Apple-managed identity tokens
E818780
Apple-managed identity tokens are secure, Apple-issued JSON Web Tokens (JWTs) that convey a user’s verified identity information to apps and websites integrating Sign in with Apple.
Statements (52)
| Predicate | Object |
|---|---|
| instanceOf |
Apple security token
ⓘ
JSON Web Token ⓘ identity token ⓘ |
| associatedWith |
Apple ID
NERFINISHED
ⓘ
Apple ID authentication flow ⓘ |
| compatibleWith | OpenID Connect identity tokens ⓘ |
| containsClaim |
aud
ⓘ
email ⓘ email_verified ⓘ exp ⓘ iat ⓘ is_private_email ⓘ iss ⓘ nonce ⓘ sub ⓘ |
| conveys |
email verification status
ⓘ
issued-at time ⓘ nonce value ⓘ subject identifier ⓘ token audience information ⓘ token expiration time ⓘ token issuer information ⓘ user email address ⓘ user identifier ⓘ |
| deliveredVia |
authorization response from Apple
ⓘ
token endpoint response from Apple ⓘ |
| documentation | Sign in with Apple developer documentation ⓘ |
| format | JWT ⓘ |
| issuedBy | Apple NERFINISHED ⓘ |
| lifecycle | short-lived ⓘ |
| partOf | Sign in with Apple OpenID Connect implementation ⓘ |
| platform |
iOS
ⓘ
macOS ⓘ tvOS NERFINISHED ⓘ watchOS NERFINISHED ⓘ web ⓘ |
| privacyProperty |
can contain private relay email addresses
ⓘ
limit information shared with apps ⓘ |
| requires |
client identifier registration with Apple
ⓘ
validation of audience by relying party ⓘ validation of expiration time ⓘ validation of issuer by relying party ⓘ |
| scope |
third-party apps
ⓘ
third-party websites ⓘ |
| securedBy | Apple private keys ⓘ |
| usedFor |
Sign in with Apple
NERFINISHED
ⓘ
authenticating users to apps ⓘ authenticating users to websites ⓘ conveying verified user identity information ⓘ |
| verificationMethod |
JWT signature verification
ⓘ
claim validation ⓘ |
| verifiedWith | Apple public keys ⓘ |
Referenced by (1)
Full triples — surface form annotated when it differs from this entity's canonical label.