App registration (create an App ID and then a related Service ID here)

Private Key registration (be sure to save it)

Development callback URL

Add the following configuration to your settings:

    "apple": {
        "APP": {
            # Your service identifier.
            "client_id": "",

            # The Key ID (visible in the "View Key Details" page).
            "secret": "KEYID",

             # Member ID/App ID Prefix -- you can find it below your name
             # at the top right corner of the page, or it’s your App ID
             # Prefix in your App ID.
            "key": "MEMAPPIDPREFIX",

            "settings": {
                # The certificate you downloaded when generating the key.
                "certificate_key": """-----BEGIN PRIVATE KEY-----

Note: Sign In With Apple uses a slight variation of OAuth2, which uses a POST instead of a GET. Unlike a GET with SameSite=Lax, the session cookie will not get sent along with a POST. If you encounter ‘PermissionDenied’ errors during Apple log in, check that you don’t have any 3rd party middleweare that is generating a new session on this cross-origin POST, as this will prevent the login process from being able to access the original session after the POST completes.