I’m trying to understand if I must always allow Apple ID logins with a native iOS app when using Auth0 as the auth provider.
The Apple App Store review guidelines say that whenever you provide “third-party” authentication in your app, you must allow Apple ID logins as an option.
However, it isn’t very clear on what it means by “third-party”.
Here is the relevant section from the guide:
Apps that use a third-party or social login service (such as Facebook Login, Google Sign-In, Sign in with Twitter, Sign In with LinkedIn, Login with Amazon, or WeChat Login) to set up or authenticate the user’s primary account with the app must also offer Sign in with Apple as an equivalent option.
It then says that
Sign in with Apple is not required if:
- Your app exclusively uses your company’s own account setup and sign-in systems.
What I’m trying to understand is whether Auth0 counts as a “third-party” service or if Auth0 counts as “your company’s own account setup and sign-in systems” and adding social connections for things like Facebook Login and Google Sign-In would count as the third-party service.
If you interpret this as meaning that Auth0 is a third-party auth service then you must always enable Apple ID logins whenever you use Auth0 in a native iOS app, but if you interpret this as meaning that only social logins like Facebook and Google logins are third-party then I guess you’re fine to use only Auth0 username/password logins in native iOS apps.
Could someone please clarify what the situation is here?
Thanks,
Sam