I am analyzing for any possible issue which might come when implementing Sign-in With Apple feature in my iOS app. One of the possible issues is account duplication. Here is what I mean:
To sign in or sign up to my app, user has to use their email address. His email address will be recorded in my UMS (user management system). I don't have any other identifier of my users except their email address. By using Sign-in With Apple, user has an option whether to show or hide his email address. If, at the first time in my app, user decided to hide his email address, my app would get randomized email address with domain privaterelay.appleid.com and signed it up. If the next time user changed his mind to show his 'real' email address, my app would detect it as a new user and signed it up again, instead of signed it in. Therefore, one user would end up to have 2 accounts in my app.
Is there any way to tackle this issue without making any change in my UMS?
Once a user has associated an account to your app they don't get a chance to change it unless they go in to settings and remove the account. However, that isn't really any different from a person deciding to register a new account using a different email address without Sign In with Apple?.
A user isn't likely to casually or accidentally remove their account; You need to go into settings and go through 5 steps before you get a delete confirmation to remove the account.
I recommend that you download Apple's Juice sample app to get a feel for how Sign In with Apple works from the user perspective. You will see that it is quite difficult for the user to create a second account if you implement the sign in process correctly