SignIn with Apple
Apple is addressing issues about user privacy. Let me explain SignIn with Apple by actually integrating the secure, fast sign-in with Firebase and iOS in Swift.
You will be able to understand and develop Sign in with Apple with Firebase and login page for iOS mobile app by the end of this article.
Providers for Sign in
Nowadays we see many types of sign in options when you register for apps or websites. To name a few: Facebook, Google, Twitter, Github and more.
A boring, less intuitive sign up design and experience makes registering users feel tedious and stressed, and that could result in low conversion rates for apps. Preparing popular sign in providers as options can shorten the registration time and help to keep apps from losing potential users.
Sign in via providers is the solution to the problem because by greatly enhancing user experience, users can register services quickly and easily without any effort to input all required data. It is so convenient that you can skip filling up forms where personal information is manually collected to complete the sign in process.
However, the downside of it is that your private data is accessed by apps if you approve permissions that they request. All permissions are usually viewable and editable in a login modal that’s presented to you when you are in the provider login registration process. You should know that your personal data is sharable among apps via those login providers.
An app, for example, can request access to your birthday, location, or photos. However; unless you approve, your personal data is not shared. But the types of permission requested are maybe what you always should care about. Especially when the developer or company is unknown and less credible, you probably want to make your personal data private.
In some cases where birthday is a required item because of how it’s designed of course then, you should share the data to use their services, but in other cases they could request irrelevant access permissions for user tracking or analytics. For example, if there is a music streaming app integrated with Facebook login that requests you to access your birthday, why would it be necessary?
Well, because first of all it offers a smooth, seamless experience with only a few clicks and we are not usually concerned about what access permissions they are requesting.
Recently Apple started addressing issues about user privacy. The biggest impact that caused is famously the ad tracking that was enabled in the iOS 14.5, which means that users now can opt out of tracking in apps that monitor their behavior and share that data with third parties. Taking care of user privacy is being considered of utmost importance.
Here, SignIn with Apple is one of their solutions to user privacy. Maybe this could become your favorite choice as a sign up provider because it provides a secure, fast way to sign in into apps and websites.
According to their Apple Support Page it says:
Sign in with Apple is built from the ground up to respect your privacy and keep you in control of your personal information. It works natively on iOS, macOS, tvOS, and watchOS, and in any browser.
- At your first sign in, apps and websites can ask only for your name and email address to set up an account for you.
- You can use Hide My Email — Apple’s private email relay service — to create and share a unique, random email address that forwards to your personal email. This lets you receive useful messages from the app without sharing your personal email address. Learn more about how Hide My Email works.
- Sign in with Apple won’t track or profile you as you use your favorite apps and websites. Apple retains only the information that’s needed to make sure you can sign in and manage your account.
- Security is built in to Sign in with Apple with two-factor authentication. If you use an Apple device, you can sign in and re-authenticate with Face ID or Touch ID anytime.
So unlike other providers, as mentioned before, Sign in with Apple secures personal information. In terms of security aspect, SignIn With Apple is the most unique method among other providers.
We understand how Sign In With Apple works, now let’s jump into coding!
Development
You will use firebase and swift to make Sign in With Apple.
setup
In the firebase console, open the Authentication tab and enable Apple sign in method as shown below. There are some options, but you can ignore a service id as you are building iOS application.
After you successfully login, you can confirm that a new user is created with the Apple SignIn method in the firebase console.
Implementation
For a demo purpose I prepared a single view controller below.
First, you need to create a button that shows Sign in With Apple.
The AppleIDButton is ASAuthorizationAppleIDButton manually connected to a button inside an UIViewController in a storyboard. Next let’s implement the Apple Sign in Flow.
This feature is only available above iOS 13. Having said that, every function is required to add the available attribute above a function to control whether a declaration is available to use when building an app for a particular target platform.
In this case, @available(iOS 13, *) is required.
startSignInWithAppleFlow in the source code lets you start Apple’s sign-in flow, including your request the SHA256 hash of the nonce and the delegate class that will handle Apple’s response.
The nonce here is the value that associates a client session and an ID token.
After that you will send the SHA256 hash of the nonce with your sign-in request, which Apple will pass unchanged in the response.
Firebase then validates the response by hashing the original nonce and comparing it to the value passed by Apple.
Next, handle Apple’s response in your implementation of ASAuthorizationControllerDelegate.
If sign-in was successful, use the ID token from Apple’s response with the unhashed nonce to authenticate with Firebase.
Done! You are now able to sign in with Sign in with Apple provider. You can check if you are authorized or not simply by
if let uesr = Auth().auth.currentUser {
// users signed in
}Unlike other providers supported by Firebase Auth, Apple does not provide a photo URL.
Use this link to read all my posts on Medium and thousand of others, and your membership fee directly supports me and other writers you read. You’ll also get full access to every story on Medium.
