diff --git a/README.md b/README.md
index 07e8464ea0..27d6dd9006 100644
--- a/README.md
+++ b/README.md
@@ -1,5 +1,6 @@
+> We just announced Timestamp Overrides for Appwrite Databases - [Learn more](https://appwrite.io/blog/post/announcing-timestamp-overrides)
-> We just announced Auto-increment support for Appwrite Databases - [Learn more](https://appwrite.io/blog/post/announcing-auto-increment-support)
+> Appwrite Cloud is now Generally Available - [Learn more](https://appwrite.io/cloud-ga)
> [Get started with Appwrite](https://apwr.dev/appcloud)
diff --git a/app/config/templates/function.php b/app/config/templates/function.php
index d8426ad900..3a91fdfbb3 100644
--- a/app/config/templates/function.php
+++ b/app/config/templates/function.php
@@ -2077,6 +2077,61 @@ return [
'type' => 'text'
]
],
+ 'scopes' => ['databases.read', 'databases.write', 'collections.write', 'attributes.write', 'documents.read', 'documents.write']
+ ],
+ [
+ 'icon' => 'icon-apple',
+ 'id' => 'sign-in-with-apple',
+ 'name' => 'Sign in with Apple',
+ 'score' => 6,
+ 'tagline' => 'Use native Apple sign-in APIs on Apple devices with Appwrite Auth',
+ 'permissions' => ['any'],
+ 'events' => [],
+ 'cron' => '',
+ 'timeout' => 15,
+ 'useCases' => ['auth'],
+ 'runtimes' => [
+ ...getRuntimes($templateRuntimes['DART'], 'dart pub get', 'lib/main.dart', 'dart/sign_in_with_apple')
+ ],
+ 'instructions' => 'For documentation and instructions, check out file.',
+ 'vcsProvider' => 'github',
+ 'providerRepositoryId' => 'templates',
+ 'providerOwner' => 'appwrite',
+ 'providerVersion' => '0.2.*',
+ 'variables' => [
+ [
+ 'name' => 'BUNDLE_ID',
+ 'description' => 'Bundle ID of the app. Learn more.',
+ 'value' => '',
+ 'placeholder' => 'com.companyname.appname',
+ 'required' => true,
+ 'type' => 'text'
+ ],
+ [
+ 'name' => 'TEAM_ID',
+ 'description' => 'Team ID of the Apple Developer account.',
+ 'value' => '',
+ 'placeholder' => '6K3...5PH',
+ 'required' => true,
+ 'type' => 'text'
+ ],
+ [
+ 'name' => 'KEY_ID',
+ 'description' => 'Key ID required to communicate with Apple Developer services. Learn more.',
+ 'value' => '',
+ 'placeholder' => '9G8...6YF',
+ 'required' => true,
+ 'type' => 'text'
+ ],
+ [
+ 'name' => 'KEY_CONTENTS_ENCODED',
+ 'description' => 'Contents of Key required to communicated with Apple Developer services, encoded in Base64. Learn more.',
+ 'value' => '',
+ 'placeholder' => '7x8aA...Ab7c',
+ 'required' => true,
+ 'type' => 'password'
+ ]
+ ],
'scopes' => ['users.read', 'users.write']
]
];
diff --git a/app/controllers/api/account.php b/app/controllers/api/account.php
index 61b71930eb..8bacb24507 100644
--- a/app/controllers/api/account.php
+++ b/app/controllers/api/account.php
@@ -1917,7 +1917,7 @@ App::post('/v1/account/tokens/magic-url')
))
->label('abuse-limit', 60)
->label('abuse-key', ['url:{url},email:{param-email}', 'url:{url},ip:{ip}'])
- ->param('userId', '', new CustomId(), 'Unique Id. Choose a custom ID or generate a random ID with `ID.unique()`. Valid chars are a-z, A-Z, 0-9, period, hyphen, and underscore. Can\'t start with a special char. Max length is 36 chars.')
+ ->param('userId', '', new CustomId(), 'Unique Id. Choose a custom ID or generate a random ID with `ID.unique()`. Valid chars are a-z, A-Z, 0-9, period, hyphen, and underscore. Can\'t start with a special char. Max length is 36 chars. If the email address has never been used, a new account is created using the provided userId. Otherwise, if the email address is already attached to an account, the user ID is ignored.')
