Question

5
Replies
49
Views
Close popover
Kalyani Kallem (KalyaniK9826)
Commonwealth Bank

Commonwealth Bank
AU
View Profile Send Message
KalyaniK9826 Member since 2017 3 posts
Commonwealth Bank
Posted: November 10, 2019
Last activity: December 2, 2019
Closed

Changes to Apple SDK support

Apple has new guidelines for logging into applications - https://developer.apple.com/news/?id=09122019b

- All iOS apps will have to be built with the newest version of iOS SDK by April 2020. For this we should use Pega infinity mobile client, which offers OpenID Connect (OAuth Authorization Grant).

- Currently we are using OAuth ROPC grant for mobile app, which is not supported by Infinity mobile client.

We may not upgrade to Pega 8 anytime soon. Any ideas on how to handle this? Please let me know if any other details needed.

Mobile
Close popover
Moderation Team has archived post,
Close popover This thread is closed to future replies. Content and links will no longer be updated. If you have the same/similar Question, please write a new Question.
Posted: 1 year ago
Close popover
Mateusz Pedzierski (Mateusz Pedzierski)
PEGA
Senior Product Manager
Pegasystems Inc.
PL
View Profile Send Message

Upgrade to Pega Infinity is the right step. By doing that you'll not only satisfy latest Apple requirements but also benefit from performance improvements and get access to latest features. 

Posted: 1 year ago
Close popover
Siddartha Mukunnan (SiddarthaM5997)
Commonwealth Bank

Commonwealth Bank
AU
View Profile Send Message

Hi Mateusz,


   I understand that this might be the best long term approach. What are the impacts of not upgrading? As I read the link in the question - the changes are not mandatory if users require company specific logins. 


    "Sign in with Apple is not required if:


  • Your app exclusively uses your company’s own account setup and sign-in systems."

   What would the impact of not upgrading our builds to 8.3 mean - Our apps would stop working? Or we wouldn't be able to upload new versions of it going forward? 


Regards


Sid

Posted: 1 year ago
Close popover
James Hall (HALLJ)
PEGA
Lead Product Architect
Pegasystems Inc.
US
View Profile Send Message

Honestly, ROPC grant is the wrong authentication for an end-user client application.  OIDC with authorization code grant is the recommended best practice by NIST and other organizations for securing client applications in the wild.  Apple guidelines are targeting apps distributed through the App Store and who are not exclusively using their own organization-managed authentication.  If you fall into this category, you must move to Pega Infinity Mobile Client by April 2020, or Pega will not be able to support your app in the Apple App Store.


- James

Posted: 1 year ago
Close popover
Kalyani Kallem (KalyaniK9826)
Commonwealth Bank

Commonwealth Bank
AU
View Profile Send Message

Hi HallJ,


Thanks for your response. 


We are using our own organisation-managed authentication.  Does that mean Apple sdk support changes will not impact us even if we do not move to Pega Infinity Mobile Client? 

Posted: 1 year ago
Close popover
Mateusz Pedzierski (Mateusz Pedzierski)
PEGA
Senior Product Manager
Pegasystems Inc.
PL
View Profile Send Message

While you don't need to worry about the Apple ID login requirement you still need to upgrade to Pega Infinity. Otherwise you'll not be able to publish any update to your app store application after March 2020. 
Share this page Share via LinkedIn Copying...
Copied!