GMOPlus
Apple Unifies Sign in with Apple and iCloud+ Hide My Email Under New private.icloud.com Domain
MOBILEN

Apple Unifies Sign in with Apple and iCloud+ Hide My Email Under New private.icloud.com Domain

Apple is moving Sign in with Apple and iCloud+ Hide My Email to a single shared domain: private.icloud.com. Here's what developers need to know.

21 Haziran 2026·5 dk okuma

Apple Is Consolidating Its Privacy Email Features Under a Single New Domain

Apple has announced a significant infrastructure change that affects two of its most widely used privacy features: Sign in with Apple and iCloud+ Hide My Email. Later this summer, Apple will unify the email domains used by both services under a single, shared domain — private.icloud.com. While this change is largely behind the scenes for everyday users, it carries important implications for developers, app publishers, and email service providers who rely on these features in their platforms.

If you operate a website or app that supports Sign in with Apple, or if your email infrastructure handles relay-based addresses from Apple's privacy ecosystem, this is a change you need to prepare for now — before it rolls out and begins affecting real users.

Understanding the Change: What Is Moving and Why

Apple's two privacy email features have historically operated on separate domains. Sign in with Apple, which allows users to create accounts on third-party apps and websites without revealing their real email address, has issued anonymized relay addresses on the domain privaterelay.appleid.com. Meanwhile, iCloud+'s Hide My Email feature, which lets subscribers generate random email aliases for newsletters, sign-ups, and online forms, has issued addresses on icloud.com.

Going forward, new addresses generated by both features will be issued exclusively on private.icloud.com. This means:

  • New Sign in with Apple addresses will no longer use privaterelay.appleid.com — they will use private.icloud.com instead.
  • New iCloud+ Hide My Email addresses will no longer use icloud.com — they will also use private.icloud.com.

The consolidation makes sense from Apple's perspective. By bringing both features under one unified domain, Apple simplifies its own infrastructure, creates a cleaner and more recognizable privacy namespace, and signals to users and developers alike that these two features are part of a cohesive, privacy-first identity ecosystem.

Will Existing Email Addresses Stop Working?

One of the first questions users and developers will ask is whether existing relay addresses will break. The short answer is no. Apple has confirmed that all existing addresses on the legacy domains — both privaterelay.appleid.com and icloud.com — will continue to work and forward mail without any interruption. Users who already have relay addresses through either feature will not need to take any action, and their inboxes will not be affected.

However, any new addresses created after Apple's rollout this summer will be issued on the private.icloud.com domain. This is where the responsibility shifts to the people building and maintaining the systems that interact with these addresses.

What Developers Need to Do Right Now

If you are a developer with an app or website that uses Sign in with Apple, this update requires you to take proactive steps before Apple's rollout begins. Specifically, you need to audit and update three key areas of your system:

  • Account systems: Any logic that stores, validates, or processes user email addresses during sign-in or account creation must be updated to recognize and accept addresses on the private.icloud.com domain. If your system only expects privaterelay.appleid.com addresses, new users signing in with Apple after the domain switch may encounter errors or be prevented from creating accounts entirely.
  • Email validation logic: Many systems apply regex patterns or domain-based checks to verify that an email address is properly formatted and from a recognized sender. If your validation layer explicitly checks or restricts relay domains, you must add private.icloud.com to the list of accepted domains alongside privaterelay.appleid.com and icloud.com.
  • Allowlists: If your platform uses domain allowlists to control which email addresses can be used for registration or communication, ensure that private.icloud.com is added immediately. Failing to do so may silently block new Apple privacy email users from successfully onboarding.

It is worth emphasizing that this is not an either/or update. You do not remove the old domains — you add the new one. All three domains (privaterelay.appleid.com, icloud.com, and private.icloud.com) must be supported simultaneously to accommodate both legacy addresses and new ones going forward.

What Email Service Providers Must Update

Beyond app developers, email service providers (ESPs) that handle delivery, filtering, and routing also need to act. If your platform manages domain-based filtering rules, suppression lists, or routing configurations that explicitly reference Apple relay domains, you must update those rules to include private.icloud.com.

Failure to do so could result in legitimate emails being incorrectly flagged, filtered, or suppressed simply because the destination address uses a domain your system does not yet recognize. This could affect transactional emails, account verification messages, password reset flows, and any other communication your platform sends to users with Apple relay addresses.

Why This Matters for Privacy and the Broader Apple Ecosystem

This domain consolidation is more than a technical housekeeping task. It reflects Apple's continued investment in user privacy as a foundational product principle. Sign in with Apple and Hide My Email are both built around the idea that users should be able to interact with the web and apps without surrendering their personal email address to every service they encounter. By unifying these features under a clearly named privacy domain — private.icloud.com — Apple is reinforcing that identity and making the intent of the domain immediately legible to anyone who encounters it.

For developers and businesses, staying aligned with Apple's privacy infrastructure is not just a technical obligation — it is increasingly a user expectation. As more users adopt Sign in with Apple and iCloud+ Hide My Email, ensuring seamless compatibility with these features means fewer sign-up failures, better user trust, and stronger compliance with the direction Apple's ecosystem is heading.

Summary: Key Takeaways for Developers and Email Providers

  • Apple is unifying Sign in with Apple and iCloud+ Hide My Email under the new shared domain private.icloud.com, rolling out later this summer.
  • All existing relay addresses on privaterelay.appleid.com and icloud.com will continue to function without interruption — no user action is required.
  • Developers must update their account systems, email validation logic, and domain allowlists to accept the new private.icloud.com domain in addition to existing ones.
  • Email service providers must revise domain-based filtering, suppression, and routing configurations to include private.icloud.com.
  • Acting before the rollout prevents potential sign-in failures, delivery issues, and broken onboarding flows for users with new Apple relay addresses.

The window to prepare is open now. Developers and email providers who address this change proactively will avoid disruption and ensure their platforms remain fully compatible with Apple's evolving privacy infrastructure. For full technical documentation, Apple's developer resources on Sign in with Apple and the Private Email Relay Service provide authoritative guidance on implementation requirements.

Sign in with AppleiCloud Hide My Emailprivate.icloud.comApple email relayApple developer update