Anda juga dapat menggunakan template email kustom, jika aplikasi Anda memilikinya.
Mematuhi persyaratan data anonim Apple
Apple memberi pengguna opsi untuk membuat data miliknya anonim, termasuk alamat email. Apple menetapkan alamat email yang di-obfuscate dengan domain privaterelay.appleid.com kepada pengguna yang memilih opsi ini.
Aplikasi Anda harus mematuhi kebijakan atau persyaratan developer yang berlaku dari Apple
terkait ID Apple anonim. Hal ini termasuk memperoleh izin pengguna sebelum mengaitkan informasi identitas pribadi (PII) apa pun dengan ID Apple anonim. Tindakan yang melibatkan PII mencakup, tetapi tidak terbatas pada:
Menautkan alamat email ke ID Apple anonim, atau sebaliknya.
Menautkan nomor telepon ke ID Apple anonim, atau sebaliknya
Menautkan kredensial sosial non-anonim, seperti Facebook atau Google, ke ID Apple anonim, atau sebaliknya.
Untuk informasi selengkapnya, lihat Apple Developer Program License Agreement
untuk akun developer Apple Anda.
Mengonfigurasi Apple sebagai penyedia
Untuk mengonfigurasi Apple sebagai penyedia identitas:
Buka halaman Identity Providers di Google Cloud console.
Masukkan ID Layanan, ID tim Apple, ID Kunci, dan
Kunci pribadi.
Daftarkan domain aplikasi Anda dengan mengklik Tambahkan domain di bagian Authorized domains. Untuk tujuan pengembangan, localhost sudah
diaktifkan secara default.
Di bagian Konfigurasi aplikasi Anda, klik Android. Salin
cuplikan ke dalam kode aplikasi Anda untuk melakukan inisialisasi SDK klien
Identity Platform.
Klik Simpan.
Memproses login pengguna dengan SDK klien
Buat instance objek penyedia OAuthProvider, menggunakan ID apple.com:
Opsional: Tambahkan cakupan OAuth. Cakupan menentukan data yang Anda
minta dari Apple. Data yang lebih sensitif mungkin memerlukan cakupan
tertentu. Secara default, jika One account per email address diaktifkan, Identity Platform akan meminta cakupan email dan name.
Opsional: Lokalkan alur autentikasi. Anda dapat menentukan bahasa,
atau menggunakan bahasa default perangkat:
Java
// Localize the Apple authentication screen in French.provider.addCustomParameter("locale","fr");
Kotlin
// Localize the Apple authentication screen in French.provider.addCustomParameter("locale","fr");
Buat pengguna login dengan Identity Platform.
Periksa apakah respons sudah ada dengan memanggil
startActivityForSignInWithProvider():
Java
mAuth=FirebaseAuth.getInstance();Task<AuthResult>pending=mAuth.getPendingAuthResult();if(pending!=null){pending.addOnSuccessListener(newOnSuccessListener<AuthResult>(){@OverridepublicvoidonSuccess(AuthResultauthResult){Log.d(TAG,"checkPending:onSuccess:"+authResult);// Get the user profile with authResult.getUser() and// authResult.getAdditionalUserInfo(), and the ID// token from Apple with authResult.getCredential().}}).addOnFailureListener(newOnFailureListener(){@OverridepublicvoidonFailure(@NonNullExceptione){Log.w(TAG,"checkPending:onFailure",e);}});}else{Log.d(TAG,"pending: null");}
Kotlin
valpending=auth.pendingAuthResultif(pending!=null){pending.addOnSuccessListener{authResult->
Log.d(TAG,"checkPending:onSuccess:$authResult")// Get the user profile with authResult.getUser() and// authResult.getAdditionalUserInfo(), and the ID// token from Apple with authResult.getCredential().}.addOnFailureListener{e->
Log.w(TAG,"checkPending:onFailure",e)}}else{Log.d(TAG,"pending: null")}
Proses login menempatkan Aktivitas Anda di latar belakang, yang berarti sistem
dapat mengklaimnya kembali selama alur autentikasi. Memeriksa apakah hasil sudah ada atau belum mencegah pengguna harus login dua kali.
