Problem I’m trying to implement Sign in with Apple in my application. However, when my app redirects to the Apple authorization page at: https://appleid.apple.com/auth/authorize I get an invalid_client error with no further explanation. Settings I followed this article closely: [https://developer.okta.com/blog/2019/06/04/what-the-heck-is-sign-in-with-apple#generate-the-client-secret] Steps I have completed: Created an App ID and a Service ID on Apple Developer Portal. Enabled “Sign in with Apple” for both the App ID and the Service ID. Added my domain and callback URL to the Service ID configuration. (I'm using ngrok to proxy my localhost during development.) Linked an existing private key with “Sign in with Apple” capability. My identifiers: Service ID is used as client_id Team ID is taken from the top right of the Apple Developer dashboard Key ID is from the private key associated with the App Environment My backend is built with Laravel, and I'm using the [SocialiteProvider/Apple][https://socialiteproviders.com/Apple/#installation-basic-usage] library to handle the OAuth flow. I followed the recommended method to generate a client secret (JWT) for each request, using this blog post: [https://bannister.me/blog/generating-a-client-secret-for-sign-in-with-apple-on-each-request] My .env configuration looks like this: APPLE_CLIENT_ID=com.service.paxton.stockApp APPLE_TEAM_ID=25729642DK APPLE_KEY_ID=JFP9Q53ZCY APPLE_PRIVATE_KEY=storage/AppleDev-AuthKey_JFP9Q53ZCY.p8 JWT Generation I also tested generating the JWT using the Ruby script from the Okta article: [https://developer.okta.com/blog/2019/06/04/what-the-heck-is-sign-in-with-apple#generate-the-client-secret] Here is the script I used: require 'jwt' key_file = './storage/AppleDev-AuthKey_JFP9Q53ZCY.p8' team_id = '25729642DK' client_id = 'com.service.paxton.stockObserve' key_id = 'JFP9Q53ZCY' ecdsa_key = OpenSSL::PKey::EC.new IO.read key_file headers = { 'kid' => key_id } claims = { 'iss' => team_id, 'iat' => Time.now.to_i, 'exp' => Time.now.to_i + 86400*180, 'aud' => 'https://appleid.apple.com', 'sub' => client_id, } token = JWT.encode claims, ecdsa_key, 'ES256', headers puts token This JWT validates correctly. I’ve also used Apple’s public key to verify the signature, and it passed. I verified the JWT header and payload format using this helpful article: [https://fluffy.es/how-to-solve-invalid_client-error-in-sign-in-with-apple/] Third-Party Testing To eliminate mistakes in my setup, I even tried a third-party tool featured in this YouTube video: [https://youtu.be/8v01TaX1EJA?si=0jOBGBVk0R0zbmdo] Unfortunately, the result was the same — invalid_client. Question I’ve double-checked everything I can think of: keys, claims, domain whitelist, identifiers. I even verified the JWT independently. If anyone (especially someone from Apple) can help identify the missing piece, I would be truly grateful.

Our developer account was granted the com.apple.developer.mail-client by Apple ages ago, which we use for one of our apps. At the time, this entitlement was granted through a special "entitlements" drop-down on the profile creation page. In fact, the entitlement is still available to us in this manner: Unfortunately, applying the entitlement directly to the profile no longer works through the App Store Connect API. Which is a bummer because we periodically use the API to update our development and ad hoc profiles with new UDIDs. I was eventually able to get Apple to migrate the entitlement to a capability that we can instead apply to the app IDs in our account. Great! However, for some reason the "Default Mail App" capability (on the "Edit your App ID Configuration" screen) shows does NOT apply to Ad hoc profiles: Note that "Ad hoc" is missing. This means we still need to update the Ad hoc profile for the app in question manually through the Apple developer portal. This has to be a bug. It makes no sense that this specific capability doesn't apply to Ad hoc profiles. Other capabilities don't have this issue. e.g.: Another strange thing is that on the profile page for the ad hoc profile under "Enabled Capabilities" it shows "Default Mail App" (see screenshot above) but the capability/entitlement is missing from the downloaded profile unless I add it via the drop down menu on the profile page. How do I get Apple to fix this? Multiple support tickets submitted via our developer account have gone unanswered. (It took months just to get the entitlement partially migrated in the first place.)

I want to enable developer program but after submitting the enrollment I see: Your enrollment in the Apple Developer Program could not be completed at this time.

