Apple Login Integration Kit

Integrating Sign in with Apple into your application

To complete your Sign in with Apple integration, create an SP connection or adapter mapping and then add a sign-on hyperlink to your application.

Steps

  1. If your application is outside the PingFederate domain, configure a service provider (SP) connection.

    1. Create an SP connection that uses your IdP adapter instance as shown in SP connection management and Mapping an adapter instance in the PingFederate documentation.

    2. In your web application, create a hyperlink to allow users to sign on to the SP application. Use the following URL and replace the variables based on the descriptions in the following table.

      https://pf_host:pf_port/idp/startSSO.ping?PartnerSpId=ConnectionId

      Variable Description

      <pf_host>

      The host name or IP address of the PingFederate server.

      <pf_port>

      The port number for PingFederate.

      <ConnectionId>

      The federation identifier of the SP for the connection that uses the Apple IdP Adapter instance.

    3. Brand your link with a Sign in with Apple button. For instructions, see Sign in with Apple Buttons in the Apple Developer documentation.

  2. If your application is inside the PingFederate domain, configure an adapter-to-adapter mapping.

    1. On the System → Protocol Settings → Roles & Protocols tab, select the Enable Identity Provider (IdP) role and support for the following and Enable Service Provider (SP) role and support for the following check boxes.

    2. In both the Enable Identity Provider and Enable Service Provider sections, select any protocol check box, such as SAML 2.0. Click Save.

      PingFederate requires a protocol selection to activate the roles. The protocol that you select is not used for this integration.

    3. On the Service Provider → Adapters tab, create or select an adapter instance that is integrated with the application as shown in SP application integration settings in the PingFederate documentation.

    4. On the Identity Provider → Adapter-to-Adapter Mappings tab, configure the IdP-to-SP adapter mapping as shown in Adapter-to-adapter mappings in the PingFederate documentation.

    5. In your web application, create a hyperlink to allow users to sign on to the SP application. Use the following URL and replace the variables based on the descriptions in the table below:

      https://pf_host:pf_port/pf/adapter2adapter.ping?IdpAdapterId=IdpAdapterId&SpSessionAuthnAdapterId=SpAdapterId

      Variable Description

      <pf_host>

      The host name or IP address of the PingFederate server.

      <pf_port>

      The port number for PingFederate.

      <IdpAdapterId>

      The instance ID of the Apple IdP Adapter instance.

      <SpAdapterId>

      The instance ID of the SP adapter instance that has been integrated with the application.

    6. Brand your link with a Sign in with Apple button. For instructions, see Sign in with Apple Buttons in the Apple Developer documentation.