Aaron Parecki

57°F

Michael Warkentin https://twitter.com/mwarkentin • Jun 5
@Threadreaderapp unroll

already did that myself 😉 https://aaronparecki.com/2019/06/04/23/sign-in-with-apple-misunderstandings

Portland, Oregon, USA

4 likes 1 repost

Tue, Jun 4, 2019 5:16pm -07:00
André Neves https://twitter.com/andreneves • Jun 4
So now services/apps need to handle OAuth, Apple SSO, and regular email/pass. Feels like more mental burden for developers.

Also turns out Apple's is also OAuth :-) https://developer.okta.com/blog/2019/06/04/what-the-heck-is-sign-in-with-apple

Portland, Oregon

2 likes

Tue, Jun 4, 2019 3:42pm -07:00
André Neves https://twitter.com/andreneves • Jun 4
Feels a lot like another way to lock users inside of the Apple world. How is this any better than signing up with any other service like Google or Facebook (for OAuth for example). It has some nice 'privacy' features but it feels like a marketing stunt more than anything imo

It's more about providing easier options for users: https://aaronparecki.com/2019/06/04/23/sign-in-with-apple-misunderstandings

Portland, Oregon

2 likes 2 replies

Tue, Jun 4, 2019 3:42pm -07:00
complexmix https://twitter.com/thatonehacker5 • Jun 4
It will be set as the default (knowing Apple) and will make all other options so inconvenient that apple users will essentially have one choice. Just like how you can use Chrome on iOS, but they make it as inconvenient as possible to avoid the POS that is Safari.

It's still up to the app to provide the buttons. Check out the sample walkthroughs in that blog post.

Portland, Oregon

1 reply

Tue, Jun 4, 2019 3:27pm -07:00
complexmix https://twitter.com/thatonehacker5 • Jun 4
Ah yes, take away the freedom of choice

In contrast: this forces app developers to provide users the choice between Apple or some other sign-in, rather than letting developers require just e.g. Facebook login.

More: https://aaronparecki.com/2019/06/04/23/sign-in-with-apple-misunderstandings

Portland, Oregon, USA

2 likes 2 reposts 1 reply

Tue, Jun 4, 2019 3:16pm -07:00
Tara Seals https://twitter.com/wirelesswench

Want more details on Sign in with @Apple and if the claims to be more privacy-friendly are just marketing spin? Experts weigh in: https://bit.ly/2WK5zrI @oauth_2 @OneSpan @lucysecurity @TheMediaTrust

Portland, Oregon

Tue, Jun 4, 2019 9:50pm +00:00 (liked on Tue, Jun 4, 2019 3:08pm -07:00)
Kurt Milne https://twitter.com/kurtmilne

Great write up on the new Identity solution Sign In With Apple. It's based on #Oauth and #Openidconnect Thank you @aaronpk

https://developer.okta.com/blog/2019/06/04/what-the-heck-is-sign-in-with-apple

Portland, Oregon

Tue, Jun 4, 2019 9:44pm +00:00 (liked on Tue, Jun 4, 2019 2:56pm -07:00) #Oauth #Openidconnect
Let's Clarify some Misunderstandings around Sign In with Apple

tl;dr This is a good move for users in the iOS ecosystem, and is primarily designed as an alternative for apps that currently use "Sign in with [Facebook/Twitter/Google]" to avoid leaking sensitive user info.
continue reading...

145 likes 46 reposts 1 bookmark 27 replies 17 mentions

Tue, Jun 4, 2019 2:44pm -07:00 #appleid #oauth #wwdc19
Chris Espinosa https://twitter.com/cdespinosa

Hi, Stefan. Tune in to the WWDC session for all the details (2019.056.05 0900PST). To your points:
• Sign In with Apple works with OAuth on Chrome and Android
• You always sign in with your Apple ID; you never see the per-developer scrambled email address
• 2FA comes via SMS

Portland, Oregon

Tue, Jun 4, 2019 8:39pm +00:00 (liked on Tue, Jun 4, 2019 1:51pm -07:00)
Halyna https://twitter.com/Halyna_13 • Jun 4
No, you don’t need an Apple device for 2FAuth of Apple ID. They send an SMS to authenticate the new login.

