We use Sign In With Apple in our games. Is it up to the client to handle refreshing the Apple id token? Is there a recommended approach for this? We’re considering using the Sign In With Apple system to authenticate once, and then using a custom device id from there on. Seems difficult for a client to manage the apple refresh token what with the rate limiting.
Hey @00jknight yes the token is most commonly obtained/refreshed on the client. I’m not sure what platform you are using but there will be an Apple SDK that lets you obtain it.
I am not sure I follow your approach of authenticating and then using a custom device ID. I would not recommend that.
Once you authenticate to Nakama using your Apple token you’ll have a Nakama session that is valid for some time including a refresh token that is valid potentially for days. This lifetime duration is configurable.
The session and can be stored securely on your client. So you shouldn’t be making frequent calls to Apple for your token.