At WWDC 2019 earlier this month, Apple announced Sign in With Apple, a new privacy-focused login feature that allows macOS Catalina and iOS 13 users to sign into third-party apps and websites using their Apple ID. However, OpenID Foundation this week is questioning some of the decisions Apple made for Sign in With Apple.
The OpenID Foundation is a non-profit organization with members like PayPal, Microsoft, Google, and more. It controls numerous universal sign-in platforms using the OpenID Connect platform. OpenID Connect platform was developed by a large number of companies and industry experts within the OIDF. It is a modern, widely-adopted identity protocol built on OAuth 2.0 that enables third-party login to applications.
The current set of differences between Sign in With Apple and OpenID Connect reduces the places where users can use Sign in With Apple and exposes them to greater privacy and security risks. It also places an unnecessary burden on the developers of both OpenID Connect and Sign in With Apple. By closing the current gaps, Apple would be interoperable with widely available OpenID Connect Relying Party software.
In order to resolve these issues, OpenID Foundation is calling on the giant company to close the gaps between both Sign in With Apple and OpenID Connect, publicly state that Sign in With Apple is interoperable with OpenID Connect, and join the OpenID Foundation. This has been recorded in a document managed by the OIDF certification team.
Shortly after unveiling Sign in With Apple, the tech giant also told developers that is an application allows users to log in using their Google or Facebook logins, then it must also provide an alternative Sign in With Apple option. The company also got offended when it emerged that its updated Human Interface Guidelines asked app developers to place its authentication feature above other rival third-party sign-in options wherever they appeared.