Confirmed. I was able to create a brand new Apple ID, enroll a Google Voice phone number for 2FA, and never touch this account from an iOS device.

Portland, Oregon

6 likes 2 replies

Tue, Jun 4, 2019 1:25pm -07:00
Stefan Esser https://twitter.com/i0n1c • Jun 4
you still need a trusted apple device to use Apple 2FA in addition to trusted phone number, don’t you?

I honestly don't know. But also keep in mind this is primarily designed for logging in to iOS apps, so ppl can log in with their Apple account instead of their Facebook account, which is a win for user privacy.

Portland, Oregon

Tue, Jun 4, 2019 1:12pm -07:00
Stefan Esser https://twitter.com/i0n1c • Jun 4
yes and how are you supposed to get through the Apple 2FA protection without an Apple device?

via SMS or phone call

> A trusted phone number is a number that can be used to receive verification codes by text message or automated phone call. You must verify at least one trusted phone number to enroll in two-factor authentication.

https://support.apple.com/en-us/HT204915

Portland, Oregon

4 likes 2 replies

Tue, Jun 4, 2019 12:57pm -07:00
Stefan Esser https://twitter.com/i0n1c • Jun 4
because you want to actually login to a service from an android device

That's not how it works. It works like every other OAuth flow, you click the button and are redirected to Apple to sign in. Here's a full walkthrough with screenshots: https://developer.okta.com/blog/2019/06/04/what-the-heck-is-sign-in-with-apple

Portland, Oregon

4 likes 8 replies

Tue, Jun 4, 2019 12:54pm -07:00
Alright, if you are curious about "Sign In with Apple," I walk through exactly how it works and what it looks like in this post.

https://developer.okta.com/blog/2019/06/04/what-the-heck-is-sign-in-with-apple

#WWDC19 #OAuth #AppleID

Portland, Oregon, USA

98 likes 46 reposts 4 replies 5 mentions

Tue, Jun 4, 2019 12:43pm -07:00 #wwdc19 #oauth #appleid
David Neal 🥓🥑 https://twitter.com/reverentgeek

Fun for the whole team!

Portland, Oregon

Tue, Jun 4, 2019 6:40pm +00:00 (liked on Tue, Jun 4, 2019 12:38pm -07:00)
David Bisset https://twitter.com/dimensionmedia

Folks already starting to build “Sign In With Apple” examples, this one in #PHP (via @aaronpk) https://github.com/aaronpk/sign-in-with-apple-example #WWDC19

Portland, Oregon

Tue, Jun 4, 2019 5:12pm +00:00 (liked on Tue, Jun 4, 2019 11:08am -07:00) #PHP #WWDC19
at Weissman Dental

Portland, Oregon • Tue, June 4, 2019 7:51am

45.519372 -122.683986

😬

Portland, OR, United States

1 Coin

Tue, Jun 4, 2019 7:51am -07:00
Dr. Jens Foell https://twitter.com/fMRI_guy

A little experiment:

Respond to this tweet with your most controversial pop culture opinion, and I *will* validate it.
If there's ANY sincere pop culture opinion you have that NO ONE would EVER agree with, post it here and I will agree with you no questions asked.

Portland, Oregon

Mon, Jun 3, 2019 8:23pm +00:00 (liked on Mon, Jun 3, 2019 9:22pm -07:00)
Brandon Carroll https://twitter.com/bcarroll22 • Jun 4
If you have a native and a web app, and a user creates their account with Apple sign in through your app, I wonder how you sign in with that account in your web app? Is Apple sign in basically just oauth with a fake email address you don’t know? And what’s your password?

It's just OAuth. Sign In with Apple isn't limited to mobile apps. Here's a demo of doing it in a web app. https://github.com/aaronpk/sign-in-with-apple-example

Portland, Oregon

1 like 1 reply

Mon, Jun 3, 2019 9:13pm -07:00
Reading all these tweets of people freaking out about Apple requiring apps to use "Sign In with Apple" and feeling another "authentication is not authorization" rant coming. Lots of misunderstanding of sign-in vs accessing APIs. #WWDC19 #OAuth

Portland, Oregon, USA

7 likes 2 reposts 2 replies 1 mention

Mon, Jun 3, 2019 9:12pm -07:00 #wwdc19 #oauth

older