ananay
commented
3 years ago form_post is what Apple's API expects in order to give you any sensitive user info (last I checked) which is why this is hardcoded
Apple's API will not send any user information like name and email over a GET param to your server, you'll need to have a POST method on your server for this.
This example should help: https://github.com/ananay/passport-apple-example
Strategy.prototype.authorizationParams = function (options) { options.state = options.state || crypto.randomBytes(5).toString('hex'); options.response_type = "code id_token"; options.scope = "name email"; options.response_mode = "form_post"; return options; }
I wanted to use "query" response_mode and "form_post" is hardcoded.