What if the business requirement is to make sure that the iOS device using your application should be an authorized device, how should the authentication be done?
Let's say the business have 1000 users and they are afraid that a user will download the app on another device other than on the one assigned to them.
I asked this because device id cannot be obtained anymore in iOS and no answers from the existing posts tackle this issue.
Has there been any new approach to this issue? Thanks
EDIT: app does not and will not support ads
Related
Currently, our client's app is in the AppStore, but they want to distribute it to schools and universities. Also, they want the student when opens app first time would be already logged in.
There are tons of info on the internet but it's hard for me to compile it into something clear. As far as I understood first they should enroll in Apple School Manager and rise their own Mobile Device Management. Then devices should be registered on that server. After that server will be sending those commands link. Is that correct?
Also what concerns silent login. The only way to implement it that comes into my mind is to at the app launch send request with some specific data(but what?) and if this is the device under Apple School Manager then return token.
P.S. I hope this is the correct place to ask this kind of question.
I recently updated an app for a client and it's now ready for submission to the App Store. But after a talk with my client they told me that the previous version (not developed or submitted by me) had a kind of "password protection" on the App Store. They explained it as anyone could find the app on App Store but when you click "download" the user would need to enter a password (not the Apple ID password, more of a predefined password specifically for this app) to continue the download process.
I am used to submitting apps to the App Store, both paid and free, but I have never done this and don't honestly know how. My closest guess is that we need to upgrade the plan to an enterprise account, but from my understanding (and please correct me if I'm wrong) this will remove the app from the App Store search and only allow download from a link or file?
What way would you guys recommend?
Thanks in advance!
There's no recommendation.
What you think and whatever is running in your mind is completely correct. There's no way to set custom download passwords. The only way to download using appstore is to use the apple id.
Point your client to the apple guidelines and documentation's. Hopefully they should understand.
Very nice concern from security point of view but unfortunately Apple has not provided any such feature yet...
An alternate solution to your query:
You can't block user from downloading your app but you can block user from using you app with the help of AppLock feature (One time password authentication - when user uses your app for first time).
Set a Passcode/Pattern protected lock screen as a first/main screen of your application (immediately after Splash Scree) and only users can unlock your app, to whom you've shared passcode. (Note: Integrate passcode verification using web service/server, so you can reset passcode any time from server)
I hope this may be helpful to you...
Update
Here is more option, if you want to allow/restrict your app usage for specific region/country (listed on Store).
Distribute iOS app for specific region/territory
I am interested to know, can an app read my Apple ID?
Here is my issue: I have outsourced my app to a company. The app is a social networking app: you create a profile and insert few profile details: name, age, gender. However it does not relay on phone numbers like Whats App, email addresses or Facebook profiles.
The App is now live in the App store and I have my Ipad and Iphone registered on the same Apple Id. I have downloaded the app on my phone and created a profile. Now I have downloaded it on the iPad as well and I am seeing the same profile I created on my phone.
I've have tried other apps that use a similar logic, no phone numbers, emails or FB profiles (Whisper App being one of them) and I can create 2 different profiles one on the phone and the other on the iPad. So I am wondering if the problem surfaces because there is something in the code that makes the app read my Apple ID.
I would really appreciate your help
Apple doesn't provide an API allowing an application to read information about the user's Apple ID. This helps protect the identity of the user, I personally don't want any third-party app reading information about my Apple ID.
I'm using QuickBlox for Apple Push Notification Services, while debugging some problems I had a look at their QuickBlox panel:Messages->Devices and I notice there are multiple devices for some users with different UDIDs. These users have only used one device and none of the device UDIDs seem to tie in with the actual iPhone UDIDs as seen on iTunes.
Does anyone know where these UDIDs come from, what they signify and why there are more than one per user?
Apps are not allowed to access the device UDID.
The API for accessing a unique identifier for each device will return a new random ID if you uninstall then reinstall the app.
This is specifically designed to make it impossible for an app to track users of the app.
You must ask the user to type in their email or something, if you want to tell one user from another.
I am developing an Application where I want the user to log in with his/her Apple ID.
Is this possible? If so, how can I do this?
Apple introduced Sign In with Apple at their worldwide developer conference, WWDC 2019.
Here's how Apple describe it:
Sign In with Apple makes it easy for users to sign in to your apps and websites using their Apple ID. Instead of filling out forms, verifying email addresses, and choosing new passwords, they can use Sign In with Apple to set up an account and start using your app right away. All accounts are protected with two-factor authentication for superior security, and Apple will not track users’ activity in your app or website.
Sign In with Apple requires iOS 13 or later, iPadOS 13 or later, watchOS 6 or later, macOS Catalina 10.15 or later, and tvOS 13 or later.
Nope, there is an standard API for this. You could use a UIWebView to make a user log in to an existing login form somewhere on apple.com, and then check for the subsequent success or failure URL, but that would probably be both brittle and rejected by the App Store approval process.
It is not possible currently. Your best bet is to submit a feature request at https://bugreport.apple.com/
If you want to authenticate users without setting up your own registration system, you could adopt Facebook Connect. Lots of people already use Facebook obviously, and you don't have to maintain the signup/forgot password/security stuff at all.
If you don't like Facebook, Google also offers a similar system. (see https://developers.google.com/accounts/docs/MobileApps)
Apple will probably never allow you to log in with the user's Apple ID.
You might be able to allow your users to log into Game Center. The user's Game Center account is tied to the AppleID, so users can be identified by your app that way. But this is assuming that you were actually building a game.
Apple's Game Center documentation is here: https://developer.apple.com/library/ios/#documentation/LanguagesUtilities/Conceptual/iTunesConnect_Guide/15_GameCenter/GameCenter.html#//apple_ref/doc/uid/TP40011225-CH7-SW1
The App Store Review guidelines preclude using any information from Apple's services in your app, which is why it's dubious they would ever allow you to login with an Apple ID:
12. Scraping and aggregation
12.1
Applications that scrape any information from Apple sites (for example from apple.com, iTunes Store, App Store, iTunes Connect, Apple Developer Programs, etc) or create rankings using content from Apple sites and services will be rejected
If what you want to achieve is a seamless user experience between the user's different iOS devices without requiring the user to pick a username and password for your service you could maybe use iCloud. But of course it depends on what you are building. Apple provides some videos introducing the different iCloud APIs: https://developer.apple.com/icloud/documentation/