It's a bit strange and I've created a support topic at Apple already. But perhaps somebody from the community can help me.

After creating the app, service id and key and implementing all at the first time, I authenticated against Apple and they wanted to create a new account with my email. The authentication was successful and all went fine. Afterwards I've revoked the app from "Sign in with Apple" from my apple id to test again the sign up process. But then they don't ask my to create an account with that email address, they try to login with my apple id but then I get an error because the email address on the access token request is only popluated at the first request (when I create an account).

Anyone from the community had this behaviour before?

Thanks in advance!

Acceptance Criteria

• When a user revokes the app's access and re-authenticates, Apple treats it as a new sign-in — the package handles this re-registration flow correctly
• When Apple notifies that user access has been revoked (server-to-server notification), the package handles the revocation event
• On re-authentication after revocation, the package correctly identifies the existing user by email rather than creating a duplicate account
• Application can hook into the revocation event to log out or deactivate the user
• Revocation is not confused with a login failure

Test Coverage

• Unit test: revocation notification is parsed and dispatched as an event
• Integration test: application listener receives the revocation event with correct user data
• Integration test: re-authentication after revocation links back to existing user record by email (no duplicate account created)

WSJF Priority Score

• Score: 2.13
• User/Business Value: 7
• Time Criticality: 8
• Risk Reduction/Opportunity Enablement: 8
• Calculation: (7 + 8 + 8) ÷ size