[Openid-specs-ab] FYI: Apple is going to require token revocation on account deletion
nov matake
nov at matake.jp
Thu Jun 30 00:05:14 UTC 2022
now this guideline applies all developers.
see what’s happening...
> On Jun 20, 2022, at 13:05, nov matake <nov at matake.jp> wrote:
>
> As a personal developer, I've asked Apple to change their guideline here.
> https://developer.apple.com/contact/app-store/ <https://developer.apple.com/contact/app-store/>
>
> I don't think they care about it though :p
>
>> According to this news, you're starting to mandate Token Revocation on app's account deletion.
>> https://developer.apple.com/news/?id=12m75xbj <https://developer.apple.com/news/?id=12m75xbj>
>> However, not all apps are storing access nor refresh tokens after sign-in process completed, and token revocation is impossible in such case.
>>
>> You should require token revocation only if the app is storing tokens.
>
> iPhoneから送信
>
>> 2022/06/20 12:57、Nat Sakimura <nat at digitalideas.tokyo>のメール:
>>
>>
>> Interesting. We should talk about this in the next AB/C call.
>>
>> Sent with a Spark <https://sparkmailapp.com/source?from=signature>
>> 2022年6月19日 21:36 -0600、nov matake via Openid-specs-ab <openid-specs-ab at lists.openid.net>のメール:
>>> Hi,
>>>
>>> Apple starts requiring app developers to call their token revocation API on account deletion, if the app is using Sign-in with Apple.
>>> https://developer.apple.com/news/?id=12m75xbj <https://developer.apple.com/news/?id=12m75xbj>
>>>
>>> Since not all apps are storing access nor refresh tokens after the sign-in process completed, it seems unavailable for them.
>>>
>>> Does anyone have communication channel with Apple to discuss this issue?
>>>
>>> thanks
>>>
>>> nov
>>> _______________________________________________
>>> Openid-specs-ab mailing list
>>> Openid-specs-ab at lists.openid.net
>>> https://lists.openid.net/mailman/listinfo/openid-specs-ab
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-specs-ab/attachments/20220630/054ea306/attachment.html>
More information about the Openid-specs-ab
mailing list