Sign in with Apple

[Platinumwealth.co.za]

Seems this is going to be a thing now.

[Matt]

Our understanding of it so far is that it will just be for iOS apps, and not for desktop use.

[Ilya Hoilik]

25 minutes ago, Matt said:

Our understanding of it so far is that it will just be for iOS apps, and not for desktop use.

https://developer.apple.com/sign-in-with-apple/

https://developer.apple.com/documentation/signinwithapplejs/configuring_your_webpage_for_sign_in_with_apple

Edited June 4, 2019 by Ilya Hoilik

[Andy Millne]

Quote

To configure web authentication, you must create a Services ID and associate your website to an existing primary iOS, macOS, tvOS, or watchOS App ID enabled for Sign In with Apple.

 

[Matt]

Given that it was only announced last night, we probably need a little more time to find out the details.

If it's something we can bring to Invision Community, we will do.

[Joriz]

Seems to also work with websites: https://developer.apple.com/sign-in-with-apple/

 

Would be a great addition as login option for Invision Community websites.

[opentype]

3 minutes ago, Joriz said:

Seems to also work with websites: https://developer.apple.com/sign-in-with-apple/

APPs(!), which also have a web interface. 

[asigno]

Another reason for an IPB app 😎

[AlexWebsites]

I saw an article about it today and its going to be leveraging more privacy and going as far allowing users to hide their emails by creating alternative emails with the 3rd party. Any emails to that created email will then forward through apple to the user. https://www.engadget.com/2019/06/04/sign-in-with-apple-privacy-security-google-facebook-wwdc/

[Matt]

It's very much on our RADAR. Details are sketchy right now and it's not being beta tested until summer, so we're watching closely.

[bradybarrows]

"Sign In with Apple makes it easy for users to sign in to your apps and websites using their Apple ID. Instead of filling out forms, verifying email addresses, and choosing new passwords, they can use Sign In with Apple to set up an account and start using your app right away. All accounts are protected with two-factor authentication for superior security, and Apple will not track users’ activity in your app or website."  Signin with Apple Developer 

"The head of Google's account sign-in teams is seemingly positive about Apple's introduction to the authentication space with "Sign in with Apple," revealing in an interview it would be preferable to use Apple's button than to manually enter usernames and passwords." appleinsider

"But while Google wasn’t happy about the veiled privacy jabs, the company’s login chief is surprisingly sunny about having a new button to compete with. While the login buttons are relatively simple, they’re much more resistant to common attacks like phishing, making them much stronger than the average password — provided you trust the network offering them." The Verge

"From a security perspective, Apple offers a better option for both users and developers alike compared with other social login systems which, in the past, have been afflicted by massive security and privacy breaches." Tech Crunch

"From what we know so far, it uses similar technology to OAuth 2.0 and OpenID Connect, so on the surface at least, you’re going to see a very familiar flow if you choose Sign in with Apple over the other SSO options....It will require accounts to have two-factor authentication enabled too,...The most immediate difference with Apple is the throwaway email addresses you can create and use, if you don’t want to expose your actual email address: It means the third-party app or site never sees your real email address, and you can cut off contact in an instant by wiping the temporary email address from existence...."  Gizmodo

"One important difference: Sign in with Apple integrates seamlessly with Apple's authentication offerings—like Face ID and Touch ID—which provide strong security while also being quick and easy to use." Wired

"From the Cambridge Analytica scandal to Google’s data transparency fines in Europe, and Facebook’s data sharing activities making all the wrong headlines, the time is right for a crusading corporation to swoop in and offer us a cleaner, fairer security system that’s less about them and more about us....Then there is the fact Sign In with Apple will be linked to biometric authentication on our iPhone and iPad, has mandatory two-factor authentication, and data will be stored securely on device or in Apple’s servers, giving peace of mind." Digital Trends

“The way most “sign in with [blank]” systems work is that the app you’re signing in to will get your username on that service and likely also your email address,” he explained. “These apps can sell your email address to advertisers, or correlate your activity between unrelated applications by matching your username.”

In contrast, “Apple’s sign-in feature provides neither an email address nor an identifiable user ID. The unique user ID returned is just an opaque string like 001473.fe6f33bf4b8e4590aacbabdcb8598bd0.2039, and they will return a proxy email address instead of your real email,” he said.

Thus, it becomes impossible for apps to get access to gain any useful information about the person that’s signing in.” Threat Post
 

 

Edited June 13, 2019 by bradybarrows

[bradybarrows]

On 6/4/2019 at 9:40 AM, opentype said:

APPs(!), which also have a web interface. 

Would TapaTalk count as an app and web interface for this? 

Not sure if IPS has an app for communities? 

[Mark]

It looks like (though I am still waiting for more details to emerge) that it can be done on standalone websites but you'd need to sign up for Apple's Developer Program, which costs $99/year. We can't create one thing and use it for all sites because each domain and email address you will send emails from to cloaked addresses has to be registered, and there's a limit of 10.

[Morgin]

3 hours ago, Mark said:

It looks like (though I am still waiting for more details to emerge) that it can be done on standalone websites but you'd need to sign up for Apple's Developer Program, which costs $99/year. We can't create one thing and use it for all sites because each domain and email address you will send emails from to cloaked addresses has to be registered, and there's a limit of 10.

If Apple ever offers push PWA, it undoubtedly will also require enrollment in Apple's Developer Program, so I think it's likely a foregone conclusion that anyone wanting to play with that ecosystem needs to fork over the $99/year fee at some point.

[Thomas P]

Please no App, we've been there, seen that. Own App, Tapatalk, Forumrunner was and is altogether a waste of time on the user and especially on the developer side.

 

[Ilya Hoilik]

9 hours ago, Mark said:

...but you'd need to sign up for Apple's Developer Program, which costs $99/year

Seems, they have separated Sign in with Apple ID from Apple Developer Program.

https://developer.apple.com/support/compare-memberships/

[bfarber]

2 hours ago, Ilya Hoilik said:

Seems, they have separated Sign in with Apple ID from Apple Developer Program.

https://developer.apple.com/support/compare-memberships/

I don't think that's what the page is suggesting. I think it's merely pointing out the developer resources available to you simply by signing in with your Apple ID.

Based on the documentation I've seen so far, it appears you will indeed need to be a part of their developer program (i.e. pay $99 per year) in order to use the "Sign in with Apple" feature they are releasing.

[Gabri]

On 6/5/2019 at 10:53 AM, Matt said:

It's very much on our RADAR. Details are sketchy right now and it's not being beta tested until summer, so we're watching closely.

 

Hello 🙂 Have you any news?

[Jordan Miller]

Interested in this too. 

Edited June 1, 2020 by breatheheavy

[Andy Millne]