Oh this is not a good response at all. I would re-submit with a note so that another reviewer takes a look at it. Plenty of apps pop out to the Facebook app to do OAuth against the native app, I don't see why this would be different. Unless the Linkedin authorization page looks terrible on mobile or something...
In related news, LinkedIn will apparently be restricting the amount of user data you can get back from their API. https://developer.linkedin.com/support/developer-program-transition --- Aaron Parecki http://aaronparecki.com On Fri, May 8, 2015 at 6:21 PM, Dick Hardt <[email protected]> wrote: > I have an app that is was submitted to TestFlight that was rejected for > opening up Safari for getting authorization from Google or LinkedIn. > > Apple wants me to load the Google or LinkedIn page with an in-app browser > to comply with > > > - 10.6 - Apple and our customers place a high value on simple, > refined, creative, well thought through interfaces. They take more work but > are worth it. Apple sets a high bar. If your user interface is complex or > less than very good, it may be rejected > - > > I'm thinking this is crazy > > The user experience is better bouncing to Safari as it: > > 1) clearly signals to the user that they are providing their credentials > to Google or LinkedIn > > 2) Google and LinkedIn can pre-fill the username if they have previously > used the browser at either site > > 3) If they Safari has their credentials, Safari can fill them in at Google > / LinkedIn > > From a security point of view, the in-app webview has > > 1) NO signal to the user they are providing their credentials to LinkedIn > or Google. > > 2) Looks like a new browser instance to LinkedIn and Google rather than an > already known device. > > I'm surprised Apple is taking this stance. Am I missing something? > > -- Dick > > -- > You received this message because you are subscribed to the Google Groups > "OAuth" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to [email protected]. > For more options, visit https://groups.google.com/d/optout. > -- You received this message because you are subscribed to the Google Groups "OAuth" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. For more options, visit https://groups.google.com/d/optout.
