At Apple’s Worldwide Developer Conference in 2019, it introduced a new single sign-on (SSO) solution called Sign inwith Apple. Similar to the ever-present Sign in with Facebook and Sign in with Google options, Apple’s solution is meant to allow you to sign up for apps and sign in with a single ID instead of creating new ones for every app and service in the world.
But it differs from those options in several important ways. Here’s what you need to know about the Sign in with Apple SSO option.
Focused on privacy
The main difference between Sign in with Apple and the Facebook, Google, or Twitter sign-in options you are probably used to seeing is that Apple’s solution is focused on privacy. There’s no tracking going on, and all efforts are made to minimize the amount of information about you that the app or service has access to.
When you sign up using Sign in with Apple, you’re given the option to change the name you provide and to give the developer either your real email address (the one associated with your Apple ID) or a fake one.
Your name and email (real or fake, your choice) is the only info that the developer gets from you, and Apple doesn’t collect any data about your interaction with the app.
Free anonymous email forwarding
If you choose to hide your real email from the app, Apple will generate a new email address consisting of a string of random letters and numbers and @privaterelay.appleid.com. That address is the only thing the app or service gets, and Apple will forward along any mail sent to that address to your real one.
If the developer starts spamming you or sells your email to marketers, you can go to Apple ID settings and stop that address from forwarding mail to you.
Requires two-factor authentication
In order to take advantage of Sign in with Apple, you have to have an Apple ID with two-factor authentication enabled. That’s the default for people who set up a new iPhone or iPad these days, so for most it shouldn’t be an issue.
You’ll also need iOS 13 or later installed on your iPhone or iPad, macOS Catalina 10.15 or later on a Mac, or tvOS 13 or later on Apple TV.
Not just for Apple devices
Sign in with Apple is not just for use on Apple devices. You can use it on the web or potentially even Android devices. When you choose Sign in with Apple on those platforms, you’ll be taken to a secure Apple-hosted site to enter your Apple ID and password. You’ll then receive a two-factor authentication prompt on your iPhone, iPad, or Mac.
You’ll have the option to skip the two-factor authentication step for up to 30 days when logging in on the same device.
Of course, it’s a lot simpler on an Apple device: you authenticate using Touch ID or Face ID, and and you’re in.
Primarily meant for new accounts
For the most part, you’re meant to select “Sign up with Apple” the first time you sign in to a new app or service. You might be able to use with apps and services you already have by associating your Apple ID with it (here are Adobe’s instructions, for example), but that sort of defeats the whole purpose.
Yes, it is convenient to simply authenticate with Touch ID or Face ID on your iPhone or iPad, but the real point of Sign in with Apple is to keep apps from having any more information about you than they need and to use a service from a provider (Apple) that won’t collect any information about your app use.
Sign in with Apple will soon going to be an option in nearly every app you use—at least, you’ll see it in every app that has other single sign-on options.
Apple has made it a requirement for an app to be published in the App Store to provide Sign in with Apple as an option if the app offers any other third-party SSO solutions (like sign-in with Facebook, Google, or Twitter). That means you’ve got to have Sign in with Apple if you have Sign in with Facebook, unless you’re actually signing into a Facebook app. The deadline for that change was April 30, 2020, but it has been moved back to June 30 in light of the COVID-19 pandemic.
Of course you don’t have to use Sign in with Apple. You’re free to use whichever single sign-on option you want, or none at all. But if you want the benefits of enhanced privacy and no personal data tracking, it may be your best option.