centersl/librechat.ai
1
0
Fork 0
mirror of https://github.com/LibreChat-AI/librechat.ai.git synced 2026-03-27 10:48:32 +07:00
Code Issues Packages Projects Releases Wiki Activity
Files
68922670e960554c09b854f733b27b45b19454df
librechat.ai/pages/docs/configuration/authentication/OAuth2-OIDC/apple.mdx
Ruben Talstra 68922670e9 🍎 feat: Apple auth (#204) 
* started with the docs

* Update Apple OAuth2-OIDC authentication configuration guide

Expanded and clarified the configuration process for integrating Apple OAuth2 authentication with LibreChat. Organized instructions with improved structure, added detailed steps, and included image references for better guidance. Enhanced troubleshooting section for common issues and solutions.
2025-01-31 09:51:36 -05:00

194 lines
6.7 KiB
Plaintext
Raw Blame History

---
title: Apple
description: Learn how to configure LibreChat to use Apple for user authentication.
---
# Apple
## Prerequisites
Before you begin, ensure you have the following:
- **Apple Developer Account:** If you don't have one, enroll [here](https://developer.apple.com/programs/enroll/).
---
## Creating a New App ID
### 1. Log in to the Apple Developer Console
- **Action:**
- Visit [Apple Developer](https://developer.apple.com/) and sign in with your Apple ID.
### 2. Navigate to Identifiers
- Go to **Certificates, Identifiers & Profiles**.
- Click on **Identifiers** in the sidebar.
### 3. Create a New App ID
1. Click the **"+"** button to add a new identifier.
2. Select **App IDs** and click **Continue**.
3. Choose **App** and click **Continue**.
4. Enter a **Description** for your App ID (e.g., `LibreChat App ID`).
5. Set the **Bundle ID** (e.g., `com.yourdomain.librechat`).
6. Click **Continue** and then **Register**.
- **Image References:**
- ![Create App ID](https://user-images.githubusercontent.com/5569219/59017558-6d643600-8861-11e9-927b-a4952b56f34e.png)
*Figure 1: Creating a New App ID*
- ![Select App](https://github.com/user-attachments/assets/7b67c1bb-dea0-4475-ad45-e3c13ad514d5)
*Figure 2: Selecting App Identifier*
### 4. Enable "Sign in with Apple"
1. After creating the App ID, click on it to edit.
2. Under **Capabilities**, find and check **Sign in with Apple**.
3. Click **Save**.
- **Image Reference:**
- ![Enable Sign in with Apple](https://user-images.githubusercontent.com/5569219/59017720-dea3e900-8861-11e9-898e-f486c093edd8.png)
*Figure 3: Enabling "Sign in with Apple"*
---
## Creating a Services ID
### 1. Navigate to Identifiers
- In the **Certificates, Identifiers & Profiles** section, click on **Identifiers**.
### 2. Create a New Services ID
1. Click the **"+"** button.
2. Select **Services IDs** and click **Continue**.
3. Enter a **Description** (e.g., `LibreChat Services ID`).
4. Enter an **Identifier** (e.g., `com.yourdomain.librechat.services`).
5. Click **Continue** and then **Register**.
- **Image References:**
- ![Select Services ID](https://user-images.githubusercontent.com/5569219/59017808-16ab2c00-8862-11e9-8beb-4da7bb509b0c.png)
*Figure 4: Selecting Services ID*
- ![Create Services ID](https://github.com/user-attachments/assets/cac99e43-a6d7-4fb8-890d-eabd87a60e7d)
*Figure 5: Creating Services ID*
### 3. Configure "Sign in with Apple"
1. Click on the newly created Services ID.
2. Under **Capabilities**, click **Configure** next to **Sign in with Apple**.
3. Enter your **Domains** (e.g., `your-domain.com`) and **Return URLs** (e.g., `https://your-domain.com/oauth/apple/callback`).
4. Click **Next** and then **Register**.
- **Image Reference:**
- ![Configure Sign in with Apple](https://github.com/user-attachments/assets/9309e1c1-6f98-49fc-a87d-bb5f46e200f7)
*Figure 6: Configuring "Sign in with Apple" for Services ID*
- ![Web Authentication Configuration](https://github.com/user-attachments/assets/d1ca9ad2-e555-4083-a974-b26239c9694f)
