Apple Guideline 4.8 requires that Sign in with Apple be offered whenever any other social login (Google, Facebook, Twitter) is available in an iOS app. Violation causes rejection. Beyond the guideline, Apple mandates use of its official button component (AppleAuthenticationButton) with approved styles — a custom-colored button that calls the Apple auth API but renders as a blue pill violates the Human Interface Guidelines and triggers rejection during review. CWE-284 (Improper Access Control) applies when the requirement is absent entirely: users who want Apple's privacy-preserving login (hide-my-email) are denied that option, pushing them toward more data-exposing alternatives.
High because offering any third-party login on iOS without Sign in with Apple causes automatic rejection under Guideline 4.8, blocking all users from the app.
Replace any custom sign-in button with the official Expo component:
import * as AppleAuthentication from 'expo-apple-authentication';
<AppleAuthentication.AppleAuthenticationButton
buttonType={AppleAuthentication.AppleAuthenticationButtonType.SIGN_IN}
buttonStyle={AppleAuthentication.AppleAuthenticationButtonStyle.BLACK}
cornerRadius={5}
style={{ width: '100%', height: 44 }}
onPress={handleAppleSignIn}
/>
Do not wrap this in a custom TouchableOpacity or restyle it — Apple validates button authenticity during review. Ensure the Sign in with Apple button is the same height and visual weight as any Google or Facebook login button on the same screen. Enable the Sign in with Apple capability in ios/[AppName].entitlements and in App Store Connect under the app's capabilities before submission.
app-store-metadata-listing.platform-specific.sign-in-apple-buttonhigh@invertase/react-native-apple-authentication or expo-apple-authentication in package.json; SignInWithAppleButton component imports; appleAuth.performRequest() calls; expo.ios.usesAppleSignIn: true in app.json. If Sign in with Apple is present, examine the button implementation: (a) Apple requires that the "Sign in with Apple" button use Apple's official button — either the AppleButton component from @invertase/react-native-apple-authentication or AppleAuthentication.AppleAuthenticationButton from expo-apple-authentication. Using a custom-styled button that mimics the appearance of the Apple sign-in button but is not the official component is a policy violation. (b) Check that the button's buttonStyle prop uses a valid Apple-defined style (BLACK, WHITE, WHITE_OUTLINE) rather than a custom color. (c) If other social login providers (Google, Facebook) are present, Sign in with Apple is required on iOS — check that it is present alongside other providers, not absent. (d) Apple's Human Interface Guidelines require that the Sign in with Apple button be at least as prominent as any other social login button on the same screen. Count all instances found and enumerate each."Sign in with Apple implemented with a custom TouchableOpacity instead of AppleAuthentication.AppleAuthenticationButton — this violates Apple's guidelines and causes rejection" or "Google Sign-In present but no Sign in with Apple found — required for iOS apps with third-party login options".import * as AppleAuthentication from 'expo-apple-authentication';
<AppleAuthentication.AppleAuthenticationButton
buttonType={AppleAuthentication.AppleAuthenticationButtonType.SIGN_IN}
buttonStyle={AppleAuthentication.AppleAuthenticationButtonStyle.BLACK}
cornerRadius={5}
style={{ width: 200, height: 44 }}
onPress={handleAppleSignIn}
/>