Introduction to 'Sign-in with Apple'

Transcript

1. - Ajay Kokcha

2. Agenda • Introduction: Single Sign On (SSO) - 5 min

   • Sign In With Apple - 15 min • Integration of Sign in with Apple in iOS App - 20 min • FAQs - 5 min • Q&A - 5 min

3. What is SSO ?

4. • Authentication is now required more than ever. SSO •

   Users who are already logged-in at domain X to be already logged-in at domain Y

5. How Single Sign-On works

6. User requests access The website redirects the user to the

   SSO website to log in. The user logs in with a single username and password.

7. Advantages of SSO • Manage less Passwords. • No need

   to re-enter password. • Less phishing. • Less hassle for Password Reset.

8. Disadvantages of SSO • It does not address certain levels

   of security each application sign-on may need. • If availability is lost, then users are locked out of the multiple systems connected to the SSO. • If an unauthorised user gains access, then he could gain access to more than one application.

9. The fast, easy way to sign in to apps and

   websites.

10. Why ‘Sign in with Apple’?

11. Respect for privacy

12. Security built in.

13. Works everywhere. • Sign in with Apple works natively on

    iOS, macOS, tvOS, and watchOS. • Works in any browser.

14. Antifraud • Sign in with Apple is designed to give

    web services confidence in new users

15. Non-repetitive Logins

16. Hide My Email

17. Hide My Email for Sign in with Apple

18. Share your email address or keep it private Choose Share

    My Email or Choose Hide My Email

19. If you choose Hide My Email <unique-alphanumeric-string>@privaterelay.appleid.com

20. Apple ID: [email protected] 
 [email protected]

21. Integration of Sign in with Apple in iOS App (iOS

    13 and Above)

22. • Xcode 11 • iOS 13 or later • iPadOS

    13 or later • macOS Catalina 10.15 or later • tvOS 13 or later • To test your website, you’ll need to group it with an app that is already enabled for Sign in with Apple and is available on the App Store. Requirements

23. Setup Xcode

24. Add the Sign In with Apple capability in your project

25. import AuthenticationServices

26. Add Apple LogIn Button

27. Handle Login Button Press

28. Handle ASAuthorizationController Delegate

29. Sign In Response • User ID Unique, stable, team-scoped user

    ID • Verification data Identity token, code • Account information Name, verified email • Real user indicator High confidence indicator that likely real user

30. Check Credential State

31. Existing Account Setup Flow

32. Configuring your Apple Developer Account

33. Configuring your Apple Developer Account

34. Register Domains and Emails for communication

35. Here is the complete flow of LogIn with Apple https://developerinsider.co/ios-13-how-to-integrate-sign-in-with-apple-in-your-application/

36. What to do if we need to support iOS 12

    and below (And if we need to support Web/Android)

37. Sign in with AppleJS • You must manually control the

    sign-in request • More information here: https://developer.apple.com/documentation/signinwithapplejs/ incorporating_sign_in_with_apple_into_other_platforms

38. https://appleid.apple.com/auth/authorize Parameters: • client_id * • redirect_uri * • response_type

    * • scope • response_mode • state • nonce https://appleid.apple.com/auth/authorize? client_id=[CLIENT_ID]&redirect_uri=[REDIRECT_URI]&response_type=[RESPONSE_ TYPE]&scope=[SCOPES]&response_mode=[RESPONSE_MODE]&state=[STATE]

39. • code • id_token • state • user(JSON) : {

    "name": { "firstName": string, "lastName": string }, "email": string } • error Handle Response Reference Lib for Android: https://github.com/willowtreeapps/ sign-in-with-apple-button-android

40. FAQs

41. 1)What information does the app developer receive when a user

    chooses Sign in with Apple?
 - User’s name associated with their Apple ID,
 - User’s verified email address

42. 2) Does Sign in with Apple work on my Apple

    Watch? Apple TV? Mac? 
 
 - Yes

43. 3) But what about Android? What about web apps? I

    use my apps everywhere! - Web view (Sign in with Apple login screen). - Sign in with Apple JS

44. 4) If I let Apple make up a random email

    address for me, does Apple now have the ability to read my email?
 
 
 - No

45. 5) How does Sign in with Apple offer two-factor authentication?

    - On Apple devices: Touch ID or Face ID - On other devices: Six-digit Code

46. 6) When does an app have to offer Sign in

    with Apple?
 
 
 - Whenever another third-party sign-in option is offered.

47. 7) Does the app have to put the Sign in

    with Apple button on top of the other options or else get rejected from the App Store?
 
 - Yes

48. References •https://developer.apple.com/sign-in-with-apple/ •https://developerinsider.co/ios-13-how-to-integrate-sign-in-with-apple-in-your-application/ •https://developer.apple.com/videos/play/wwdc2019/706/

49. Thanks Q & A