App Store RejectionGuideline 4.8Sign in with Apple

You added Google Login. Apple wants their button too.

Guideline 4.8 is non-negotiable: any app that offers a third-party login must also offer Sign in with Apple — no exceptions.

What Apple said

Your app uses a third-party login service (e.g., Google, Facebook) but does not offer Sign in with Apple as an equivalent option. Per App Store Review Guideline 4.8, apps that allow users to log in with a third-party account must also offer Sign in with Apple. Please update your app accordingly.

What this actually means

Apple requires that if your app lets users sign in with any third-party identity provider — Google, Facebook, Twitter, LinkedIn, etc. — you must also offer Sign in with Apple as an option on the same screen. This applies even if you only offer one third-party option. The Apple button must be at least as prominent as the other login buttons.

What Apple needs to see

  • A Sign in with Apple button displayed on the same login or sign-up screen as your other third-party login options
  • The Apple button must be visually equivalent in size and prominence to your other login buttons — don't bury it at the bottom
  • Successful Apple Sign-In flow that creates an account and logs the user in without errors
  • Your app's privacy policy must reflect that Apple ID authentication data is collected and how it's used
  1. 1Register your App ID in the Apple Developer Portal with the Sign in with Apple capability enabled under Certificates, Identifiers & Profiles.
  2. 2Implement the AuthenticationServices framework (iOS) or the Apple Sign In REST API to handle the authentication flow in your codebase.
  3. 3Add the Sign in with Apple button to your login screen using ASAuthorizationAppleIDButton, placing it alongside your existing Google/Facebook buttons with equal visual weight.
  4. 4Handle the credential response, store the user identifier, and gracefully manage the case where Apple hides the user's real email behind a relay address.
  5. 5Update your privacy policy on BaseTerms to explicitly mention that Sign in with Apple is available and describe what Apple ID data your app collects, then resubmit.

While you're at it — Apple also requires these pages for every app.

Fix this rejection, then make sure you're covered on the compliance side too. Apple requires every app to link to a hosted Privacy Policy, Terms of Service, Support page, and Data Deletion page. No link means another rejection — just for a different reason.

Privacy Policy
Terms of Service
Support Page
Data Deletion Page
Generate my compliance pages — FREE

Common questions

Does Guideline 4.8 apply if I only offer email/password login?
No. Guideline 4.8 only triggers when you offer a third-party login service like Google or Facebook. If you only have your own username/password system, you are not required to add Sign in with Apple.
What if my app is only for employees or a specific organization using Google SSO?
There is a narrow exception for apps used exclusively within corporate environments where users must sign in with a company's own credentials. However, consumer-facing apps that simply use Google as a convenience login do not qualify for this exception.
Can I submit a fix and get re-reviewed quickly?
Yes. This is a well-understood rejection and reviewers know exactly what to look for. Once you add the Sign in with Apple button and the flow works correctly, re-review is typically fast. Make sure the button is actually visible on the first screen the reviewer encounters.