This does *not* mean that Apple is requiring every app to use Sign in with Apple. This does not mean that apps that want to manage your Google Calendar will have to also add Sign in with Apple.

Yes, this is a little additional work for app developers to support another OAuth provider, but is really not that different from supporting both Twitter and Facebook, or Snapchat and Instagram.

At the end of the day, the benefit of signing in to apps is to be able to save stuff to your account so you can restore it later, and to get email notifications.

"Sign In with Apple" provides apps with both those features without revealing any more information about you than necessary.

So yes, Sign In with Apple is a good thing for user privacy, and will be a better user experience overall.

Is Apple using their position as gatekeepers of the App Store to force adoption of "Sign In with Apple"? Yes. Is this a bad thing? No. Does this affect you if you don't use an iOS device? No. Does this benefit people who have an iOS device? Yes.

Will we see other OAuth providers follow suit and start randomizing email addresses and user IDs returned to apps? I hope so! Ironically, Facebook first started doing this a few years ago when they launched app-scoped user IDs.

Anyway, if you're curious about what this will look like, I wrote a sample app that uses Sign In with Apple so you can see how it works. developer.okta.com/blog/2019…

That is all. Thanks for listening.

Now I would just love to have a quick guide for using Apple Sign In as an Okta generic oidc inbound provider. Is this possible already ?