I have an app that is was submitted to TestFlight that was rejected for opening up Safari for getting authorization from Google or LinkedIn.
Apple wants me to load the Google or LinkedIn page with an in-app browser to comply with - 10.6 - Apple and our customers place a high value on simple, refined, creative, well thought through interfaces. They take more work but are worth it. Apple sets a high bar. If your user interface is complex or less than very good, it may be rejected - I'm thinking this is crazy The user experience is better bouncing to Safari as it: 1) clearly signals to the user that they are providing their credentials to Google or LinkedIn 2) Google and LinkedIn can pre-fill the username if they have previously used the browser at either site 3) If they Safari has their credentials, Safari can fill them in at Google / LinkedIn >From a security point of view, the in-app webview has 1) NO signal to the user they are providing their credentials to LinkedIn or Google. 2) Looks like a new browser instance to LinkedIn and Google rather than an already known device. I'm surprised Apple is taking this stance. Am I missing something? -- Dick -- You received this message because you are subscribed to the Google Groups "OAuth" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. For more options, visit https://groups.google.com/d/optout.
