4 Feb, 2023

Sign-in with Big Tech

I've been looking into adding more sign-in providers to FrontierNav. Previously FrontierNav supported Facebook, Twitter and a few others. As policies changed, only Google, GitHub and Email now remain. Most visitors use Google. I'm sure it's the most convenient of any other sign-in provider. Google logins are used for Chrome, Gmail, and YouTube afterall.

I felt this situation was a bit unfair for anyone not using Google. There are a large number of people who use their default browsers: Edge and Safari. Both browsers are well integrated into their operating systems. Why not support them too?

Under the hood, FrontierNav uses Firebase Authentication. "Sign-in with Google" is already setup and adding additional providers is straight forward. It's a matter of creating a developer account, copying some API keys, pasting them in, adding a button, and it's done. Or so I thought.

Sign-in with Microsoft

Microsoft took me through a rollercoaster of registration forms, payment details, verification. It requires an Azure account, after creating one with all of my usual details, it rejected me for their "free-tier" with no specific reason. I didn't even want the free-tier, I was just going to use their auth service which has no pricing tiers. It then took me to another registration flow, asked for the same details, for a normal tier I assume, which also rejected me. Dead end. What now? I tried logging in anyway and... it worked. What was that all about? Azure's jankiness feels very much like Windows so at least that's consistent.

It was smooth sailing after that. I created an app, setup authentication, copied some credentials, the usual. There were a lot of mentions of "Active Directory" which I assume were irrelevant implementation details for enterprise customers. The whole process felt a bit unloved and legacy; like Windows.

Sign-in with Apple

I made an Apple account around 10 years ago, used it while I had a Macbook, then stopped using it around 5 years ago. So I thought I'd use that to sign up for a developer account. Except I couldn't. I could sign-in and access some services, but it would eventually start asking me "security questions" to which I had no answer to and alternative methods which glitched out. I can't even access any interfaces to delete it. Maybe the account's too old and it missed a few migrations so it's not working right.

I'll just create a new account. Simple enough. Until I got to a paywall. £79 for a developer account. Alright, fine. Hang on... per year?! Just so I can give Apple visitors a convenience for a free service? And if I stopped paying, they probably won't be able to access their accounts. What? No. I guess Apple users can continue using email sign-in.

Conclusion

So, "Sign-in with Microsoft" is now available on FrontierNav. I'm not sure how popular it'll be but we'll see. I'd rather not go through this process again. I just wish Firebase supported WebAuthn out of the box. Then I could avoid all this mess around development accounts.

Thanks for reading.