Cognito Identity Pool - Integrate Apple provider with App AND Web

Question

According to https://docs.aws.amazon.com/cognito/latest/developerguide/apple.html:

If you use Sign in with Apple with native iOS applications, enter the BundleID [...] Or if you use Sign in with Apple with web or other applications, enter the service ID".

However, we are integrating the Identity Pool with both, App & Web. So, if we add the bundle Id as the 'Apple Service ID', it works only for App, but if we put the Service ID instead, it only works for Web. There doesn't seem to be a way to add more than one Service ID.

How can we integrate with both, an iOS App and Web?

Answer 1

If anyone still is looking, one solution is to create SIWA as an OpenID Connect Provider depending on what you need.

Amazon does recommend this for Google on multiple platforms and there is this documentation which shows you how to do it for "accounts.google.com" but it actually works if you set up the provider as "appleid.apple.com" and add both the Bundle ID and the Service ID as an audience for the brand new identity provider.

Answer 2

After raising this with AWS, they notified me that they only support one Apple provider per identity pool at this time.

They then asked if we could use multiple identity pools for integrating both app, and web. For that I'll need to see wider implications to our application.