Users log in on their iPhone into our app.
After that we securely store the authentication information in the keychain. Our users don't have to sign in each and every time they use the app.
Now we are adding a Watch app. We would like to do some network requests on the Watch as well. Would be lovely if this would work when the user is logged in on their phone.
However, Keychain Sharing cannot be done between the iOS and the Watch device. This could be done in the beginning of WatchOS but no more since WatchOS 2. So this leaves us with a problem.
So: We could send over data using WCSession.
but:
How safe is that? Any ideas on how to make this safe?
Are there other ways safely transfer authentication tokens from the Phone to the Watch?
Related
I have an iPad and iPhone application,which runs on user session and requires login and session to be maintained throughout application life cycle. Now I want to create Apple watch app for same app. What are the best ways to do login and maintain session on Apple watch. User session expires if app is idle for more than 20 minutes.
Look at shared keychain access within the app group. You should be able to pass your auth token to WatchKit that way.
I am interested to know, can an app read my Apple ID?
Here is my issue: I have outsourced my app to a company. The app is a social networking app: you create a profile and insert few profile details: name, age, gender. However it does not relay on phone numbers like Whats App, email addresses or Facebook profiles.
The App is now live in the App store and I have my Ipad and Iphone registered on the same Apple Id. I have downloaded the app on my phone and created a profile. Now I have downloaded it on the iPad as well and I am seeing the same profile I created on my phone.
I've have tried other apps that use a similar logic, no phone numbers, emails or FB profiles (Whisper App being one of them) and I can create 2 different profiles one on the phone and the other on the iPad. So I am wondering if the problem surfaces because there is something in the code that makes the app read my Apple ID.
I would really appreciate your help
Apple doesn't provide an API allowing an application to read information about the user's Apple ID. This helps protect the identity of the user, I personally don't want any third-party app reading information about my Apple ID.
I am implementing the feature of automatically logging in the user in an iOS app. This is easy for a single app as we can persist the username with NSUserDefaults while the password using System Keychain.
Now, I want to do it across multiple apps. In my understanding, we'd need a unique device identifier for this, which we can pass to the server and then use it to activate auto login across multiple apps on the same device. Now since, Apple prohibits the use of UDID now, I am thinking of using the Vendor Identifier which would of course require me to set the Bundle IDs accordingly. Is this the best way possible? Or is there a better standard method that is more effective?
Also, Is it at all possible to have auto login between different devices? Like for e.g. If I login on one iOS device and then open the app in another, I should automatically sign in.
To implement login between multiple iOS apps you can use the same App ID prefix in them. It will work because they will share keychain data. Here you can find more details:
https://developer.apple.com/library/ios/technotes/tn2311/_index.html
And here the related question: Keychain group access to share data between my existing applications
And about automatic sign in between different devices. I used encrypted iCloud Key Value storage to store login & password between devices. And it worked but not too good. Problem is that first time you start app on new device it will take some time to sync data from iCloud to local storage. And this means that first time you trying to Sign In and may need to wait for some undefined time. In may case it was about 20 seconds. To long for Sign In in a good application :) And of course this require user to be logged in iCloud with the same Apple ID.
ASAIK there is no proper way to implement automatic Sign In from multiple devices. And Apple recommend just to ask for Sign In on every new device of user.
How can same APNS token be returned for two different applications installed using profiles created from two completely different apple enterprise accounts?
However the notifications are properly received by the respective applications! just curious to know how apple manages to map with correct device and the right application.
All apps on the same device get the same device token. Apple knows which app should receive the notification because the certificate you use to send the notification is unique for each app.
Seem like up to iOS 6, the token was the same for all apps on the same device, the way to difference them, it was the certificate.
From iOS 7+, the token is unique for each app and device. So every app on the same devices will get a different APNS token.
I am developing an Application where I want the user to log in with his/her Apple ID.
Is this possible? If so, how can I do this?
Apple introduced Sign In with Apple at their worldwide developer conference, WWDC 2019.
Here's how Apple describe it:
Sign In with Apple makes it easy for users to sign in to your apps and websites using their Apple ID. Instead of filling out forms, verifying email addresses, and choosing new passwords, they can use Sign In with Apple to set up an account and start using your app right away. All accounts are protected with two-factor authentication for superior security, and Apple will not track users’ activity in your app or website.
Sign In with Apple requires iOS 13 or later, iPadOS 13 or later, watchOS 6 or later, macOS Catalina 10.15 or later, and tvOS 13 or later.
Nope, there is an standard API for this. You could use a UIWebView to make a user log in to an existing login form somewhere on apple.com, and then check for the subsequent success or failure URL, but that would probably be both brittle and rejected by the App Store approval process.
It is not possible currently. Your best bet is to submit a feature request at https://bugreport.apple.com/
If you want to authenticate users without setting up your own registration system, you could adopt Facebook Connect. Lots of people already use Facebook obviously, and you don't have to maintain the signup/forgot password/security stuff at all.
If you don't like Facebook, Google also offers a similar system. (see https://developers.google.com/accounts/docs/MobileApps)
Apple will probably never allow you to log in with the user's Apple ID.
You might be able to allow your users to log into Game Center. The user's Game Center account is tied to the AppleID, so users can be identified by your app that way. But this is assuming that you were actually building a game.
Apple's Game Center documentation is here: https://developer.apple.com/library/ios/#documentation/LanguagesUtilities/Conceptual/iTunesConnect_Guide/15_GameCenter/GameCenter.html#//apple_ref/doc/uid/TP40011225-CH7-SW1
The App Store Review guidelines preclude using any information from Apple's services in your app, which is why it's dubious they would ever allow you to login with an Apple ID:
12. Scraping and aggregation
12.1
Applications that scrape any information from Apple sites (for example from apple.com, iTunes Store, App Store, iTunes Connect, Apple Developer Programs, etc) or create rankings using content from Apple sites and services will be rejected
If what you want to achieve is a seamless user experience between the user's different iOS devices without requiring the user to pick a username and password for your service you could maybe use iCloud. But of course it depends on what you are building. Apple provides some videos introducing the different iCloud APIs: https://developer.apple.com/icloud/documentation/