Apple to Force iOS Apps to Use ‘Sign In with Apple’

Posted on June 4, 2019 by Mehedi Hassan in Apple, iOS with 25 Comments

One of the interesting new features introduced at WWDC was Sign In with Apple. It’s a new sign-in system made by Apple that’s meant to replace other platforms offered by Facebook and Google. The idea here is that Apple’s system ensures your data stays safe and doesn’t get abused by third-party developers.

Sign In with Apple lets you login with Face ID or Touch ID, and it only lets you share your name and email address with apps. And if some apps do require your email address, you can share your actual email address with them — or better yet, Apple can help you mask your actual email address. This works by Apple creating a unique email address for each app you login to, and simply forwards email to that unique/fake email address to your actual email address. That way, the apps never get your actual email address.

And all of this is actually really great. Apple’s system might be the only single sign-in system that keeps your data safe. But here’s the thing: iOS apps will be forced to use the new system, which is a bit unfriendly on Apple’s side.

Apps that offer third-party sign-in will require to offer Sign In with Apple as an option when iOS 13 launches later this year. “Sign In with Apple will be available for beta testing this summer. It will be required as an option for users in apps that support third-party sign-in when it is commercially available later this year,” Apple said.

That’s not particularly a bad thing, especially since Sign in with Apple makes logging into apps much quicker and safer. And Apple forcing apps to offer its own service as an alternative to those provided by Facebook and Google will allow the service to reach more users quickly, and hopefully replace the horrible systems provided by other companies, especially Facebook.

The problem, however, is that it’s not really clear how Sign In with Apple works on other platforms. If you create an account on your iPhone or iPad, it’s not clear how you would access that same account from an Android device, a Windows laptop, or just from any other laptop on the web. It’s a bit of a mystery for now.

Tagged with , ,

Join the discussion!


Don't have a login but want to join the conversation? Become a Thurrott Premium or Basic User to participate

Comments (25)

25 responses to “Apple to Force iOS Apps to Use ‘Sign In with Apple’”

  1. Tony Barrett

    I guess this is just the next level of control for Apple. All they have to do is slap a 'it's for your security' label on it, and that's enough. Bottom line, Apple will control the sign in, the app, the distribution, the OS, the platform, the payment system, the dev platform, the monetization, the infrastructure, the hardware - everything. No 3rd party option, no choice. It's Apple's way, or nothing.

    • dontbe evil

      In reply to ghostrider:

      have an upvote, butthurt apple fans don't like the truth

    • Brockman

      In reply to ghostrider:

      "No 3rd party option, no choice". Except that in this case there are clear 3rd party options for authentication, particularly Facebook and Google.

      • curtisspendlove

        In reply to Brockman:

        "No 3rd party option, no choice". Except that in this case there are clear 3rd party options for authentication, particularly Facebook and Google.

        And, despite the title of the article, it is only required if your app also uses other “sign on with xyz” SSO APIs.

        Also, this one really is for your security / privacy. You should look at what you give away to the implementer of a login API when you authenticate.

    • digiguy

      In reply to ghostrider:

      have downvote from a non apple fan... this is a blessing for users and still leave them the choice, it's just an additional and very welcome option... so no, what you said it definitely not true

  2. curtisspendlove

    There is apparently a web API, so theoretically you can just pop up a WebView and run the authentication dance (like every other SSO provider offers):

  3. kevinfanch

    Isn't Apple ID a privacy nightmare? If you want to be followed what better than this. I prefer no Apple/Google/Facebook ID and a mobile os like /e/ by which is basically Android without Google. You get all the benefits of Android but without being followed

  4. lvthunder

    If the backlash is big enough they will change their mind. Personally I never use those third party sign ins anyways.

  5. Brockman

    Not a fan of the clickbait-y title.

  6. Chris_Kez

    Mehedi, your headline does not match your article. I'd like for this site to be a place where we're spared unnecessarily inflammatory headlines. Thank you.

  7. rm

    This is definitely a way to lock users into Apple more, but at least this time there are benefits to it.

  8. gardner

    While developers will be prevented from doing exclusive deals, how is mandating choice for users a bad thing for users?

    The only hurt here is for developers that wanted to restrict the choices their users have.

    This will blow over almost instantly as its a non-issue.

  9. dontbe evil

    what a surprise ... apple style

  10. dcdevito

    This is a great thing! Devs will get over this, it isn't a big deal to implement at all.

    • wright_is

      In reply to dcdevito:

      It is great, as long as it is optional. There are too many open questions about it at the moment and it being mandatory is a concern. I'm all for not using Google or Facebook for signing in on other platforms, but replacing it by a proprietary Apple solution isn't the answer either.

      I think SQRL, for example, would be a better, simpler solution... But there again, Apple couldn't control their user's data that way.

      • red.radar

        In reply to wright_is:

        It’s only mandatory if they offer sign in with other platforms. Apple isn’t trying to control user data they are trying to give their customers an option.

      • ivarh

        In reply to wright_is:

        From the way I understand this article is mandatory as a option for apps that provide other social media login options. It does not force iOS developers to replace these login methods with apples.

        • wright_is

          In reply to ivarh:

          Correct, but it means having to implement a new user validation method, whether I want to or not... If I am perfectly happy with my current options and don't want to invest on changing my cloud side to use yet another authentication system, I don't really have a choice, I either implement it or withdraw the iOS app.

          • lvthunder

            In reply to wright_is:

            Aren't you one of the people complaining about privacy yet when Apple introduces something to force companies to respect your privacy you complain?

            • wright_is

              In reply to lvthunder:

              And this is why I think a system like SQRL would be better. It is 100% under your control, no passwords and a unique, anonymous identity (no username, no email address, no central clearing house recording your movements) for every site you register with - assuming the site lets you be anonymous, but the ID is unique to the site, so can't be tracked to other sites.

              With Apple ID and Oauth in general, the controller of the Oauth platform, whether it is Google, Facebook, Apple or whoever, knows exactly which sites you have visited and how often. Whether they use or abuse that information is another matter, but you don't have a choice.

            • wright_is

              In reply to lvthunder:

              Yes. But the issue at hand has nothing to do with privacy, but forcing developers to use their (untested and not proven to be private) system or get out of Dodge.

              • cddouglas

                In reply to wright_is: that is not 100% accurate - if they don't want to use Apple authentication, then they would need to remove Google and/or Facebook logins only. Other registration and login options would still remain viable.

                • wright_is

                  In reply to cddouglas:

                  That makes a little more sense, but wasn't really explained in any of the articles I've read. Thanks for clearing that up.

                  Better, but Apple could have used the opportunity to use/create a truly privacy respecting system, like SQRL, where even Apple don't get your data.

  11. RonV42

    Apple is building a great honey pot to entice hackers to get after the data. But you know Google, Microsoft, Amazon, Facebook are all targets but the big dollars are with Apple's information.

  12. Saarek

    Good, that's exactly how it should be. I want privacy, I trust Apple because they make money out of respecting my privacy.