Firebase Delete User who signed it with apple correclty

ios firebase flutter firebase-authentication apple-sign-in

120

Solution 1

so... Apple does not provide this service. But I found a workaround.

My sign in process:

1. Check if user signed in before

  // Create an `OAuthCredential` from the credential returned by Apple.
  final oauthCredential = OAuthProvider("apple.com").credential(
    idToken: appleCredential.identityToken,
    rawNonce: rawNonce,
  );

  // If you can not access the email property in credential,
  // means that user already signed in with his appleId in the application once before
  bool isAlreadyRegistered = appleCredential.email == null;

Now to the crucial part:

2. sign in user and check if that uid already exists in Firebase

  final UserCredential result =
      await FirebaseAuth.instance.signInWithCredential(
    oauthCredential,
  );

  isAlreadyRegistered = await BackendService.checkIfUserIdExists(
    result.user?.uid ?? '',
  );

checkIfUserIdExists is quite simple as well:

  static Future<bool> checkIfUserIdExists(String userId) async {
    try {
      var collectionRef = FirebaseFirestore.instance.collection(
        BackendKeys.users,
      );

      var doc = await collectionRef.doc(userId).get();
      return doc.exists;
    } on FirebaseException catch (e) {
      return false;
    }
  }

Solution 2

Apple and some other 3rd party identity provider do not provide APIs to do so commonly.

Access to those data may lead to privacy issue, for e.g., a malicious app can remove the authorization information after access to user profile.

But if you want to do a "graceful" logout, you can ask your users to logout from iOS Settings, and listen to the server-to-server notification for revoking.

120

Author by

Chris

Updated on January 04, 2023

Comments

Chris over 1 year

I have implemented the Sign-In-With-Apple with Firebase. And I also have the functionality to delete a user. This is what I do:

  static Future<bool> deleteUser(BuildContext context) async {
    try {
      await BackendService().deleteUser(
        context,
      );

      await currentUser!.delete(); // <-- this actually deleting the user from Auth

      Provider.of<DataProvider>(context, listen: false).reset();

      return true;
    } on FirebaseException catch (error) {
      print(error.message);
      AlertService.showSnackBar(
        title: 'Fehler',
        description: error.message ?? 'Unbekannter Fehler',
        isSuccess: false,
      );
      return false;
    }
  }

As you can see I delete all the users data and finally the user himself from auth.

But Apple still thinks I am using the App. I can see it inside my Settings:

Also when trying to sign in again with apple, it acts like I already have an account. But I just deleted it and there is nothing inside Firebase that says that I still have that account? How can I completely delete an Apple user from Firebase? What am I missing here?

Chris about 2 years

That‘s exactly my question: how can I delete the user from apple settings ? The user should not have to do that by themselves.
Pragma about 2 years

I don't think Apple will let you access the user's Apple ID settings over Firebase. The question asked in the link below as "unlinking the Apple ID" but no useful answers so far. developer.apple.com/forums/thread/691537 So the best solution might just be guiding users to delete their Apple ID logins themselves.
Chino Chang almost 2 years

So how can your answer solve But Apple still thinks I am using the App?
Chris almost 2 years

@ChinoChang it's a workaround. In for my case the above solution works perfeclty fine. The user does not have to delete the Profile in settings. But deleting the app acocunt and signing in again works with this.