If you have built a real native mobile app, the single most painful step is almost never the app itself. It is adding Apple Sign In and Google Sign In the first time. Operators who shipped construction apps and field-service apps and CRMs without trouble get stuck here for 4 hours.
This is the cheat sheet that gets you through it in 30 minutes.
Why It Used to Be Painful
The old way of adding Apple Sign In meant standing up three different systems and getting them all to agree on the same identifiers and callback URLs: your app config, the Apple Developer console, and a backend auth provider you had to configure by hand. A single mismatched URL or missing key, and sign-in failed with a generic error you had no way to trace.
With Rork, the backend piece is handled for you. Sign-in is provided through Rork Auth, the authentication layer built into every Rork app. When you ask Rork to add Google or Apple sign-in, Rork wires up the OAuth flow, the callback handling, and the user identity across your iOS, Android, and web targets. You don't configure a separate auth dashboard, paste secret keys into a backend, or maintain callback allow-lists.
That removes the part that caused most of the historical pain. What's left for Apple Sign In specifically is the one thing only you can do: prove to Apple that this is your app, using your Apple Developer account.
The two pieces you still own:
- Your Rork / Expo app config. Bundle identifier in
app.json(iOS) and applicationId inapp.json(Android). - The Apple Developer account. An App ID matching your bundle identifier, with the "Sign in with Apple" capability enabled. Apple requires this; no tool can do it on your behalf.
Get those two right, ask Rork to add the sign-in, and the flow works.
The Apple Sign In Setup
Step 1: Bundle Identifier (5 min)
In Rork, open your project's platform config. Confirm your iOS bundle identifier looks like com.yourcompany.yourapp. Write this down. This exact string has to match what you set up on Apple's side.
Step 2: Apple Developer Account (15 min)
Go to developer.apple.com. Sign in to your $99/year account.
- Certificates, Identifiers & Profiles โ Identifiers. Find or create the App ID matching your bundle identifier. Enable the "Sign in with Apple" capability checkbox. Save.
This is the step Apple requires and the most common place to get stuck. The capability has to be enabled on the App ID that matches your bundle identifier exactly.
Step 3: Ask Rork to Add Apple Sign In (5 min)
In your Rork project, tell Rork: "Add Sign in with Apple to my app." Rork enables authentication through Rork Auth, wires up the Apple OAuth flow, and adds the sign-in button to your app. You don't paste any keys or callback URLs into a backend dashboard yourself.
Test in a real device build or TestFlight, not the iOS Simulator (Apple Sign In is unreliable on the simulator). If the button signs you in, you are done.
Google Sign In
Easier than Apple, because Google doesn't require the same per-app capability setup, and Rork Auth handles the OAuth wiring.
Step 1: Confirm Your App Identifiers
Make sure your iOS bundle identifier and Android applicationId are set in your Rork project's config. That's the only identifier work you need.
Step 2: Ask Rork to Add Google Sign In
In your Rork project, tell Rork: "Add Sign in with Google to my app." Sign-in is provided through Rork Auth, which handles the Google OAuth integration across your iOS, Android, and web targets. Test on a real device.
The Errors You Are Most Likely to See
Error 1: "Sign in with Apple is not available"
You did not enable the capability on the App ID in the Apple Developer console, or the App ID doesn't match your bundle identifier. Go back, enable the capability on the right App ID, and rebuild.
Error 2: The bundle identifier doesn't match
If the bundle identifier in your Rork app config and the App ID on Apple's side aren't identical, the flow breaks. Confirm they match exactly, character-for-character.
Error 3: It works in the simulator preview but not on a real device (or vice versa)
Apple Sign In is unreliable on the iOS Simulator on some Xcode versions. Always test on a physical device or via TestFlight. If sign-in still misbehaves after the App ID and bundle identifier line up, describe the exact error back to Rork in the chat, it can adjust the integration.
What Operators Wish They Had Known
Three things:
- Test on a real device, not the simulator. Apple Sign In fails silently on the iOS Simulator on certain Xcode versions. Always test via TestFlight or a physical device.
- The Apple Developer account is the one piece Rork can't do for you. Rork handles the OAuth wiring, but Apple still requires the App ID and the "Sign in with Apple" capability under your own developer account. Set that up first.
- Apple Sign In privacy emails are real. Some users will sign in with
[email protected]. These are routed through Apple. Treat them as primary emails; never strip them.
What to Do This Week
Most operators set up Apple Sign In once and forget it. The pain is one-time. If you have an existing Rork app without Apple Sign In, block out 90 minutes one afternoon. Follow this guide. Ship it. Move on.
For the rest of the operator stack, see How to Build a Mobile CRM Your Team Will Actually Use and The ChatGPT + Rork Workflow.