I am trying to enroll in the Apple Developer Program through the web, but I am encountering an issue. When I click "Enroll," I receive the following message: "Your enrollment in the Apple Developer Program could not be completed at this time."

I’ve contacted support two or three times already and no response. I made the payment to create my Apple Developer account on the 26th and also received the invoice that same day, but the status still shows as pending. This is quite urgent, so I’m not sure what you can do on your side to help.

I can't access my approved and verified Apple Developer account on the web and my certificates were revoked. When I sign in with the correct email and password, I am redirected to a page asking me to enroll in the Developer Program, even though I successfully enrolled and was approved months ago. Everything with Apple Developer account had been working fine for months, and the iOS App Store app confirms that my Apple Developer Program membership subscription is still active. And if I click "Enroll Today," it says my Apple ID is already associated with an "account holder of a membership." Additionally, my macOS app certificates have been revoked without any email or explanation, and I cannot create new ones due to this issue. Also I can access my developer account via iOS and macOS apps normally, but I can't access it on the web to create new certificates. This I urgent and time sensitive for me, can someone please help?

I can't enrol in apple developer program, every time i click enrol i got this message: "Your enrollement in tha Apple Developer Program could not be completed at this time"

I originally created my Apple Developer account when I was living in Canada (years ago). Now that I live in the U.S. I want to renew it, but I can't - because it thinks I'm still in Canada. When I go to change my contact information, I get a screen that says: "Unauthorized Your account can’t access this page. There may be certain requirements to view this content. If you’re a member of a developer program, make sure your Account Holder has agreed the latest license agreement." What do I do?

I'm trying to create an app that authenticates to Apple Music using MusicKit but whenever I try to build my profile through eas, I am getting this error: Provisioning profile doesn't include the com.apple.developer.music-kit entitlement. However, my provisioning profile does have MusicKit enabled.

We registered as a developer company (NGO) more than 50 days ago and it's still under review. We've already sent the documents, we've confirmed by phone, and every time we contact them we receive no information. They just tell us it's under review and there's no deadline for when this review will be completed. On the same day we registered with Apple, we registered with Google and our app has been published on Google for more than 30 days. We have no support or answers. Could someone help us to at least know a deadline for this review?

Certain entitlements require special permission from Apple like DriverKit or Screentime API/Family controls. Those entitlements are tied to the bundle IDs of the app. If those entitlements have been granted for an app from developer A (personal account) and we transfer that app to developer B (organization account), including the bundle IDs, will those bundle IDs keep the entitlement? Or will we need to re-request from the developer account B? Any insights or experiences regarding this process would be greatly appreciated.

Hi all, I’m an Admin user in an Apple Developer Program (Organization) team, but I’m unable to access Certificates, Identifiers & Profiles (CIP) on developer.apple.com. I’d like to understand what permission is missing and where it should be enabled. Context Program type: Apple Developer Program (Organization) My role in App Store Connect: Admin I can access App Store Connect normally, but CIP resources on developer.apple.com are blocked. The Account Holder can access CIP normally. What I see (Problem) In the Apple Developer portal → Certificates, Identifiers & Profiles, I get: “Access Unavailable — You currently don't have access to this membership resource. Contact your team's Account Holder or an Admin.” In Xcode → Settings → Accounts → Team, the “Certificates, Identifiers, & Profiles” section shows a red error indicator and doesn’t load. Only my account is affected; the Account Holder is not. What we’ve tried / confirmed Membership is active (renewal date is valid) Signed out/in of Xcode and re-added my Apple ID Confirmed selecting the correct Organization team in Xcode / Developer portal Account Holder confirmed they can access CIP Questions For an Organization team, what exact permission(s) are required for a member to access Certificates, Identifiers & Profiles? Where is this access controlled — App Store Connect → Users and Access vs developer.apple.com → People? If Admin in App Store Connect is not sufficient, what additional role/setting is needed to grant CIP access?

Long Story Short: I got started, and bought the apple developer account for ~ $99, and It just said me the payment was successful, and: How many days more should I be waiting ? Also one more question, would I be able to test my apps over my iphone after having an active Apple Developer Account ? Any help is much appreciated.

Does anyone know if App Store Connect (or any subset of Apple's toolsuite) has publicly available SOC 2 report? Or if there's a relevant email we can request that from. I tried security-certifications emails and got no response so it seems decently hard to find (didn't see on any searches/with aid of GPT). Thanks!

