Configure allowed native apps
App clients allow you to create and configure specific settings for different consumers and platforms for your app, including mobile apps and Unity games. Essentially, they are restrictions around your publishable key and where it can be used.
To add a native app origin, go to Account Management > Configuration > Security in the dashboard, and find the publishable key you want to configure.
Allowed app identifiers format
To enforce secure usage of your publishable key, configure Openfort to restrict which apps can use your key based on application identifiers. An empty list means all requests are denied. You must configure at least one application identifier to use the React Native SDK, Unity SDK, or Swift SDK.
Use the unique value that identifies your app in the Apple App Store or Google Play Store.
-
For iOS apps, this is the bundleIdentifier.
-
For Android apps, this is the package.
ios"iOS": { "bundleIdentifier": "com.myorg.app" }
Use your project's bundle identifier, which you can find under the Identity section of your app's target file. It uses reverse domain format, like com.myorg.app.
Apple OAuth Client ID override
If your application uses Apple as a social login method, you can specify a different client ID depending on which environment your application runs in. To use Apple login on an iOS app, the Client ID must be the Apple OAuth bundleId. All other platforms require the Client ID to be the Identifier of the Sign in with Apple service.
Copy your project's bundle identifier, which you can find under the Identity section of your app's target file. It uses reverse domain format, like com.myorg.app.
Allowed URL schemes
To use Openfort's social login flows for Apple or Google, you must register the URL scheme for your application with Openfort, for example myapp://.
To register your URL scheme, copy your application's URL scheme from app.json or app.config.ts and register it in the app client settings.
First, register your URL scheme in your Xcode project. If you're unsure how, follow these steps. Then, use the URL scheme you registered in the app client settings.
Apple OAuth Client ID override
If your application uses Apple as a social login method, you can specify a different client ID depending on which environment your application runs in. To use Apple login on an iOS app, the Client ID must be the Apple OAuth bundleId. All other platforms require the Client ID to be the Identifier of the Sign in with Apple service.
For non-web platforms, set up deep linking with your allowed URL scheme.