The Promise of the iOS 5 Accounts Framework

I recently signed up for Path, a mobile-only social network that is meant to be used for more intimate sharing than something like Facebook with an inherently smaller and more intimate social graph.  Path was initially only available on the iPhone but apparently now has an Android client as well.  Given its historical close ties to the iOS platform and lack of a web interface, I was curious to see what the account creation process would be.  It turns out, the account creation process is basically the same as for every other web service.  Enter an email address, select a password.

Given that the application has historically only been available on the iPhone and my iPhone certainly already knows who I am, I thought the process might be lower friction and more automatic.  I haven't done any iOS development but I thought that surely there must be some sort of single sign on capability offered by the iOS SDK.

I did some research and it turns out that as of iOS 5 there sort of is and sort of isn't.  With iOS 5, Apple has released the Accounts Framework which provides a centralized store of account information that applications can query to authenticate against web service providers.  But it currently seems only to support Twitter.  Which means, in practice, that if I wanted to create an application that supported sending tweets on behalf of the user I could tie it into the existing Twitter authentication stored on the device.  That's certainly a nice to have feature, but it's an awfully limited vision.

From looking at the Accounts Framework documentation it seems that it could also be used to store any arbitrary authentication information, such as OpenID or OAuth credentials for other services.  I don't know if anyone has actually implemented anything other than Twitter clients using it or whether it would actually work with third party accounts right now.

I'm really surprised that Apple hasn't gone the further step and decided to offer authentication in a more native way.  Every iPhone user and most iPad and iPod Touch users have an Apple Store account.  Why not expose this account, perhaps using an existing technology such as OpenID, to allow me to authenticate to third party sites?

As a developer I have no great need to own the login credentials of my site's users.  As long as I have their email address, I don't really care what password, software certificate, biometric, or smartcard methodology they are actually using to authenticate themselves.  It's one less thing to worry about when developing an application if I can leverage an existing authentication infrastructure.

As an end user, I'd love for unlocking my phone to also unlock my stored credentials and enable true web application single sign on from my mobile device.  I hope Apple sees the opportunity and includes this in iOS 6.