The Account Holder is no longer able to log into apple (regardless of web-based or device based attempts). The membership will expire soon without access to the account holder. Both workflows "iforgot.apple.com" and "iforgot.apple.com/unlock" did not lead to an answer email within several days. I tried several times. So we are almost out of store without any option. Hotline did not show other options. Any ideas?

Hello. My developer membership is expired. I cannot renew because the renewal option/button does not appears in any device. A banner tells me: "Any apps you had on the App Store are no longer available for download and you can no longer access membership benefits. If you’d like to renew your membership to reinstate your apps and membership benefits, open the Apple Developer app on your iPhone, iPad, or Mac. Sign in to your account, tap/click Renew, and follow the prompts.If you agreed to the Paid Applications Agreement, you’ll need to agree to it again after renewal in the Agreements, Tax and Banking section of App Store Connect." However, there's no "Renew" to tap or click anywhere in the app nor in the web. Any ideas? Thanks a lot.

We are currently experiencing the following: Developers who are invited to Appstore Connect in the "Administrator" role and are members of the development team no longer have access to the team's developer resources at https://developer.apple.com Even after deleting the user and a new invitation, there is no access to the developer resources. The problem has existed since yesterday and can be traced in several developer accounts.

ITMS-90078: Missing potentially required entitlement - Your app, or a library that’s included in your app, uses Apple Push Notification service (APNs) registration APIs, but the APS Environment Entitlement isn’t included in the app signature’s entitlements. If your app uses APNs, make sure the App ID is enabled for push notifications in Certificates, Identifiers & Profiles, sign the app with a distribution provisioning profile that includes the APS Environment Entitlement, and upload a new build to ensure that push notifications function as intended. For details, visit: https://developer.apple.com/documentation/usernotifications/registering-your-app-with-apns.

Hi Apple team, I'm integrating Sign in with Apple on my website https://roomieqindia.com using a custom Node.js backend, and I'm consistently receiving this error: invalid_client My configuration: ✅ Service ID: com.roomieq.auth ✅ Team ID: 75XVX5RXMQ ✅ Key ID: (from Apple-generated .p8 key) ✅ Private Key: (.p8 key pasted correctly in backend) ✅ App ID Selected: com.roomieq.roomieq ✅ Domain Added: roomieqindia.com ✅ Return URL: https://roomieqindia.com ✅ Clicked Done → Continue → Save after configuration Behavior: When I open this URL directly in browser: https://appleid.apple.com/auth/authorize?client_id=com.roomieq.auth&redirect_uri=https%3A%2F%2Froomieqindia.com&response_type=code%20id_token&scope=name%20email&response_mode=web_message&frame_id=ef13a755-75bb-4eef-8dd6-73bd75d6ede5&m=11&v=1.5.5 I get invalid_client. My backend uses apple-signin-auth Node.js package to: Generate the client secret (JWT) Exchange auth code for tokens Verify ID token Everything fails at step 1 because Apple doesn’t seem to recognize my Service ID as valid. What I Need: Can you please verify if: My Service ID ( com.roomieq.auth ) is fully active and recognized My App ID and Service ID are properly linked on Apple’s end There are any hidden issues with domain or return URL setup Let me know if I need to reset the Service ID or regenerate anything. Thanks in advance!

Hey everyone. This is probably the last straw I am trying to pull since I tried almost everything else. I have applied for the Apple Developer Program and the whole process started at the end of 2024. I got rejected the first time because Apple could not charge my card. It was clearly shown that the cost is $99, however, it was 106.65 Euros (I created a Revolut card with the $100 because I don't trust placing my card everywhere). I started the new process but this time I knew about the amount issue so I placed 150 Euros just to be safe. Automatic rejection with robotic AI response: "For one or more reasons, your enrollment in the Apple Developer Program couldn't be completed. We can't continue with your enrollment at this time." When I raised ticket about it I got no replies. Than both my friend and wife tried to apply for the program. Both rejected with the exact same messaging. I created a new Apple ID, new card, new everything and did everything "by the book". Again. Rejection with the same exact messaging: For one or more reasons, your enrollment in the Apple Developer Program couldn't be completed. We can't continue with your enrollment at this time... Can someone from Apple please tell me what are those reasons? I have been an Apple user for almost 10 years now. I was buying Apps from store. I am using iCloud+. Modest Citizen as some would say. What's the problem? How can I finally get to Apple Developer Program without being rejected by AI or some poor auto system?