[redbergy]

I know what you're saying but I'm okay with it. In this case Apple chose users over developers. iOS developers have to do a little more work (Apple has made it very easy from what I've seen of the framework) and have a little less freedom but users signing in to apps using 3rd party auth are guaranteed the privacy protections Apple is promising. They drew a line in the sand by making their solution mandatory but I think they had to to deliver what they're promising to users (which I think is great).

[stefano]

That privacy seems a bit overboard though. This is fine if a user can create his account directly inside the app. But it's not very clear how to support a workflow where you have an organization with multiple users authorized by an admin to use the app. How can the admin add a user to his organization, if he doesn't know in advance the user randomly generated email? I guess you could send an invitation code, and let the user enter that code after the apple sign in, to associate the account to the authorized user. This sounds more complex for the user than a workflow where the admin can directly authorize specific emails.

[MBCook]

Does this apply to enterprise apps distributed outside the normal App Store? I bet it doesn’t.

Also I think you’re given the choice of using your real email address instead if the anonymizes one. At least that was my understanding.

[saagarjha]

App Store guidelines have no bearing on enterprise apps.

[cavisne]

The randomly generated email is a user choice, they can also provide their real email. The randomly generated one would not work for things like slack sso etc.