Sign In with Apple

From IndieWeb


Sign In with Apple is an authorization API similar to social silo login buttons that allows a user to sign in using their Apple device. Personal websites could allow this as a more secure sign in when IndieAuth is not available but social silos are not preferred.

In order to implement this on a personal website, the website owner does have to enroll with an Apple Developer account. It is currently not defined whether a free Apple Developer account can be used or if it has to be a paid Apple Developer account. This will be updated with clarification once that is determined.

IndieWeb Examples

  • No IndieWeb examples currently.

Brainstorming

Alternative to IndieAuth

  • Eddie Hinkle is investigating using sign in with Apple on his website as an alternative for friends and family that don't have IndieAuth.

handler for rel me to email

Tantek Γ‡elik: thinking out loud: since we (e.g. signing into the wiki) used to support rel=me links to email addresses using Persona, and Apple sign-in depends on email addresses, couldn't we also use Sign in with Apple to support email rel=me links as part of a RelMeAuth solution? Maybe have IndieLogin support it? Worth filing an issue on that for this idea?

Notes

  • You need SPF records configured on the domain you want to use Sign In with Apple on.
  • Their token endpoint requires including a User-Agent header, otherwise you get an HTML error page back
  • Their authorization endpoint is not documented, but it is https://appleid.apple.com/auth/authorize
  • The client_id value is the Services ID that you create during setup

See Also