Ō̴̡̨͍͕̠̹̘͖͓̭̝̰̖͉̬̫͍̝̰̟͖͖̞͇̟̻̫͇̠̯̋̋̂ͅͅA̷̡̧͎̫̬͖̠͍̼̗̠͊̉̏̓̈́̂̀̈́͆͘͜uth @oktadev oauth.wtf oauth.net 🎥 livestreaming youtube.com/aaronpk aaronpk.tv 💛 #indieweb 🐘🦋
Portland, Oregon
Joined April 2008
- Tweets 11,388
- Following 1,223
- Followers 6,415
- Likes 9,609
I have so many questions for you! I was able to create a proof of concept, but would love to know some of the missing details. The current documentation is not complete enough to make a working app, I had to guess things based on my knowledge of OIDC.
developer.okta.com/blog/2019…
1
Yes that is my understanding reading their guidelines. Of course this remains to be seen how it will play out in practice.
1
2
I had fun with this one: 7 Ways an OAuth Access Token is like a Hotel Key Card
developer.okta.com/blog/2019…
1
10
1
21
Yes it seems to be designed for authentication only. They do also return an OAuth access token and refresh, though I am not sure what you can do with that yet.
2
It's just OAuth, and it works on the web too. developer.okta.com/blog/2019…
1
1
5
Also turns out Apple's is also OAuth :-) developer.okta.com/blog/2019…
2
It's more about providing easier options for users: aaronparecki.com/2019/06/04/…
2
2
It's still up to the app to provide the buttons. Check out the sample walkthroughs in that blog post.
In contrast: this forces app developers to provide users the choice between Apple or some other sign-in, rather than letting developers require just e.g. Facebook login.
More: aaronparecki.com/2019/06/04/…
2
2
Anyway, if you're curious about what this will look like, I wrote a sample app that uses Sign In with Apple so you can see how it works.
developer.okta.com/blog/2019…
3
3
2
25
Will we see other OAuth providers follow suit and start randomizing email addresses and user IDs returned to apps? I hope so!
Ironically, Facebook first started doing this a few years ago when they launched app-scoped user IDs.
3
1
1
3
Is Apple using their position as gatekeepers of the App Store to force adoption of "Sign In with Apple"?
Yes.
Is this a bad thing?
No.
Does this affect you if you don't use an iOS device?
No.
Does this benefit people who have an iOS device?
Yes.
1
3
7
So yes, Sign In with Apple is a good thing for user privacy, and will be a better user experience overall.
1
3
"Sign In with Apple" provides apps with both those features without revealing any more information about you than necessary.
1
1
2
At the end of the day, the benefit of signing in to apps is to be able to save stuff to your account so you can restore it later, and to get email notifications.
1
3