->param('email', '', new Email(), 'User email.')
->param('url', '', fn ($platforms, $devKey) => $devKey->isEmpty() ? new Redirect($platforms) : new URL(), 'URL to redirect the user back to your app from the magic URL login. Only URLs from hostnames in your project platform list are allowed. This requirement helps to prevent an [open redirect](https://cheatsheetseries.owasp.org/cheatsheets/Unvalidated_Redirects_and_Forwards_Cheat_Sheet.html) attack against your project API.', true, ['platforms', 'devKey'])
->param('phrase', false, new Boolean(), 'Toggle for security phrase. If enabled, email will be send with a randomly generated phrase and the phrase will also be included in the response. Confirming phrases match increases the security of your authentication flow.', true)
@@ -2170,7 +2170,7 @@ App::post('/v1/account/tokens/email')
))
->label('abuse-limit', 10)
->label('abuse-key', ['url:{url},email:{param-email}', 'url:{url},ip:{ip}'])
- ->param('userId', '', new CustomId(), 'User ID. Choose a custom ID or generate a random ID with `ID.unique()`. Valid chars are a-z, A-Z, 0-9, period, hyphen, and underscore. Can\'t start with a special char. Max length is 36 chars.')
+ ->param('userId', '', new CustomId(), 'User ID. Choose a custom ID or generate a random ID with `ID.unique()`. Valid chars are a-z, A-Z, 0-9, period, hyphen, and underscore. Can\'t start with a special char. Max length is 36 chars. If the email address has never been used, a new account is created using the provided userId. Otherwise, if the email address is already attached to an account, the user ID is ignored.')
->param('email', '', new Email(), 'User email.')
->param('phrase', false, new Boolean(), 'Toggle for security phrase. If enabled, email will be send with a randomly generated phrase and the phrase will also be included in the response. Confirming phrases match increases the security of your authentication flow.', true)
->inject('request')
@@ -2498,7 +2498,7 @@ App::post('/v1/account/tokens/phone')
))
->label('abuse-limit', 10)
->label('abuse-key', ['url:{url},phone:{param-phone}', 'url:{url},ip:{ip}'])
- ->param('userId', '', new CustomId(), 'Unique Id. Choose a custom ID or generate a random ID with `ID.unique()`. Valid chars are a-z, A-Z, 0-9, period, hyphen, and underscore. Can\'t start with a special char. Max length is 36 chars.')
+ ->param('userId', '', new CustomId(), 'Unique Id. Choose a custom ID or generate a random ID with `ID.unique()`. Valid chars are a-z, A-Z, 0-9, period, hyphen, and underscore. Can\'t start with a special char. Max length is 36 chars. If the phone number has never been used, a new account is created using the provided userId. Otherwise, if the phone number is already attached to an account, the user ID is ignored.')
->param('phone', '', new Phone(), 'Phone number. Format this number with a leading \'+\' and a country code, e.g., +16175551212.')
->inject('request')
->inject('response')
diff --git a/docs/references/account/create-token-email.md b/docs/references/account/create-token-email.md
index 3e49899888..3ed175c7f9 100644
--- a/docs/references/account/create-token-email.md
+++ b/docs/references/account/create-token-email.md
@@ -1,3 +1,3 @@
-Sends the user an email with a secret key for creating a session. If the provided user ID has not be registered, a new user will be created. Use the returned user ID and secret and submit a request to the [POST /v1/account/sessions/token](https://appwrite.io/docs/references/cloud/client-web/account#createSession) endpoint to complete the login process. The secret sent to the user's email is valid for 15 minutes.
+Sends the user an email with a secret key for creating a session. If the email address has never been used, a **new account is created** using the provided `userId`. Otherwise, if the email address is already attached to an account, the **user ID is ignored**. Then, the user will receive an email with the one-time password. Use the returned user ID and secret and submit a request to the [POST /v1/account/sessions/token](https://appwrite.io/docs/references/cloud/client-web/account#createSession) endpoint to complete the login process. The secret sent to the user's email is valid for 15 minutes.
-A user is limited to 10 active sessions at a time by default. [Learn more about session limits](https://appwrite.io/docs/authentication-security#limits).
\ No newline at end of file
+A user is limited to 10 active sessions at a time by default. [Learn more about session limits](https://appwrite.io/docs/authentication-security#limits).