Aaron already has an example of Sign-in With Apple up and running, because of course he has 👍
WeChat ID
aaronpk_tv
Tuesday, June 4, 2019
| train |
41 min
|
|
7.6 miles
|
train |
-
-
Portland, Oregon • Tue, June 4, 2019 7:51am -
Apple is now the privacy-as-a-service company | TechCrunch (techcrunch.com)
-
Marty McGuire
https://martymcgui.re/
•
Jun 4
I am excited to see this as part of indielogin.com, but I don’t yet see a clear identifier that I could put on my homepage to say “yep, that’s my Apple account”!
I suspect the identifier returned is also scoped per app like their advertising IDs, but have not yet confirmed this. -
Folks already starting to build “Sign In With Apple” examples, this one in #PHP (via @aaronpk) https://github.com/aaronpk/sign-in-with-apple-example #WWDC19
-
Train
3.47miDistance19:52DurationStartEnd
-
Alright, if you are curious about "Sign In with Apple," I walk through exactly how it works and what it looks like in this post.
https://developer.okta.com/blog/2019/06/04/what-the-heck-is-sign-in-with-apple
#WWDC19 #OAuth #AppleID -
Stefan Esser
https://twitter.com/i0n1c
•
Jun 4
because you want to actually login to a service from an android device
That's not how it works. It works like every other OAuth flow, you click the button and are redirected to Apple to sign in. Here's a full walkthrough with screenshots: https://developer.okta.com/blog/2019/06/04/what-the-heck-is-sign-in-with-apple -
Stefan Esser
https://twitter.com/i0n1c
•
Jun 4
yes and how are you supposed to get through the Apple 2FA protection without an Apple device?
via SMS or phone call
> A trusted phone number is a number that can be used to receive verification codes by text message or automated phone call. You must verify at least one trusted phone number to enroll in two-factor authentication.
https://support.apple.com/en-us/HT204915 -
Stefan Esser
https://twitter.com/i0n1c
•
Jun 4
you still need a trusted apple device to use Apple 2FA in addition to trusted phone number, don’t you?
I honestly don't know. But also keep in mind this is primarily designed for logging in to iOS apps, so ppl can log in with their Apple account instead of their Facebook account, which is a win for user privacy.
-
Halyna
https://twitter.com/Halyna_13
•
Jun 4
No, you don’t need an Apple device for 2FAuth of Apple ID. They send an SMS to authenticate the new login.
Confirmed. I was able to create a brand new Apple ID, enroll a Google Voice phone number for 2FA, and never touch this account from an iOS device. -
Let's Clarify some Misunderstandings around Sign In with Apple
tl;dr This is a good move for users in the iOS ecosystem, and is primarily designed as an alternative for apps that currently use "Sign in with [Facebook/Twitter/Google]" to avoid leaking sensitive user info.continue reading... -
Great write up on the new Identity solution Sign In With Apple. It's based on #Oauth and #Openidconnect Thank you @aaronpk
https://developer.okta.com/blog/2019/06/04/what-the-heck-is-sign-in-with-apple -
Want more details on Sign in with @Apple and if the claims to be more privacy-friendly are just marketing spin? Experts weigh in: https://bit.ly/2WK5zrI @oauth_2 @OneSpan @lucysecurity @TheMediaTrust
-
In contrast: this forces app developers to provide users the choice between Apple or some other sign-in, rather than letting developers require just e.g. Facebook login.
More: https://aaronparecki.com/2019/06/04/23/sign-in-with-apple-misunderstandings -
complexmix
https://twitter.com/thatonehacker5
•
Jun 4
It will be set as the default (knowing Apple) and will make all other options so inconvenient that apple users will essentially have one choice. Just like how you can use Chrome on iOS, but they make it as inconvenient as possible to avoid the POS that is Safari.
It's still up to the app to provide the buttons. Check out the sample walkthroughs in that blog post. -
André Neves
https://twitter.com/andreneves
•
Jun 4
Feels a lot like another way to lock users inside of the Apple world. How is this any better than signing up with any other service like Google or Facebook (for OAuth for example). It has some nice 'privacy' features but it feels like a marketing stunt more than anything imo
It's more about providing easier options for users: https://aaronparecki.com/2019/06/04/23/sign-in-with-apple-misunderstandings -
André Neves
https://twitter.com/andreneves
•
Jun 4
So now services/apps need to handle OAuth, Apple SSO, and regular email/pass. Feels like more mental burden for developers.
Also turns out Apple's is also OAuth :-) https://developer.okta.com/blog/2019/06/04/what-the-heck-is-sign-in-with-apple
-
-
already did that myself 😉 https://aaronparecki.com/2019/06/04/23/sign-in-with-apple-misunderstandings -
Dan Grover
https://twitter.com/DanGrover
•
Jun 4
I can see this giving users a lot of rope to hang themselves, too. If you are trying to use any cross-platform service, you now have no way to log in on a non-Apple device or recover your account.
It's just OAuth, and it works on the web too. https://developer.okta.com/blog/2019/06/04/what-the-heck-is-sign-in-with-apple -
A great overview of how ‘Sign in with Apple’ works and how to implement it! #wwdc19 #AltConf19
