lilletech
commented
7 months ago Ok, i understand. You get only the name the first login. So if the settings didn't have the right scope while the first login, you have to remove your identification for the app from your apple account , remove your keycloak account and re-login.
I've imported the jar (version) 1.4.1 in my keycloak docker installation (20.0.3).
The apple provider is enabled : authentication works.
I've set the scope to : name%20email I've set the first login flow to : "first broker login".
On the first authentication, the information of mail has the following format "xxxxxxxxxx@privaterelay.appleid.com" (instead of the mail of user, i suppose for privacy reason) and the last et first name are empty.
How to automatically fill names information ?
In fact, i'm deploying an hybrid application ( an app with a webbrowser pointing to my keycloak instance) to the apple store . It's work but apple wants that i remove the step where you fill email and names. They said it's a bad experience to their user to refill informations.