Thursday, August 27, 2020

Apple to start requiring written consent for third party API usage in apps

Watch app for Tesla” is a popular app that lets users check useful information and send commands to a Tesla vehicle directly from an Apple Watch. However, the availability of this app may be threatened as Apple has been reinforcing its guidelines related to third party APIs, which may require the developer to remove their app from the App Store.

Kim Hansen is responsible for developing the Watch app for Tesla, which has been available on the App Store since May this year. Since then, the app has received five updates, all of which have been approved by Apple without any further difficulties.

Hansen was recently working on another update to the app, which was sent to Apple this week for review before being released on the App Store for users. However, the developer has now had a nasty surprise.

Apple contacted Hansen to say that the app could not be accepted due to the use of an unofficial third-party API. The company has argued that the only way to have an app with an unofficial third party API approved in the App Store is by having the written consent of the owner of that service, which in this case is Tesla.

If you are not familiar with the term, an API is an application programming interface used to pass data back and forth between software apps in a formalized way. As Apple describes on its official website, an API allows an app to connect with other apps and services:

All of your favorite apps that connect to the Internet are powered by APIs. For example, social media apps use APIs to let you view and publish posts from their mobile apps. When you refresh the feed, the app makes an API request to fetch all of the posts. When you “like” a post, the app makes an API request to post that data.

There are officially two categories of APIs: First-party APIs and third-party APIs. First-party APIs are those provided by Apple that provide access to native iOS features, which include Safari, Apple Maps, Apple Music, and more. Meanwhile, third-party APIs are those created by other developers, such as the Facebook API that allows apps to communicate with the social network.

There are also unofficial third-party APIs, which are often created by the developer community to provide integration with apps and services that don’t provide an official API. Since Tesla does not have an official API, the community has created multiple APIs to access Tesla’s system, which was never considered a problem by the company.

The Watch app for Tesla, as you might expect, relies on one of these unofficial third-party APIs, which caused the app to be rejected on the App Store. Since Tesla has never officially endorsed these APIs, Apple will no longer accept any apps using them. “That will eventually spell the end of all current 3rd party apps in the App Store, that even so much as reference the Tesla name,” said Hansen to 9to5Mac.

Although the rejection of the app has only occurred now, Apple’s decision is based on an old policy — which for some reason is sometimes ignored by the company. Section 5.2.2 of the App Store Review Guidelines emphasizes that apps are not allowed to use third-party services without prior authorization due to intellectual property issues.

5.2.2 Third-Party Sites/Services: If your app uses, accesses, monetizes access to, or displays content from a third-party service, ensure that you are specifically permitted to do so under the service’s terms of use. Authorization must be provided upon request.

Since Apple is now reinforcing its guidelines, the only way for Hansen to get the Watch app for Tesla approved in the App Store once again is if Tesla sets out community guidelines allowing developers to use third-party APIs to connect with their services.

The current version of the app is still available on the App Store for $5.99, but keep in mind that it might be removed from the App Store due to Apple’s guidelines.

FTC: We use income earning auto affiliate links. More.


Check out 9to5Mac on YouTube for more Apple news:



from Hacker News https://ift.tt/2D4lkSv

No comments:

Post a Comment

Note: Only a member of this blog may post a comment.