Apple Nonce

POST 
/api/v1/auth/apple/nonce

Generate a server-side nonce for Apple Sign-In replay protection.

Clients should call this before initiating Apple Sign-In, then pass the returned nonce to the Apple SDK. The nonce claim in the resulting identity token will be validated server-side during token exchange.

Rate limited: 10/min per IP.

Request

Responses

200

OK

401

Unauthorized

403

Forbidden

404

Not Found

422

Validation Error

429

Too Many Requests