Hello everyone, yesterday I saw the update to my APP rejected because when a new user registers through the “Sign-In With Apple” component, I would later ask for a password to be added.
Apple told me that this is not good and it does not respect the guidelines.
So I modified the current workflow by eliminating the password request thinking that the component was going to add the same password as the Apple ID in my PASSWORD field.
But I found out that’s not the case.
In practice, a new user is created in the database, but the password field is EMPTY, and does not have the usual [HIDDEN] inside.
In fact, after registering if I log in with Mail and password (Id Apple) he replies that it is not good because the password is wrong.
I need to save the user’s password because the user in the app can change it or to access some private settings the password is required.
In doing so, the component is useless for me, as it does not save an essential data.
Am I wrong something? Or is it normal that you do not save the PASSWORD in the database and leave the field blank?
Thanks.
I am attaching a screen where there is the white field for the user registered by “Sign-in with apple” and the second from normal registration.
When you are using an authentication identity provider, Apple in this case. It is the norm to not expose the password used. It’s actually one of the main security features of a sign in component like this. You may be able to use the same Sign In with Apple component to access the “hidden” data in your app as a security measure, and only let it advance if they successfully sign in, and show the logged in user data here.
But you will not be able to let a user update their Apple ID password from your app.
Ok thanks for the advice.
But it is very strange because they rejected the update of my APP to which I had not made any changes to the SIGN In component. While the first revision and other updates they never made a fuss about the “Sign-in with Apple” and the issue which I subsequently asked to create a new password.
It is very strange, do you think it was an Apple review mistake that they accepted the first few times? Or has something changed in the rules in this regard?
I would almost like to postpone the Build for review as it is without changes and tell him that if it was accepted before why shouldn’t it now?
