Using third-party or social login services such as Facebook or Google for app login? Apple’s new App Store Developer Guidelines require that if your app exclusively uses a third-party or social login service to setup or authenticate the user’s primary account, the app must provide Sign in With Apple for your end-users (existing apps and app updates have until April 2020 to be compliant.)
Smooth Adoption Expected
Once iOS users complete their initial sign-in, they’ll be able to subsequently sign in using the native bio verification mechanisms built into iOS devices like thumbprints and Face ID. When users can do this instead of having to enter a password, we expect this will quickly become the login path of choice.
Privacy Play
GDPR sparked a global shift in data privacy. While organizations are thinking harder about the data they store and where it flows, Apple has realized the need to support end-user choices — which is why SIgn In With Apple allows users to obfuscate their real identity from third-parties including app developers.
So if I use Sign in with Apple, and select “Hide my Email”, application developers will not have any personally identifiable information from my login. The application will only recognize me based on a randomly generated email address from Apple that is uniquely identifiable so that Apple can maintain the correct association.
This causes a slight problem for application developers who rely on email addresses to associate accounts to actual people. Apple has taken a hard stance on this but it is also evolving its identity practices at a rapid pace. Auth0 has kept up with these recent changes and will be releasing a solution that has been beta-tested with actual customers and end-users next week.
If you need Sign In With Apple to do business and you’re doing it yourself, you’re about to touch code — and then every time Apple makes a change, you’ll need to touch it again to ensure that code is keeping pace. The advantage of Auth0 is that we shield you from every change from Apple or other identity providers. Even adding features like multi-factor authentication can easily be switched on with a toggle.
What’s Coming Next Week
The General Availability (GA) of our Sign In With Apple integration will include Native flows and Web flows. Web flows have been in public beta since June, enabling customers who want to use Sign In with Apple in web applications to try it out. At Auth0, Sign In With Apple will be an out-of-the-box feature — a simple toggle + minimal code.
Offloading authentication to Auth0 means touching code when YOU want to make a change, not when your identity provider tells you to. And it means you can quickly comply with Apple’s mandate while leveraging the benefits of Face or Touch ID and eliminate the need for usernames/passwords.
With 1.4 billion iOS devices already in the market and nearly two million apps competing for iOS users’ attention this change could be a big deal — if Auth0 didn’t already have you covered.
About the author
Jenny O'Brien
Business Content Manager