Jika tidak ada hasil yang tertunda, panggil
startActivityForSignInWithProvider():
Tidak seperti banyak penyedia identitas lainnya, Apple tidak menyediakan URL foto.
Jika pengguna memilih untuk tidak membagikan email aslinya kepada aplikasi Anda, Apple akan menyediakan
alamat email unik untuk dibagikan oleh pengguna tersebut. Email ini berbentuk
xyz@privaterelay.appleid.com. Jika Anda mengonfigurasi layanan relay email
pribadi, Apple akan meneruskan email yang dikirim ke alamat anonim ke alamat email
asli pengguna.
Apple hanya membagikan informasi pengguna, seperti nama tampilan, kepada aplikasi saat
pengguna login untuk pertama kalinya. Pada umumnya, Identity Platform menyimpan data
ini, yang memungkinkan Anda mengambilnya menggunakan firebase.auth().currentUser.displayName
selama sesi mendatang. Namun, jika Anda mengizinkan pengguna login ke aplikasi menggunakan Apple sebelum berintegrasi dengan Identity Platform, informasi pengguna tidak akan tersedia.
[[["Mudah dipahami","easyToUnderstand","thumb-up"],["Memecahkan masalah saya","solvedMyProblem","thumb-up"],["Lainnya","otherUp","thumb-up"]],[["Sulit dipahami","hardToUnderstand","thumb-down"],["Informasi atau kode contoh salah","incorrectInformationOrSampleCode","thumb-down"],["Informasi/contoh yang saya butuhkan tidak ada","missingTheInformationSamplesINeed","thumb-down"],["Masalah terjemahan","translationIssue","thumb-down"],["Lainnya","otherDown","thumb-down"]],["Terakhir diperbarui pada 2025-09-04 UTC."],[[["\u003cp\u003eThis guide outlines how to integrate "Sign in with Apple" functionality into your Android application using Identity Platform.\u003c/p\u003e\n"],["\u003cp\u003eYou must configure your app on the Apple Developer site, including registering a Return URL, temporarily hosting a verification file, and obtaining your Services ID, Apple team ID, key ID, and private key.\u003c/p\u003e\n"],["\u003cp\u003eTo configure Apple as an identity provider, you'll need to add Apple as a provider in the Google Cloud console and input the necessary credentials, such as your Services ID, Apple team ID, key ID, and private key.\u003c/p\u003e\n"],["\u003cp\u003eWhen implementing sign-in, you can customize the authentication flow by adding specific OAuth scopes to request user data, and also can localize the authentication screen.\u003c/p\u003e\n"],["\u003cp\u003eIf a user chooses to anonymize their data, Apple will use a unique email address in the format \u003ccode\u003exyz@privaterelay.appleid.com\u003c/code\u003e, which you must comply with by not associating PII with the anonymized Apple ID without user consent.\u003c/p\u003e\n"]]],[],null,["# Signing in users with Apple on Android\n======================================\n\nThis document shows you how to use Identity Platform to add *Sign in with Apple*\nto your Android app.\n\nBefore you begin\n----------------\n\n- Create an Android app that uses Identity Platform.\n\n- Join the [Apple Developer Program](https://developer.apple.com/programs).\n\nConfiguring your app with Apple\n-------------------------------\n\nOn the Apple Developer site:\n\n1. Follow the steps in [Configure Sign in with Apple for the web](https://developer.apple.com/help/account/configure-app-capabilities/configure-sign-in-with-apple-for-the-web).\n This includes:\n\n 1. Registering a *Return URL*, which looks like:\n\n ```\n https://project-id.firebaseapp.com/__/auth/handler\n ```\n 2. Temporarily hosting a file at the following URL to verify your domain:\n\n ```\n https://project-id.firebaseapp.com/.well-known/apple-developer-domain-association.txt\n ```\n\n Additionally, take note of your *Services ID* and *Apple team ID* --- you'll\n need them in the next section.\n2. [Use an Apple private key to create a sign in](https://developer.apple.com/help/account/configure-app-capabilities/create-a-sign-in-with-apple-private-key).