Apple has successfully implemented OpenID Connect with Sign in With Apple, according to the OpenID Foundation. Apple addressed some concerns the Foundation found with Sign in with Apple in June.
Sign in with Apple is designed to make it easy for users to sign in to their apps and websites using their Apple ID. Instead of filling out forms, verifying email addresses, and choosing new passwords, they can use Sign in with Apple to set up an account and start using your app right away. Apple says that all accounts are protected with two-factor authentication for superior security.
OpenID Connect 1.0 is a simple identity layer on top of the OAuth 2.0 protocol. It allows clients to verify the identity of the end user based on the authentication performed by an authorization server.
The OpenID Foundation is a non-profit international standardization organization of individuals and companies “committed to enabling, promoting and protecting OpenID technologies.”
In a letter to Apple Senior Vice President of Software Engineering Craig Federighi, OpenID Foundation’s Chairman Nat Sakimura applauded Federighi’s team’s efforts “in quickly addressing the critical security and compatibility gaps identified and successfully implementing them while Sign In with Apple is still in beta.” However, he noted that there are still some peculiarities identified in the open document.
“While these are not security issues, addressing them would make it even easier to use Sign In With Apple with existing OpenID Connect libraries,” says Sakimura. “For instance, providing a discovery document would make it easier for existing software to be configured to use Sign In with Apple. We encourage your team to continue working through the issues identified.”
