HOME

TheInfoList



Click Here for Items Related To - Sign in with Apple
OR:
Sign in with Apple on:   [Wikipedia]   [Google]   [Amazon]

Sign in with Apple is a
single sign-on Single sign-on (SSO) is an authentication scheme that allows a user to log in with a single ID to any of several related, yet independent, software systems. True single sign-on allows the user to log in once and access services without re-enterin ...
provider operated by
Apple Inc. Apple Inc. is an American multinational technology company headquartered in Cupertino, California, United States. Apple is the largest technology company by revenue (totaling in 2021) and, as of June 2022, is the world's biggest company ...
, introduced on June 3, 2019 at Apple's 2019
Worldwide Developers Conference The Worldwide Developers Conference (WWDC) is an information technology conference held annually by Apple Inc. The conference is usually held at Apple Park in California. The event is usually used to showcase new software and technologies in t ...
(WWDC) in
iOS 13 iOS 13 is the thirteenth major release of the iOS mobile operating system developed by Apple Inc. for their iPhone, iPod Touch, and HomePod lines. The successor to iOS 12 on those devices, it was announced at the company's Worldwide Develo ...
. It is designed to allow users to create accounts for third-party services with a minimal amount of personal information (as opposed to login services offered by
social networking service A social networking service or SNS (sometimes called a social networking site) is an online platform which people use to build social networks or social relationships with other people who share similar personal or career content, interests, ac ...
platforms such as
Facebook Facebook is an online social media and social networking service owned by American company Meta Platforms. Founded in 2004 by Mark Zuckerberg with fellow Harvard College students and roommates Eduardo Saverin, Andrew McCollum, Dustin ...
, where such features may also grant the third-party service access to personal information tied to their account), only requiring the user to provide a name and email address. Users can opt for the email address associated with their
Apple ID Apple ID is an authentication method used by Apple for iPhone, iPad, Mac and other Apple devices. Apple IDs contain the user's personal information and settings. When an Apple ID is used to log in to an Apple device, the device will automatic ...
or choose the "Hide My Email" option to generate a disposable email address specific to the service; these addresses end in the privaterelay.appleid.com domain. Messages sent via a disposable (or relay) email address are automatically forwarded to a verified email address of the user's choice, and this function can also be disabled if needed. The service is compatible with the
OAuth OAuth (short for "Open Authorization") is an open standard for access delegation, commonly used as a way for internet users to grant websites or applications access to their information on other websites but without giving them the passwords. Th ...
2.0 and
OpenID Connect OpenID is an open standard and decentralized authentication protocol promoted by the non-profit OpenID Foundation. It allows users to be authenticated by co-operating sites (known as relying parties, or RP) using a third-party identity provide ...
standards, and integrates with
Face ID Face ID is a facial recognition system designed and developed by Apple Inc. for the iPhone and iPad Pro. The system allows biometric authentication for unlocking a device, making payments, accessing sensitive data, providing detailed facial exp ...
and
Touch ID Touch ID is an electronic fingerprint recognition feature designed and released by Apple Inc. that allows users to unlock devices, make purchases in the various Apple digital media stores (iTunes Store, App Store, and Apple Books Store), and ...
on
iOS iOS (formerly iPhone OS) is a mobile operating system created and developed by Apple Inc. exclusively for its hardware. It is the operating system that powers many of the company's mobile devices, including the iPhone; the term also include ...
,
iPadOS iPadOS is a mobile operating system developed by Apple Inc. for its iPad line of tablet computers. It is a rebranded variant of iOS, the operating system used by Apple's iPhones, renamed to reflect the diverging features of the two product ...
, and
macOS macOS (; previously OS X and originally Mac OS X) is a Unix operating system developed and marketed by Apple Inc. since 2001. It is the primary operating system for Apple's Mac (computer), Mac computers. Within the market of ...
.


Usage in software development

On September 12, 2019, Apple updated the App Store Review Guidelines to stipulate that developers whose apps use at least one third-party login service must implement Sign in with Apple, with exceptions for apps that function exclusively as a client for a specific service (such as the
Twitter Twitter is an online social media and social networking service owned and operated by American company Twitter, Inc., on which users post and interact with 280-character-long messages known as "tweets". Registered users can post, like, and ...
app), that use a login service backed by a citizen identification system, or that are developed to work exclusively with a company's first-party login service. Apple's human interface guidelines require Sign in with Apple buttons to be no less prominent than other sign-in services, and to appear "above the fold" without the user having to scroll. For use outside of iOS apps, Apple also offers a
JavaScript JavaScript (), often abbreviated as JS, is a programming language that is one of the core technologies of the World Wide Web, alongside HTML and CSS. As of 2022, 98% of Website, websites use JavaScript on the Client (computing), client side ...
library to implement Sign in with Apple on Android and the web.


Compliance with the OpenID standard

In October 2019, Apple made the service compliant with the
OpenID Connect OpenID is an open standard and decentralized authentication protocol promoted by the non-profit OpenID Foundation. It allows users to be authenticated by co-operating sites (known as relying parties, or RP) using a third-party identity provide ...
authentication standard. It had previously not been fully compliant, having for example excluded "Proof Key for Code Exchange" (PKCE)—whose absence exposed users to possible
replay attacks A replay attack (also known as a repeat attack or playback attack) is a form of network attack in which valid data transmission is maliciously or fraudulently repeated or delayed. This is carried out either by the originator or by an adversary wh ...
and
code injection Code injection is the exploitation of a computer bug that is caused by processing invalid data. The injection is used by an attacker to introduce (or "inject") code into a vulnerable computer program and change the course of execution. The res ...
vulnerabilities.


References

{{Apple Apple Inc. services Federated identity