The Apple ID REST API for exchanging authorization codes or refresh tokens for access tokens requires a client secret in the form of a signed JWT. This simple library will generate the signed JWT using minimal configuration.
Implementation based on Generate and Validate Tokens documentation from Apple and built using the jsonwebtoken package from Auth0.
$ npm install @praveentcom/siwa-client-secretor
$ yarn add @praveentcom/siwa-client-secretimport { createClientSecret } from "@praveentcom/siwa-client-secret"
const clientSecret: string = createClientSecret({
keyId: "{key ID from Apple}",
bundleId: "com.example",
teamId: "{team ID frmo Apple}",
privateKey: `-----BEGIN PRIVATE KEY-----
{your}
{private}
{key}
-----END PRIVATE KEY-----`;
});This project is licensed under the MIT license. See the LICENSE file for more info.
This project was originally forked from @maxschmeling's [repository] (https://github.com/maxschmeling/apple-id-client-secret) since the repository was not maintained to fix vulnerabilities and recent # with Apple enhancements.