Is Apple ID always required when using Auth0 in a native iOS app?

I’m trying to understand if I must always allow Apple ID logins with a native iOS app when using Auth0 as the auth provider.

The Apple App Store review guidelines say that whenever you provide “third-party” authentication in your app, you must allow Apple ID logins as an option.

However, it isn’t very clear on what it means by “third-party”.

Here is the relevant section from the guide:

Apps that use a third-party or social login service (such as Facebook Login, Google Sign-In, Sign in with Twitter, Sign In with LinkedIn, Login with Amazon, or WeChat Login) to set up or authenticate the user’s primary account with the app must also offer Sign in with Apple as an equivalent option.

It then says that

Sign in with Apple is not required if:

  • Your app exclusively uses your company’s own account setup and sign-in systems.

What I’m trying to understand is whether Auth0 counts as a “third-party” service or if Auth0 counts as “your company’s own account setup and sign-in systems” and adding social connections for things like Facebook Login and Google Sign-In would count as the third-party service.

If you interpret this as meaning that Auth0 is a third-party auth service then you must always enable Apple ID logins whenever you use Auth0 in a native iOS app, but if you interpret this as meaning that only social logins like Facebook and Google logins are third-party then I guess you’re fine to use only Auth0 username/password logins in native iOS apps.

Could someone please clarify what the situation is here?


Hi @athleet-sam,

Welcome to the Auth0 Community!

This is an Apple policy, and they will ultimately determine how it is interpreted. This question is better answered by Apple, as they are the ones enforcing the result.

With that said: An Auth0 database connection (username/password) would be first-party to your app. I.e. you control the application and the user identities vs. a Google connection, where you don’t have control over the users and must request consent to log in.

Hope that helps!

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.