[Openid-specs-ab] FYI: Apple is going to require token revocation on account deletion
Naohiro Fujie
naohiro.fujie at eidentity.jp
Tue Jul 19 02:54:58 UTC 2022
It seems problematic for IDaaS vendors if users signup/signin to apps with
an IDaaS account linked with Apple ID, these apps can not unlink IDaaS
account and Apple ID because there are other apps using the same IDaaS
account with the same Apple ID.
I'm just encountering this situation and discussing with app developers
about the problem.
Does anyone have the same issue?
2022年6月30日(木) 9:05 nov matake via Openid-specs-ab <
openid-specs-ab at lists.openid.net>:
> now this guideline applies all developers.
> see what’s happening...
>
> On Jun 20, 2022, at 13:05, nov matake <nov at matake.jp> wrote:
>
> As a personal developer, I've asked Apple to change their guideline here.
> https://developer.apple.com/contact/app-store/
>
> I don't think they care about it though :p
>
> According to this news, you're starting to mandate Token Revocation on
> app's account deletion.
> https://developer.apple.com/news/?id=12m75xbj
>
> However, not all apps are storing access nor refresh tokens after sign-in
> process completed, and token revocation is impossible in such case.
> You should require token revocation only if the app is storing tokens.
>
>
> iPhoneから送信
>
> 2022/06/20 12:57、Nat Sakimura <nat at digitalideas.tokyo>のメール:
>
>
> Interesting. We should talk about this in the next AB/C call.
>
> Sent with a Spark <https://sparkmailapp.com/source?from=signature>
> 2022年6月19日 21:36 -0600、nov matake via Openid-specs-ab <
> openid-specs-ab at lists.openid.net>のメール:
>
> Hi,
>
> Apple starts requiring app developers to call their token revocation API
> on account deletion, if the app is using Sign-in with Apple.
> https://developer.apple.com/news/?id=12m75xbj
>
> Since not all apps are storing access nor refresh tokens after the sign-in
> process completed, it seems unavailable for them.
>
> Does anyone have communication channel with Apple to discuss this issue?
>
> thanks
>
> nov
> _______________________________________________
> Openid-specs-ab mailing list
> Openid-specs-ab at lists.openid.net
> https://lists.openid.net/mailman/listinfo/openid-specs-ab
>
>
> _______________________________________________
> Openid-specs-ab mailing list
> Openid-specs-ab at lists.openid.net
> https://lists.openid.net/mailman/listinfo/openid-specs-ab
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-specs-ab/attachments/20220719/0b67894e/attachment.html>
More information about the Openid-specs-ab
mailing list