*Figure 7: Web Authentication Configuration*
- ![Web Authentication Configuration](https://github.com/user-attachments/assets/8facac9e-002f-458b-8049-63c91afc30de)
*Figure 8: Save edit Services ID Configuration*
---
## Creating a Key
### 1. Navigate to Keys
- In the **Certificates, Identifiers & Profiles** section, click on **Keys**.
### 2. Create a New Key
1. Click the **"+"** button to add a new key.
2. Enter a **Key Name** (e.g., `LibreChatSignInWithApple`).
3. Select **Sign in with Apple** under **Capabilities**.
4. Click **Configure** and select the created App ID (e.g., `com.yourdomain.librechat`), then click **Save**.
5. Click **Continue** and then **Register**.
- **Image References:**
- ![Create Key](https://github.com/user-attachments/assets/6db095dd-79dd-485d-a57a-8b1ea523b67f)
*Figure 8: Creating a New Key*
- ![Configure Key](https://github.com/user-attachments/assets/30b593ab-b8f3-4d94-b56d-1eeac1900a1f)
*Figure 9: Configuring the Key with App ID*
- ![Register a New Key](https://github.com/user-attachments/assets/91aa4d6e-9b5c-4f7c-bb1a-5980015ee15d)
*Figure 10: Registering the Key*
### 3. Download the Private Key
1. After creating the key, click **Download**.
2. **Important:** Save the `.p8` file securely. You will not be able to download it again.
3. Note the **Key ID**; you'll need it for the `.env` file.
- **Image Reference:**
- ![Download Your Key](https://github.com/user-attachments/assets/79e5aefa-9797-4fa7-bdf9-cb4b526ab3dd)
*Figure 11: Downloading the Private Key*
---
## Configuring LibreChat
### 1. Update `.env` Configuration
Add the following Apple OAuth2 configuration to your `.env` file:
```env filename=".env"
DOMAIN_CLIENT=https://your-domain.com # use http://localhost:3080 if not using a custom domain
DOMAIN_SERVER=https://your-domain.com # use http://localhost:3080 if not using a custom domain
# Apple
APPLE_CLIENT_ID=com.yourdomain.librechat.services
APPLE_TEAM_ID=YOUR_TEAM_ID
APPLE_KEY_ID=YOUR_KEY_ID
APPLE_PRIVATE_KEY_PATH=/path/to/AuthKey.p8 # Absolute path to your downloaded .p8 file
APPLE_CALLBACK_URL=/oauth/apple/callback
```
> **Note:**
> - Replace `com.yourdomain.librechat.services` with your actual Services ID.
> - Replace `YOUR_TEAM_ID` and `YOUR_KEY_ID` with the respective values from your Apple Developer account.
> - If using Docker, ensure the `.p8` file is accessible within your Docker container and update the `APPLE_PRIVATE_KEY_PATH` accordingly.
### 2. Restart LibreChat
After updating the `.env` file, restart LibreChat to apply the changes.
- **If using Docker:**
```bash
docker compose up -d
```
---
## Troubleshooting
If you encounter issues during the setup, consider the following solutions:
- **Invalid Redirect URI:**
- Ensure that the redirect URI in your Apple Developer Console (`https://your-domain.com/oauth/apple/callback`) matches exactly with the one specified in your `.env` file (`APPLE_CALLBACK_URL`).
- **Private Key Issues:**
- Verify that the path to your `.p8` file (`APPLE_PRIVATE_KEY_PATH`) is correct.
- Ensure that LibreChat has read permissions for the `.p8` file.
- **Team ID and Key ID Errors:**
- Double-check that the `APPLE_TEAM_ID` and `APPLE_KEY_ID` in your `.env` file match those in your Apple Developer Account.
- **Domain Verification Failed:**
- Ensure that the verification file is correctly uploaded to the root of your domain.
- Verify that there are no typos in the domain name entered during configuration.
- **Docker Configuration Issues:**
- If using Docker, confirm that the `.p8` file is properly mounted and the path in `APPLE_PRIVATE_KEY_PATH` is accessible within the container.
- **Check Logs:**
- Review LibreChat logs for any error messages related to Apple authentication. This can provide specific insights into what might be going wrong.
Reference in New Issue View Git Blame Copy Permalink