-
Notifications
You must be signed in to change notification settings - Fork 198
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Revoking Apple Sign-In Authentication Tokens from Apple Server Upon User Deletion in AWS Amplify #3564
Comments
@Sushants2789 Thanks for creating this issue. I will follow up with the service team and get an answer for you. |
Hi @harsh62 , Do you have any update on this issue? |
@Sushants2789 I am still working with the service team to get an answer for this issue. |
@Sushants2789 I have a confirmation from the Cognito team that this is indeed the intended behaviour. Cognito does not maintain an active connection with any IdP outside of the duration of the federation authentication. There is this thread that very nicely explains how to handle this scenario in your app. Let us know if you have any more questions. |
Hi @harsh62 , Thank you for providing the answers and the reference link. Is there any way I can obtain the latest token and authorization code to call the revoke Apple API endpoint before the user deletes their account? As mentioned, if the user doesn't manually delete their account from setting or if we don't call the endpoint, the next time the user tries to register, AWS Amplify shows an error stating missing name and email attributes. |
You will need to map the Following are the steps when deleting a user:
|
Hi @harsh62 , Thanks for the response. One more question in order to revoke we need one more required parameter which is client_secret . Where can I get that? Is it also available or I need to map the same in custom attributes |
@Sushants2789 Note: Use the same information for TeamId and AppId or ServicesId, that has been provided to Cognito. |
This issue is now closed. Comments on closed issues are hard for our team to see. |
Describe the bug
I am currently utilizing the Apple Sign-In function in my application through the hosted WebUI in AWS Amplify. Additionally, I have implemented the delete user account feature. However, despite using the delete user API (
Amplify.Auth.deleteUser()
), the user's account is not fully removed from the Apple Server.Steps To Reproduce
Expected behavior
Upon initiating account deletion through the application, the user's account should be fully removed from the Apple Server, and the app should no longer appear under the settings: On your iPhone, go to Settings, then tap your name, tap "Sign-In & Security," then tap "Sign in with Apple.
Amplify Framework Version
2.27.0
Amplify Categories
Auth
Dependency manager
Swift PM
Swift version
5.8
CLI version
12.10.0
Xcode version
15.1
Relevant log output
Is this a regression?
Yes
Regression additional context
No response
Platforms
iOS
OS Version
iOS 17.0
Device
All iPhone Devices
Specific to simulators
No response
Additional context
No response
The text was updated successfully, but these errors were encountered: