Skip to content
Back Home

The Internet Identity Layer

The Internet Identity Layer

  • Membership
  • OpenID Foundation
    • Membership Benefits & Join
    • About Us
    • Sponsoring Members
    • Leadership
    • Intellectual Property
    • Presentations & Videos
    • OpenID Foundation Policies
    • OpenID Foundation Calendar
    • Chapters
    • Contact
    • Member Sign-in
  • Intellectual Property
    • OpenID IPR Policy, Contribution Agreement and Process Document
    • Executed Contribution Agreements
    • Software Grant and Contribution License Agreement
    • OpenID Foundation Policies
    • OpenID® Copyright License
    • OpenID® Logo Guidelines
  • Current Working Groups
    • How do working groups work?
    • AB/Connect WG
    • eKYC & Identity Assurance WG
    • Enhanced Authentication Profile (EAP) WG
    • Fast Federation (FastFed) WG
    • FAPI WG
    • HEART (Health Relationship Trust) WG
    • International Government Assurance Profile (iGov) WG
    • MODRNA (Mobile Operator Discovery, Registration & autheNticAtion) WG
    • Research & Education (R&E) WG
    • Shared Signals WG – A Secure Webhooks Framework
  • Community Groups
    • Global Assured Identity Network (GAIN) Proof of Concept
  • OpenID® Certification
    • OpenID Certification Frequently Asked Questions (FAQ)
    • OpenID Certification Instructions
    • OpenID Certification Fee Schedule
    • OpenID Certified Mark
    • Featured Certified Implementations for Developers
    • Certification Conformance Testing Disclosure and Reporting Policy
    • Open Source Project Certification Policy
    • Third-Party Support Certification Policy & Available Consultants
  • Specs & Dev Info
    • Specifications
    • Libraries, Products, and Tools
    • Libraries for Obsolete Specifications
  • Resources
    • OpenID Connect FAQ and Q&As
    • Learn More About Open Banking & Financial-grade API (FAPI)
  • Workshops
    • OIDF Workshop for KSA Open Banking — Tuesday, February 28, 2023
    • OpenID Foundation Workshop at Visa — Monday, November 14, 2022
    • OIDF Sessions at 2022 Authenticate Conference & FIDO Member Plenary – October 2022
    • OIDF Workshop at EIC 2022 — Tuesday, May 10, 2022
    • OIDF Workshop at Google — Monday, April 25, 2022
    • OIDF Virtual Workshop — Thursday, December 9, 2021
    • OIDF Workshops for GSMA— Fall 2021
    • OIDF Sessions at the FIDO Member Plenary – Thursday, October 21, 2021
    • OIDF Workshop at EIC 2021 — Monday, September 13, 2021
    • OIDF FAPI Outreach Workshops for Open Banking Brazil – Spring 2021
    • OIDF FAPI Outreach Workshops in Australia in Partnership with the Data Standards Body – Spring 2021
    • OIDF Virtual Workshop — Thursday, April 29, 2021
    • OIDF Virtual Workshop – October 28, 2020
    • OIDF Virtual Workshop – May 21, 2020
    • OpenID Foundation and the UK Open Banking Implementation Entity Conformance and Certification Workshop — April 27, 2020
    • OIDF Workshop at Verizon Media – September 30, 2019
    • OIDF Workshop at 2019 European Identity Conference – May 14, 2019
    • OIDF Workshop at Verizon Media – April 29, 2019
    • OIDF Workshop at VMware – October 22, 2018
    • OIDF Workshop at EIC 2018 – May 15, 2018
    • OIDF Workshop at Oracle – April 2, 2018
    • Open Banking Workshop Hosted by OpenID Foundation and Open Identity Exchange – March 21, 2018
    • OIDF’s RISC Work Group Data Sharing Agreement Workshop – January 31, 2018
    • Open Banking Workshop Hosted by OpenID Foundation and Open Identity Exchange – January 30, 2018
    • OpenID Foundation & Open Banking Workshop: The Implications for the Banking Industry – November 6, 2017
    • OIDF Workshop at PayPal – October 16, 2017
Home » Certification Team » Thank You Too Apple

Thank You Too Apple

This entry was posted in Certification Team OpenID Connect and tagged Apple compliance hans zandbelt sign in with apple on October 22, 2019 by Mike Leszcz

As the technical lead of the OpenID Foundation Certification Team, I’d like to add a few comments to the open letter that OpenID Foundation Chairman, Nat Sakimura wrote to Apple (https://openid.net/2019/09/30/apple-successfully-implements-openid-connect-with-sign-in-with-apple/). Nat thanks Apple for their recent efforts to make “Sign In with Apple” compliant with the OpenID Connect standard. The OpenID Foundation has always been developer-focused. The widespread adoption of OpenID Connect is an example of a standards development process that incorporates input from engineers and architects worldwide and across industry use cases. It’s an organic and painstaking process that results in open standards with global adoption with a self certification option.

My take is from the viewpoint of developers: imagine a developer of a mobile app or a web application that requires users to sign in with their Apple account. As of last month there are literally dozens of implementations of OpenID Connect Relying Party functionality available that one can leverage today. Moreover, whether you want to leverage Sign in with Apple, Google Sign In, Microsoft Live, Microsoft Azure AD, Paypal or many others, you can do so with the very same Relying Party software implementation. There are still a few confused identity providers out there – I’m looking at you Facebook – but my guess is that in due time they will follow Apple’s example.

This means that developers do not have to write and maintain their own SSO integration to use Sign in with Apple. Today developers can leverage existing libraries and plugins that have been around for years and that are stable, mature and secure.Imagine that “Sign In with Apple” wasn’t OpenID Connect compliant. The same Relying Party software eco-system would have to be developed for Sign In with Apple, in parallel to the existing OpenID Connect Relying Party software eco-system. It would be a huge waste of time and resources since at the end of the day they solve exactly the same problem! Consider this: the development of programming language support, platform support, library support, bug fixing, security incident handling, protocol improvements, software packaging, software bundling, incorporation of new web developments, etc. Everything would have to be done twice. Valuable time and effort would be diluted by dividing them across two solutions for the same thing that exist in parallel.

Hence I want to thank Apple too, now on behalf of the developer community at large. We can spend time on more important problems like privacy, security and ease of use. We can optimize efforts to make identity software simpler and more secure by supporting OpenID Connect as the open, global SSO standard to build on in the future.
 

Hans Zandbelt – OpenID Foundation’s Certification Team Lead

 
 
About the Author

Hans Zandbelt is CTO at ZmartZone IAM. He holds an MSc. degree in Computer Science, Tele-Informatics and Open Systems from Twente University (1993). He has over 25 years of experience as a technical leader in research and innovation projects on digital identity. In 2007 he joined SURFnet as the founding father, architect and technical product manager of SURFfederatie, the national infrastructure for federated Single Sign-On for the research- and higher education community in the Netherlands. In 2011 he joined Ping Identity as an expert on Single Sign-On, cloud Identity & Access Management and large scale deployment of federation technology, representing the CTO Office in Europe. In 2017 he founded ZmartZone IAM to provide Identity & Access Management consultancy, to contribute to modern open IAM standards and to offer open source solutions implementing those. He is the technical team leader of the Certification Team within the OpenID Foundation.

Post navigation

  • ← Guest Blog: Implementing App-to-App Authorisation in OAuth2/OpenID Connect
  • Notice of Vote for Implementer’s Draft of OpenID Connect for Identity Assurance Specification →

News Archives

Categories

Recent Posts

  • Public Review Period for Proposed FAPI 2.0 Message Signing Implementer’s Draft
  • FAPI 2.0 Conformance Tests and Certifications Now Available
  • Registration is Now Open for the OpenID Foundation Workshop at Microsoft – Monday, April 17, 2023
  • Public Review Period for Proposed Second Implementer’s Draft of OpenID for Verifiable Presentations Specification
  • OpenID Foundation Joins the OpenWallet Foundation

Tags

adoption board election board elections Certification certification program CIBA connect developers Don Thibeau election events FAPI FastFed federation Final Specification Financial-grade API financial data exchange Foundation government HEART Identity Assurance iGov Implementer's Draft MODRNA Nat Sakimura oidf OIDF workshop open banking open banking implementation entity openid openid certification program OpenID Connect openid foundation Public Review RISC spec specification SSE summit usability user experience vote working groups working group updates workshop

Website Privacy Policy

· © 2023 OpenID · Powered by · Designed with the Customizr theme ·