\n You'll need the *key* and its *ID* in the next section.\n\n3. If you use Identity Platform to send emails to your users,\n [configure your project with Apple's private email relay service](https://developer.apple.com/help/account/configure-app-capabilities/configure-private-email-relay-service)\n using the following email:\n\n ```\n noreply@project-id.firebaseapp.com\n ```\n\n You can also use a custom email template, if your app has one.\n\nComplying with Apple's anonymized data requirements\n---------------------------------------------------\n\nApple gives users the option of anonymizing their data, including\ntheir email address. Apple assigns users who select this option an obfuscated\nemail address with the domain `privaterelay.appleid.com`.\n\nYour app must comply with any applicable developer policies or terms from Apple\nregarding anonymized Apple IDs. This includes obtaining user consent before\nassociating any personally identifying information (PII) with an anonymized\nApple ID. Actions that involve PII include, but are not limited to:\n\n- Linking an email address to an anonymized Apple ID, or vice versa.\n- Linking a phone number to an anonymized Apple ID, or vice versa\n- Linking a non-anonymous social credential, such as Facebook or Google, to to anonymized Apple ID, or vice versa.\n\nFor more information, refer to the *Apple Developer Program License Agreement*\nfor your Apple developer account.\n\nConfiguring Apple as a provider\n-------------------------------\n\nTo configure Apple as an identity provider:\n\n1. Go to the **Identity Providers** page in the Google Cloud console.\n\n [Go to the Identity Providers page](https://console.cloud.google.com/customer-identity/providers)\n2. Click **Add a Provider**.\n\n3. Select **Apple** from the list.\n\n4. Under **Platform** , select **Android**.\n\n5. Enter your **Services ID** , **Apple team ID** , **Key ID** , and\n **Private key**.\n\n6. Register your app's domains by clicking **Add domain** under\n **Authorized domains** . For development purposes, `localhost` is already\n enabled by default.\n\n | **Important:** In projects created after April 28, 2025, Identity Platform no longer includes `localhost` as an authorized domain by default. Google strongly discourages the use of `localhost` in production projects. If you choose to authorize `localhost`, you can manually add it in the **Settings** page, in **Authorized Domains** , by clicking **Add Domain**.\n7. Under **Configure your application** , click **Android**. Copy the\n snippet into your app's code to initialize the Identity Platform\n client SDK.\n\n8. Click **Save**.\n\nSigning in users with the client SDK\n------------------------------------\n\n1. Create an instance of the `OAuthProvider` provider object, using the\n ID `apple.com`:\n\n ### Java\n\n OAuthProvider.Builder provider = OAuthProvider.newBuilder(\"apple.com\");\n\n ### Kotlin\n\n val provider = OAuthProvider.newBuilder(\"apple.com\")\n\n2. **Optional:** Add OAuth scopes. Scopes specify what data you are\n requesting from Apple. More sensitive data may require specific\n scopes. By default, when **One account per email address** is enabled,\n Identity Platform requests the `email` and `name` scopes.\n\n ### Java\n\n List\u003cString\u003e scopes =\n new ArrayList\u003cString\u003e() {\n {\n add(\"email\");\n add(\"name\");\n }\n };\n provider.setScopes(scopes);\n\n ### Kotlin\n\n provider.setScopes(arrayOf(\"email\", \"name\"))\n\n3. **Optional:** Localize the authentication flow. You can specify a language,\n or use the device's default language:\n\n ### Java\n\n // Localize the Apple authentication screen in French.\n provider.addCustomParameter(\"locale\", \"fr\");\n\n ### Kotlin\n\n // Localize the Apple authentication screen in French.\n provider.addCustomParameter(\"locale\", \"fr\");\n\n4. Sign in the user with Identity Platform.