":
      • Primary App Id: (select the primary app id created in step 1)
      • Web Domain: (the domain of your web site)
      • Return URLs: (the route pointing to the callback method in your controller)
      • Click "Save".
      • Click the "Edit" button to edit the details of the "Sign In With Apple" configuration we just created.
      • If you haven't verified the domain yet, download the verification file, upload it to, and then click the "Verify" button.
  3. Create a Private Key for your website ( with the following details:

    • Key Name:
    • Check "Sign In With Apple"
    • Configure "Sign In With Apple":
      • Primary App ID: (select the primary app id created in step 1)
      • Click "Save"
    • Click "Continue"
    • Click "Register"
    • Click "Download"
    • Rename the downloaded file to key.txt
  4. Create your app's client secret:

    • Install the JWT Gem:

      sudo gem install jwt
    • Create a file called client_secret.rb to process the private key:

      require 'jwt'
      key_file = 'key.txt'
      team_id = ''
      client_id = ''
      key_id = ''
      ecdsa_key = key_file
      headers = {
      'kid' => key_id
      claims = {
          'iss' => team_id,
          'iat' =>,
          'exp' => + 86400*180,
          'aud' => '',
          'sub' => client_id,
      token = JWT.encode claims, ecdsa_key, 'ES256', headers
      puts token
    • Fill in the following fields:

      • team_id: This can be found on the top-right corner when logged into your Apple Developer account, right under your name.
      • client_id: This is the identifier from the Service Id created in step 2 above, for example com.example.service
      • key_id: This is the identifier of the private key created in step 3 above.
    • Save the file and run it from the terminal. It will spit out a JWT which is your client secret, which you will need to add to your .env file in the next step.

      ruby client_secret.rb
  5. Set the necessary environment variables in your .env file:

    SIGN_IN_WITH_APPLE_CLIENT_ID="your app's service id as registered with Apple"
    SIGN_IN_WITH_APPLE_CLIENT_SECRET="your app's client secret as calculated in step 4"



Add the following blade directive to your login page:

@signInWithApple($color, $hasBorder, $type, $borderRadius)
Parameter Definition
$color String, either "black" or "white.
$hasBorder Boolean, either true or false.
$type String, either "sign-in" or "continue".
$borderRadius Integer, greater or equal to 0.


This implementation uses Socialite to get the login credentials. The following is an example implementation of the controller:


namespace App\Http\Controllers\Auth;

use App\Http\Controllers\Controller;
use GeneaLabs\LaravelSocialiter\Facades\Socialiter;
use Laravel\Socialite\Facades\Socialite;

class AppleSigninController extends Controller
    public function __construct()

    public function login()
        return Socialite::driver("sign-in-with-apple")
            ->scopes(["name", "email"])

    public function callback(Request $request)
        // get abstract user object, not persisted
        $user = Socialite::driver("sign-in-with-apple")
        // or use Socialiter to automatically manage user resolution and persistence
        $user = Socialiter::driver("sign-in-with-apple")

Note that when processing the returned $user object, it is critical to know that the sub element is the unique identifier for the user, NOT the email address. For more details, visit



Commitment to Quality

During package development I try as best as possible to embrace good design and development practices, to help ensure that this package is as good as it can be. My checklist for package development includes:

  • ✅ Achieve as close to 100% code coverage as possible using unit tests.
  • ✅ Eliminate any issues identified by SensioLabs Insight and Scrutinizer.
  • ✅ Be fully PSR1, PSR2, and PSR4 compliant.
  • ✅ Include comprehensive documentation in
  • ✅ Provide an up-to-date which adheres to the format outlined at
  • ✅ Have no PHPMD or PHPCS warnings throughout all code.


Please observe and respect all aspects of the included Code of Conduct.

Reporting Issues

When reporting issues, please fill out the included template as completely as possible. Incomplete issues may be ignored or closed if there is not enough information included to be actionable.

Submitting Pull Requests

Please review the Contribution Guidelines. Only PRs that meet all criterium will be accepted.

If you ❤️ open-source software, give the repos you use a ⭐️.

We have included the awesome symfony/thanks composer package as a dev dependency. Let your OS package maintainers know you appreciate them by starring the packages you use. Simply run composer thanks after installing this package. (And not to worry, since it's a dev-dependency it won't be installed in your live environment.)