App rejected due to Facebook login

Dude I had the same exact thing. App has been approved every month for a year and then this.

It makes no sense. Maybe it's some sort of automation error.

My app doesn't require users to sign up, so therefore it doesn't break this rule.

It's been two days and they still haven't responded to my resolution center.

I'm ready to punch someone in the face. (just kidding) but daaannng. So frustrating when you work so hard on something and then they reject you for a rule you're not breaking.

Please keep us updated on what happens to you.

My app was rejected by the same issue. My app need to log in using facebook account, and no other option.

If you have any solution, please let me know.

If you use Facebook for authentication, your app actually has to do something with Facebook, like post a high score or a photo or something.

Only App Review can tell you for sure, but I think it comes down to this more than the Facebook account functionality:

"Apps that require users to share personal information, such as email address and date of birth, in order to function will be rejected."

Adding features will not help with that. The App Review team may start enforcing restrictions that were not previously there or not previously enforced at any time.

Unfortunately, unless they respond to an appeal, you may have a problem submitting further updates.

Ok you guys,

They gave me a more detailed response. Basically if you ask for information you have to use it for some functionality.

My app does use the information for core functionality but apparently is wasn't clear enough for them to see how it relates.

So my advice would be that you only ask for information that you use and that you give an explanation in the review notes of how you are using the information.

Kevin

Thank you for sharing the clarification.

I would also ecommend presenting an explanation on how the information will be used inside the app when you request it as well.

You're welcome.

It is interesting that this rule has been around since the beginning of the app guidelines and now they are enforcing it like this.

I think that the rule originally had a different intention which was to prevent apps from becoming like those landing pages that force you to give up or email or birthday before anything works. For example the "put email here" in order to get a free video. Or "put birthday here" to take a survey.

However, now they are using the same law with the same wording in this new way where apps can't ask people for information during a voluntary sign up. If an app forced signup to work that'd be one thing ...but it seems that even apps that do offer functionality without sign up are being included in this.

If they do want to enforce it like that they need to rewrite rule and alert everyone of the change instead of just surprising people with it. If they want people to take the app store seriously there needs to be some mutual respect for our businesses. Otherwise, it will continue to make open platforms like the web more appealing for innovation.

Kevin

Same problem with our app.

What App store review staff is unable to explain is the difference between asking a user email via facebook login and asking a user email during a registration process. In both case, The app will ask for the user email...

What seems crasy is their use of the 12.2 'law' to discriminate apps that use Facebook login(or Google+ ?) as only authentication method.

Like Kevin said, a rewrite of the rules seems needed.

if implementing our own authentication system impossible, we clealy are an impasse.

Apple appears to be have made an arbitrary rule change.

1. They are confusing identity with authentication. While it is possible that low security apps can use identity as authentication. Most uses of "Login with facebook" is for identity & registration.

Yet Apple uses the word "Authentication", this is wrong.

2. There are other apps, for e.g., Uber & Lyft that allow registration with Facebook and do not do much else with Facebook

3. The word "significant" in Apple's language is disturbing and ambiguous.

One way to get around this is to use "login anonymously" with Facebook. And request an email later.

Or better yet offer both (anonymously and non-anonymously).

In summary, this is not good. Facebook should step in to straighten things out. Apple cannot be judge, jury and executioner regarding Facebook matters.

PS: If Apple were to offer an OAuth ID things would be simple. I wonder if they are modifying their Apple ID to be OAuth and are taking preemptive steps to kill the use of "Login with Facebook". Any such move would violate Anti-Trust laws.

I hope some over zealous Product manager at Apple is not putting Apple into a legal problem unnecessarily

"One way to get around this is to use "login anonymously" with Facebook. And request an email later"

That's the only cheap solution we found too in order to get around the issue.

We will implement it and resubmit... We cross the fingers...

You are absolutely right, Facebook should step in to straighten things out and speak about the rejection risk in their documentation.

I don't think this is accurate. I am facing this same issue and users are able to share stats and whatnot to facebook, twitter, etc and that is not considered sufficient.

Hi Kev,

Can I ask what 'core functionality' you have that made this sufficient in their eyes? I am facing the same issue and have failed an attempt to appeal as well.

Users are able to do plenty of other things without signing in, but if they want to create a 'portfolio' in my app they need to login through facebook, google, or twitter (I'm using Azure Mobile Services built in OAuth login). I use some of their social info for their 'portfolio', but it's mostly a way of authenticating users (which seems like the standard based on the number of apps that use it and the fact that it's built into azure). They are also able to share their stats to facebook, twitter, etc.

I'm pretty baffled so any suggestions help. Thanks.

Hi whatsyetanothername , how use "login anonymously" of Facebook for my app ? I don't understand. Thank you very much for your reply.

This is absolutely ridiculus I just had this happen to me. My app uses facebook twitter and linkedin optionally to sign in, they dont have to use it there is also a local authentication system. Single sign on is almost a demand in any app these days by users. The app then syncs profile imformation so users dont have to type it in. who wants to fill that out a million times!? The app also allows people to share there videos to there facebook. As far as I have seen these are the main reasons to integrate a social media sdk in any app!!! To top it off my app uses the graph api on facebook and others to track analytics. Yet this is not sufficient reason to use facebook twitter authentication!? Lately my apps have been rejected for ridiculus things every time Im not sure whats changed but until now I have had 0 rejections and been submitting apps for over 3 years. I am not impressed Apple. btw last time it was rejected for not providing a demo account when there was a registration area that accepted 3 fields. Ive had 4 other apps and apple just registered accounts. Things are really going down hill in apple review land.

After 2 versions of the app approved, now the 3rd got rejected for this stupid reason without no explanations.

Wha are we suppose to do now? Put more thousnads of dollars to change the whole app flow?

I swear this comnig WWDC 2016 i'm going to be there and raise a big sign exactly when Mr. Cook will get on the stage.

The sign will say: "Apple disrespect its developers" and i'm going to attache detailed flyers.

This ******** must be stopped.