Create authentication Apple Messages message types

Authentication Message Templates are a secure method to authenticate the identity of your customers within Apple Business Messages. This process utilizes OAuth2 authentication to ensure interactions are both secure and verified.

Message Components

Message Received

This is the initial message your customers will receive, prompting them for authentication.

  • Prompt Message: Craft a clear and concise message that informs the customer they need to authenticate their identity. For example, "Please authenticate your identity to continue."

  • Image/Logo [Optional]: Include an image or logo related to your business or the authentication process to enhance trust and recognition.

  • Call to Action (CTA): A button or link that directs the customer to the authentication process. This could be phrased as "Authenticate Now" or "Verify Identity".

Message Replied

This message confirms the customer's action of initiating the authentication process.

  • Confirmation Message: After the customer clicks on the authentication link, send a confirmation message such as "Authentication in progress. Please follow the instructions in your browser."

  • Follow-Up Instructions [Optional]: If necessary, provide additional instructions or information on what the customer should expect next.

How to set up authentication for Apple Business Messages

  1. Go to the Apple Business Register and sign in.

  2. Select Messages for Business Accounts (MBA) to access your accounts.

  3. Choose the MBA for which you want to set up authentication.

  4. Locate the 'Integrated OAuth2 Authentication' setting and edit it.

  5. Input the OAuth URL, Token URL, and Client Identifier.

  6. Save your configuration and await Apple's approval.

  7. Upon approval, go to Bird > Channels and locate your Apple Business Messaging channel.

  8. Update the channel settings by adding a profile with the approved authentication settings. For providers requiring a custom domain, like Okta, input only the identity domain portion of your URL.

  9. Copy the OAuth provider redirect URL provided, such as

  10. Update your OAuth provider's authorized redirect URLs with this link.

Last updated