--- title: "TN3194: Handling account deletions and revoking tokens for Sign in with Apple" framework: technotes role: article role_heading: Article path: technotes/tn3194-handling-account-deletions-and-revoking-tokens-for-sign-in-with-apple --- # TN3194: Handling account deletions and revoking tokens for Sign in with Apple Learn the best techniques for managing Sign in with Apple user sessions and responding to account deletion requests. ## Overview Overview Apps submitted to the App Store that support account creation must also let users initiate deletion of their account within the app, as of June 30, 2022. To learn more, see Offering account deletion in your app. To properly support both account creation, verification, and deletion in your app, securely store user credentials—for example, identity tokens and refresh tokens— and consider using a server infrastructure to handle token generation, validation, and revocation. Invalidate a user session The Token revocation endpoint (/auth/revoke) is the only way to programmatically invalidate user tokens associated to your developer account without user interaction. Apps using Sign in with Apple are expected to securely transmit and store tokens when integrated with a server infrastructure. This allows you to validate all user tokens received from Apple, as well as verify the user’s identity and Apple’s public key before granting access to your app or its data. Because this endpoint manages your user sessions, either a valid refresh token or access token for invalidation is required. If you don’t have the user’s refresh token, access token, or authorization code, you must still fulfill the user’s account deletion request and meet the account deletion requirement. To manually revoke the user credentials, follow the steps below: Delete the user’s account data from your systems. Direct the user to manually revoke access for your client. Respond to the credential revoked notification to revert the client to an unauthenticated state important: If the manual token revocation isn’t completed, the next time the user authenticates with your client using Sign in with Apple, they won’t be presented with the initial authorization flow to enter their full name, email address, or both. This is because the user credential state managed by Sign in with Apple remains unchanged and returns ASAuthorizationAppleIDProvider.CredentialState.authorized, which may also result in the system auth UI displaying the “Continue with Apple” button type. For more information, about displaying the button, see Sign in with Apple Button. Respond to credential revoked notifications Once the user’s credentials are revoked by Apple, your client will receive a notification signaling the revocation event: For apps using the Authentication Services framework to implement Sign in with Apple, observe the credentialRevokedNotification and use getCredentialState(forUserID:completion:) on the ASAuthorizationAppleIDProvider object to respond to credential revocation and account deletion events. For web services, if an endpoint is registered for Processing changes for Sign in with Apple accounts, Apple broadcasts a notification to the specified endpoint with the consent-revoked event type. When receiving either notification, ensure you’ve completed the following operations to meet the requirements of account deletion: Delete all user-related account data, including: The token used for token revocation; Any user-related data stored in your app servers; and Any user-related data store in the Keychain or securely on disk in the native app or locally on a web client. Revert the client to an unauthenticated state. Securely store user tokens for account creations For all new user account creations, properly store and handle the user credentials by following the authorization flow below: Securely transmit the identity token and authorization code to your app server. Verify the identity token and validate the authorization code using the /auth/token endpoint. Once the authorization code is validated, securely store the token response — including the identity token, refresh token, and access token. Validate the refresh token up to once per day with Apple servers (to manage the lifetime of your user session and for future token revocation requests), and obtain access tokens (for future token revocation, app transfer, or user migration requests). If you have questions about implementing these flows, including client authorization, token validation, or token revocation, please see the following resources: Verifying a user Creating a client secret Token validation TN3107: Resolving Sign in with Apple response errors TN3159: Migrating Sign in with Apple users for an app transfer Revision History 2025-10-03 First published. ## See Also ### Latest - [TN3210: Optimizing your app for iPhone Mirroring](technotes/tn3210-optimizing-your-app-for-iphone-mirroring.md) - [TN3211: Resolving SwiftUI source incompatibilities for State and ContentBuilder](technotes/tn3211-resolving-swiftui-source-incompatibilities-for-state-and-contentbuilder.md) - [TN3212: Adopting gesture recognizers for Sidecar touch support](technotes/tn3212-adopting-gesture-recognizers-for-sidecar-touch-support.md) - [TN3208: Preparing your app’s launch screen to meet App Store requirements](technotes/tn3208-preparing-your-apps-launch-screen-to-meet-app-store-requirements.md) - [TN3205: Low-latency communication with RDMA over Thunderbolt](technotes/tn3205-low-latency-communication-with-rdma-over-thunderbolt.md) - [TN3206: Updating Apple Pay certificates](technotes/tn3206-updating-apple-pay-certificates.md) - [TN3179: Understanding local network privacy](technotes/tn3179-understanding-local-network-privacy.md) - [TN3190: USB audio device design considerations](technotes/tn3190-usb-audio-device-design-considerations.md) - [TN3193: Managing the on-device foundation model’s context window](technotes/tn3193-managing-the-on-device-foundation-model-s-context-window.md) - [TN3115: Bluetooth State Restoration app relaunch rules](technotes/tn3115-bluetooth-state-restoration-app-relaunch-rules.md) - [TN3192: Migrating your iPad app from the deprecated UIRequiresFullScreen key](technotes/tn3192-migrating-your-app-from-the-deprecated-uirequiresfullscreen-key.md) - [TN3151: Choosing the right networking API](technotes/tn3151-choosing-the-right-networking-api.md) - [TN3111: iOS Wi-Fi API overview](technotes/tn3111-ios-wifi-api-overview.md) - [TN3191: IMAP extensions supported by Mail for iOS, iPadOS, and visionOS](technotes/tn3191-imap-extensions-supported-by-mail.md) - [TN3134: Network Extension provider deployment](technotes/tn3134-network-extension-provider-deployment.md)