Sign in with Apple Credential State Failing on watchOS for Existing Users

Privacy & Security General
Karo97 OP
Created Oct ’24
Replies 1
Boosts 0
Views 197
Participants 2

Hello everyone,

I’m encountering an issue with Sign in with Apple in my watchOS app and would appreciate any guidance.

Background:

  • Initially, I did not have the Sign in with Apple capability enabled on my watchOS app.
  • I have since enabled the capability and grouped it with my iOS app.
  • For new user accounts created after this change, everything works perfectly:
  • The credentialState check returns .authorized on both iOS and watchOS.
  • However, for existing user accounts (created before enabling the capability on watchOS):
  • The credentialState check returns not authorized on watchOS.
  • The check still returns .authorized on iOS for these accounts.

Error Details:

  • When calling ASAuthorizationAppleIDProvider.credentialState(forUserID:) on watchOS for existing accounts, I receive the following error:
Error Domain=AKAuthenticationError Code=-7074 "(null)"

My Suspicions:

I believe the issue arises because the existing Sign in with Apple tokens are only associated with the iOS app’s bundle identifier and not with the watchOS app’s bundle identifier. Since the capability wasn’t enabled on the watchOS app when these accounts were created, their tokens aren’t valid for the watchOS app.

Questions:

  1. Is this the correct explanation for why the credentialState check fails on watchOS for existing accounts, resulting in the AKAuthenticationError Code=-7074 error?
  2. Can I update or migrate the existing accounts so that their Sign in with Apple tokens are valid for the watchOS app as well? If so, how can this be achieved?
  3. Are there any best practices for handling this situation without requiring users to re-authenticate or removing the credentialState check from the watchOS app?

Goal:

I want to maintain the credentialState check on the watchOS app because it works correctly for new accounts and is important for security. I’m looking for a solution that allows existing users to continue using the app on their Apple Watch without interruption or additional sign-in steps.

Any help or suggestions would be greatly appreciated!

Thank you!

Answered by DTS Engineer in 812728022

Hi @Karo97,

Configure Sign in with Apple app groups to resolve this issue for existing accounts running on watchOS. Use the existing iOS app as the primary app, and add the watchOS app as a child app.

Please see the following documentation for more information:

Configuring your environment for Sign in with Apple: Enable an App ID https://developer.apple.com/documentation/sign_in_with_apple/configuring_your_environment_for_sign_in_with_apple#3743335

Cheers,

Paris X Pinkney |  WWDR | DTS Engineer

Replies  1
Boosts  0
Views  197
Participants  2
DTS Engineer OP
Apple
2d
Recommended

Hi @Karo97,

Configure Sign in with Apple app groups to resolve this issue for existing accounts running on watchOS. Use the existing iOS app as the primary app, and add the watchOS app as a child app.

Please see the following documentation for more information:

Configuring your environment for Sign in with Apple: Enable an App ID https://developer.apple.com/documentation/sign_in_with_apple/configuring_your_environment_for_sign_in_with_apple#3743335

Cheers,

Paris X Pinkney |  WWDR | DTS Engineer

0
Sign in with Apple Credential State Failing on watchOS for Existing Users
First post date Last post date
 
 
Q