| Type | Single sign-on provider |
|---|---|
| Launch date | September 19, 2019 |
| Platform(s) | iOS,Android, Web (JavaScript) |
| Status | Active |
| Website | developer |
Sign in with Apple is asingle sign-on provider operated byApple Inc., introduced on June 3, 2019, at Apple's 2019Worldwide Developers Conference (WWDC) iniOS 13.[1]
It is designed to allow users to create accounts for third-party services with a minimal amount of personal information, only requiring the user to provide a name and email address.
Users can opt for the email address associated with theirApple Account or choose the "Hide My Email" option to generate adisposable email address specific to the service; these addresses end in theprivaterelay.appleid.com domain.[2]
Messages sent via a disposable (or relay) email address are automatically forwarded to a verified email address of the user's choice, and this function can also be disabled if needed.[3][4]
The service is compatible[5] with theOAuth 2.0 andOpenID Connect standards, and integrates withFace ID,Touch ID andOpticID oniOS,iPadOS,macOS andvisionOS[6][7]
Sign in with Apple is opposed tologin services offered bysocial networking service platforms such asFacebook, where such features may also grant the third-party service access to personal information tied to their account.
On September 12, 2019, Apple updated theApp Store Review Guidelines to stipulate that developers whose apps use at least one third-party login service must implement Sign in with Apple.
It comes with exceptions for apps that function exclusively as a client for a specific service (such as theTwitter app), that use a login service backed by acitizen identification system, or that are developed to work exclusively with a company's first-party login service.[8]
Apple'shuman interface guidelines requiresign in with Apple buttons to be no less prominent than other sign-in services, and to appear "above the fold" without the user having to scroll.[9]
For use outside of iOS apps, Apple also offers aJavaScript library to implement Sign in with Apple onAndroid and the web.[4]
In October 2019, Apple made the service compliant with theOpenID Connect authentication standard. It had previously not been fully compliant, having for example excluded "Proof Key for Code Exchange" (PKCE)—the absence of which exposed users to possiblereplay attacks andcode injection vulnerabilities.[10][5]
| Products |
| ||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Services |
| ||||||||||||||||||
| Companies |
| ||||||||||||||||||
| Design andmarketing | |||||||||||||||||||
| Legal issues and labour relations | |||||||||||||||||||
| Related | |||||||||||||||||||
| People |
| ||||||||||||||||||
| |||||||||||||||||||
