Update: I think I’ve been looking at this the wrong way. The whole point is to re-authenticate the user, so in the user journey of deleting their account it makes sense to show the Apple Sign In button, from which I can call the method to revoke the token. Problem solved.