Sign In With Apple

If your app or website supports Sign In With Apple, you must configure the same in Apple developer configuration to ensure your emails are delivered to users with Apple Relay IDs (ending with @privaterelay.appleid.com). Otherwise, your emails will either get bounced or quarantined by the Apple Relay Service, which means that users with the Apple Relay Email IDs will not see your email in their mailboxes. For more information, refer to Sign In With Apple.

Signing-in with Apple

With the release of iOS 13, Apple introduced a feature called Sign in with Apple that allows users to authenticate or sign in to websites and apps that support signing in with Apple IDs. Hide My Email is a privacy feature available since this release, where users who do not prefer to reveal their email addresses to a service can hide it from the service by creating app-specific email addresses. These email addresses are called Apple private relay email addresses and are available in the following format: <unique-alphanumeric-string>@privaterelay.appleid.com>

For more information, refer to Hide My Email.

How do Apple Relay IDs work?

If users do not prefer revealing their email addresses to a service, they can hide them by creating app-specific email addresses, termed "Apple private relay" email addresses". In this case, the service has visibility to the Apple Relay ID alone and can use the same for email communication. When emails are sent to these Apple relay addresses, they are automatically forwarded to the user's mailboxes.

info

Note

Suppose the sender tries to send an email to a different private relay address not associated with their service. In that case, the email will get bounced with the reason listed as 'unauthorized sender'. This ensures that spam emails do not reach the user's mailbox, even if the private relay address gets shared.

Apple Developer Configuration

To ensure the emails are delivered to users using their app-specific email addresses, Apple has laid out a set of steps that senders/developers must perform to deliver emails successfully.

The format of the sign-in Apple address is bounces+12345@mail.example.com, where 12345 is your SendGrid account ID, and mail.example.com is the authenticated domain in your SendGrid account.

Do the following:

Navigate to Settings -> Sender Authentication -> Domain Authentication
Copy your Sign In With your Apple Address
Navigate to Certificates, Identifiers & Profiles in your Apple Developer Account. For more information, refer to Apple Resources.
Select More in the sidebar and Configure Sign In With Apple.
Paste the copied address under Individual Email Addresses.
Click Register. You're now ready to send to Apple relay addresses.

Note: If you have multiple domains set up in your Sendgrid account, you must add each.

For a MoEngage-SendGrid account, contact your CSM or mail support@moengage.com for the "Sign In With Apple" address that needs to be added to your Apple developer account.

Navigate to Certificates, Identifiers & Profiles in your Apple Developer Account. For more information, refer to Apple Resources.
Click Services in the sidebar.
Click Configure under Sign in with Apple for Email Communication.
In the Email Sources section, click the add button (+).
Enter a comma-delimited list of return-path/envelope domains that will be used for email communication. You can find the return path address by doing the following:
1. 1. Send an email to yourself (preferably to a Gmail ID)
  2. Click on the tiny inverted triangle symbol below the sender ID, as shown below.
  3. Look for the mailed-by field in the header information. This is the return path/envelope domain for your sending domain.
Click Next.
Confirm the email sources entered and click Register.
The table will display if the registered email source passed an SPF check.

For a MoEngage-SES account, reach out to your CSM or mail support@moengage.com for the "Sign In With Apple" address that needs to be added to your Apple developer account.