Sign in with Apple a headache for developers?

Sign in with Apple a headache for developers?
(Image credit: Future)

Apple’s flagship Worldwide Developer Conference (WWDC) event always sparks weeks of anticipation and then dissection of each and every announcement. The gadgets get the biggest headlines and then after a while, some of the less-heralded (but probably more interesting) features start to gain attention. 

One of the most interesting from WWDC 2019 is Sign in with Apple. Sign in with Apple went live with the iOS 13 update in September and gives the 1.4 billion Apple product users a frictionless login and signup experience, and greater control of their data.

About the author

Matias Woloski is the CTO & Co-Founder of Auth0.

The new functionality gives users the ability to login to third-party apps and websites using their pre-existing Apple credentials, or ‘Apple ID’. Applications for native iOS for iPhones, iPadOS for iPads, and MacOS for iMacs and MacBooks, can leverage Face ID or Touch ID, eliminating the need for usernames and passwords all together. These login options are also protected by two-factor authentication, providing ample security measures to those who choose to sign in as such.

From a privacy perspective, Apple has stated that they will not track or profile users who adopt Sign in with Apple, limiting disclosed information to a name and email address. Furthermore, for those who do not wish to share their email with a chosen app, there is a ‘hide my email’ option, which prompts Apple to produce a unique email for each app.

Why is Apple doing this now?

GDPR has and continues to have a major influence over the way that businesses conduct themselves, especially those that operate within the tech sector. It has become both a legal and ethical necessity for companies that are privy to and/or store data to impose adequate measures surrounding the collation of user data and the degree of control they give users over their personal information.

Despite this responsibility to help users understand the information they are sharing, many users find themselves scrolling quickly through lengthy terms of services, giving away their data anyway.

As one of the world’s leading tech giants, Apple have detected both their responsibility and the need to support user-end choices online. Through Sign in with Apple, the tech giant is demonstrating its commitment to protecting the privacy and personal information of its customers.

More specifically, the ‘hide my email’ function means that Apple users can securely navigate third-party accounts with the assurance that their information is protected, as it withholds their email from the applications in use and those who develop them.

What does this mean for application builders?

There’s no escaping the fact that, on the surface, there are a few new complexities for developers to think about. We would be the first to know how busy and demanding life is for developers, so any new radical shake-up is always going to cause a few potential concerns.

According to the Apple App Store Guidelines, “Apps that exclusively use a third-party or social login service (such as Facebook Login, Google Sign-In, Sign in with Twitter, etc) to set up or authenticate the user’s primary account with the app must also offer Sign in with Apple as an equivalent option.” Apps must be compliant by April 2020, which means anyone who owns or builds an application must overcome a considerable number of hurdles in a short amount of time. If apps fail Apple’s compliance requirements, they risk losing the ability to monetise through the store altogether.

Adding any login option to your application requires ample time, resources, and planning. But what isn’t talked about enough is the maintenance required to offer that option in perpetuity. Social login providers modify their technology. App dev teams who have less financial leverage may run into challenges down the line, if they need to increase spending to accommodate the necessary changes. Not to mention, it takes attention away from differentiating yourself from the millions of apps available for download in the Apple App Store, including Apple Watch apps.

Whilst there’s certainly urgency around Sign in with Apple, there’s also opportunity. As of January 2019, there were 1.4 billion Apple devices and nearly 2 million apps, including both free iPhone apps and the best iPhone apps, that leverage social login. By adding support for Sign in with Apple, companies massively expand their addressable market, improve their end-user experience, and increase their conversion rates.

How to make Sign in with Apple work for you

Anyone who builds applications is familiar with the build vs. buy equation. Build a piece of software, and you have more control over the backend code and frontend experience. Buy a piece of software, and you relinquish that control in exchange for time and money to focus on other priorities.

There are legitimate reasons to buy tools that integrate Sign in with Apple. One is support for web and native flows. Apple’s ID offers a native experience for iOS apps for iPhone as well as iPad apps, and a web experience – similar to Google or Facebook – for browser-based apps. This is twice the build so customers can use Sign in with Apple across your ecosystem.

Second is that Apple only shares a limited set of data about the user. If you build for needs across the business, like Marketing, you’ll need to think about ways to augment or enrich consumer data for those stakeholders. Vendors like Auth0 who offer support for Sign in with Apple often also have features like progressive profiling, which allow you to collect first-party data from users over time as they engage with your app. The first time, you might ask for their name and email. The second you could ask for their company size and employees, and so on. Ultimately, you build up a greater picture of the user while providing them a secure, private, and frictionless experience.

Login technologies like Sign in with Apple that balance privacy, security, and user experience are the future. App dev teams aren’t always experts in this space, but with third-party tools, they don’t have to be. In Europe, one of our lead customers has seen 35% of new signups going with Sign in with Apple since the iOS 13 release in September, compared to about 22.5% with other login options: Google, Facebook, and email. Other builders can do this too and get back to developing the apps we use every day.


Matias Woloski is the CTO & Co-Founder of Auth0.

Matias Woloski

Matias Wolosik is the CTO & Co-Founder of Auth0.

HE enjoys the process of crafting products and building teams. Before Auth0, he has co-founded a boutique high-end software consulting company.