Configure third-party authentication providers

Navigate to the Facebook Developer Console.

If you don’t already have an app, click on “Create App” to start the process. Follow the prompts to complete the app creation. Check Create an App for more details.

Add a product (Facebook login).

Once the App is created, go to the “Dashboard” or “App Settings” section of your app.

You will find the App ID and App Secret listed there.

Note

The App Secret is sensitive information. Be sure to keep it confidential. Don’t forget to add the app domains.

Navigate to the Google Developer console.

If you don’t already have a project, create a project and get your Google API Client ID.

Create the OAuth Client Credentials page. Add your site's domains to the Authorized JavaScript origins and Authorized redirect URIs sections.

You can also add origins and URIs for your test or staging environments, including local developer environments, but we suggest creating a second set of OAuth Client IDs for your test and developer environments.

Create or login to Apple account: sign in to the Apple Developer Portal and Join The Apple Developer Program. You will have to enable Two-Factor Authentication For Apple ID.

In your Developer Account go to Create certificates > Create Developer ID certificates > click on Certificates, Identifiers & Profiles

Make sure you are on the App IDs dropdown and click on the + button.

Select the App IDs option

Select App and Continue

Add your App description and the Bundle ID. The Bundle ID should just be something like com.myreallycoolapp

Add Sign in with Apple and click on the checkbox

Click on Edit and make sure Enable as primary App ID is selected and Save. After, click on Continue

Click on Register

Go to Certificates, Identifiers & Profiles and Click on the + button to add an Identifier

Select the Services IDs option

Then select the Continue button on the far top right of the page to create your Service ID.

Fill out the form with the name of your app under Description and your Identifier name. After you fill it out, click on Continue to verify the info entered, and click on Register to create the Service ID.

In this example the description would be My Really Cool App and your Identifier (Client ID) would be com.myreallycoolapp.appname.

The format to be used as Identifier would be [com].[your App ID name].[your app name]. Here are a few examples of how you can use your identifier: com.myreallycoolapp.web, com.myreallycoolapp.mobile, com.myreallycoolapp.desktop.

Go to Certificates, Identifiers & Profiles, and select the Services IDs filter.

Click on the Service ID you register in Step 2.

Select the Sign in with Apple checkbox, then click on Configure button to access the Sign in with Apple configurations.

Select your App ID (the one created in Step 1) from the drop-down menu and click on the + button to add your website URLs. You will need to add the domain URLs that you will be using with Sign in with Apple. This allows Apple to know which websites can have access to Sign in with Apple.

Domains and Subdomains: When entering the Domain portion of the form you will need to add a comma delimited list. You also need to make sure you remove the “https://“ from the URL and just have the domains or subdomains. We also require you to add your CDN endpoint (provided by the Delivery team) to the Domains and Subdomains (for example, myreallycoolapp.com, myreallycoolapp.myreallycoolapp.api.cdn.arcpublishing.com)

Return URLs you will need to add a required redirect URL that will handle the authentication after a user is signed in. The format will be https://{endpoint}/identity/public/v2/oidc/redirect. This does require you to have the https:// in the URL.

After you add that to the form, make sure you click Done, then Continue at the top right, and then Save.

Navigate to the Apple Developer Console to add an auth key: https://developer.apple.com/account/resources/authkeys/add

Create a name for your Private Key

Select Sign in With Apple checkbox & click Configure

Choose your Primary App ID. The one created on Step 1

You will then be brought back to the previous screen. Click on Continue, and then on Register.

On the next screen, you can download your private key. Click the “download” button. You should have a file named something like: AuthKey_U672Q22ZFQ.p8

Copy the text in the file, EXCLUDING the “-----BEGIN/END PRIVATE KEY-----” sections.

From Apple developer account, you will need to get the Team ID (see How To Find Team ID). You should be able to find it under your Membership Details.

The first step is to register your application with the authentication provider. This process typically involves creating a developer account on the provider’s platform.

Provide details like your application’s name and description, and register it to receive credentials.

As part of the application setup, you will need to specify one or more Redirect URIs. These are the URLs where the provider will send the user back to your application after authentication.

Once the application is registered, the provider will generate some settings values, such as a Client ID, depending on the provider, a Client Secret and other values.

These credentials are unique to your application and are used to authenticate your app during OIDC communication.

After completing the setup on the provider’s side and gathering all necessary information, proceed to create a new Authentication Provider in Arc XP Identity by selecting the OIDC type.

In the image below, you’ll see an option to select either Standard or Apple. Choose the option that corresponds to your provider.

Fill out the form using the details you’ve collected.