\n\n | **Note:** When a user signs in, Identity Platform takes control of your UI and opens a [Custom Chrome Tab](https://developer.chrome.com/multidevice/android/customtabs). Because of this, you shouldn't reference your Activity in the `OnSuccessListener` and `OnFailureListener` listeners; they will immediately detach when the authentication operation starts.\n 1. Check if a response is already present by calling\n `startActivityForSignInWithProvider()`:\n\n ### Java\n\n mAuth = FirebaseAuth.getInstance();\n Task\u003cAuthResult\u003e pending = mAuth.getPendingAuthResult();\n if (pending != null) {\n pending.addOnSuccessListener(new OnSuccessListener\u003cAuthResult\u003e() {\n @Override\n public void onSuccess(AuthResult authResult) {\n Log.d(TAG, \"checkPending:onSuccess:\" + authResult);\n // Get the user profile with authResult.getUser() and\n // authResult.getAdditionalUserInfo(), and the ID\n // token from Apple with authResult.getCredential().\n }\n }).addOnFailureListener(new OnFailureListener() {\n @Override\n public void onFailure(@NonNull Exception e) {\n Log.w(TAG, \"checkPending:onFailure\", e);\n }\n });\n } else {\n Log.d(TAG, \"pending: null\");\n }\n\n ### Kotlin\n\n val pending = auth.pendingAuthResult\n if (pending != null) {\n pending.addOnSuccessListener { authResult -\u003e\n Log.d(TAG, \"checkPending:onSuccess:$authResult\")\n // Get the user profile with authResult.getUser() and\n // authResult.getAdditionalUserInfo(), and the ID\n // token from Apple with authResult.getCredential().\n }.addOnFailureListener { e -\u003e\n Log.w(TAG, \"checkPending:onFailure\", e)\n }\n } else {\n Log.d(TAG, \"pending: null\")\n }\n\n Signing in puts your Activity in the background, which means the system\n can reclaim it during the authentication flow. Checking if a result is\n already present prevents the user from having to sign in twice.\n 2. If there's no pending result, call\n `startActivityForSignInWithProvider()`:\n\n ### Java\n\n mAuth.startActivityForSignInWithProvider(this, provider.build())\n .addOnSuccessListener(\n new OnSuccessListener\u003cAuthResult\u003e() {\n @Override\n public void onSuccess(AuthResult authResult) {\n // Sign-in successful!\n Log.d(TAG, \"activitySignIn:onSuccess:\" + authResult.getUser());\n FirebaseUser user = authResult.getUser();\n // ...\n }\n })\n .addOnFailureListener(\n new OnFailureListener() {\n @Override\n public void onFailure(@NonNull Exception e) {\n Log.w(TAG, \"activitySignIn:onFailure\", e);\n }\n });\n\n ### Kotlin\n\n auth.startActivityForSignInWithProvider(this, provider.build())\n .addOnSuccessListener { authResult -\u003e\n // Sign-in successful!\n Log.d(TAG, \"activitySignIn:onSuccess:${authResult.user}\")\n val user = authResult.user\n // ...\n }\n .addOnFailureListener { e -\u003e\n Log.w(TAG, \"activitySignIn:onFailure\", e)\n }\n\nUnlike many other identity providers, Apple does not provide a photo URL.\n\nIf a user chooses not to share their real email with your app, Apple provisions\na unique email address for that user to share instead. This email takes the form\n`xyz@privaterelay.appleid.com`. If you configured the private email relay\nservice, Apple forwards emails sent to the anonymized address to the user's real\nemail address.\n\nApple only shares user information, such as display names, with apps the\nfirst time a user signs in. In most cases, Identity Platform stores this\ndata, which lets you fetch it using `firebase.auth().currentUser.displayName`\nduring future sessions. However, if you allowed users to sign into your app\nusing Apple before integrating with Identity Platform, user information\nis not available.\n\nWhat's next\n-----------\n\n- Learn more about [Identity Platform users](/identity-platform/docs/concepts-manage-users).\n- Sign in users with [other identity providers](/identity-platform/docs/how-to#signing-in-users)."]]