Please don't offer passkey login on appstoreconnect.apple.com

Lextar
Lextar
Community Member
in 1Password in the Browser

Hello,

every time I go to appstoreconnect.apple.com to log in to my Apple developer account, 1Password offers me to log in using a passkey.

But, Apple's websites do not support saving passkeys in third party managers.

This is described on your own website https://passkeys.directory/details/apple/:

"You are not yet able to save passkeys for Apple ID accounts in third-party credential managers and can only be stored in iCloud Passwords at this time."

Please don't offer passkey login using 1Password at https://appstoreconnect.apple.com! It's really annoying to get this every day.

Thanks,

Alexander

1Password Version: 8.10.30
Extension Version: 2.22.1
OS Version: macOS 14.4.1
Browser: Safari

Comments

  • Dave_1P
    Dave_1P

    Hello @Lextar! 👋

    Thank you for reaching out, I'm sorry that 1Password's prompt is getting in the way. It seems that the App Store Connect website is sending a WebAuthn request that 1Password is seeing and responding to. If 1Password is unlocked then it's able to immediately tell that you don't have any passkeys saved for the website in question and avoid showing the prompt, the prompt only appears when 1Password is locked and so needs to be unlocked to see if there is or isn't a saved passkey.

    I can see how the prompt doesn't really serve a purpose here since passkeys for Apple accounts can't be saved in third-party managers and I've filed an issue with the team to see if they can suppress it on the website in question.

    For now, you can dismiss the prompt when it appears or you can unlock 1Password before accessing the page to avoid seeing the prompt. 🙂

    -Dave

    ref: dev/core/core#29742

  • Lextar
    Lextar
    Community Member

    Thanks for letting me know about the technical details that result in that "Sign in with a passkey" prompt.

    I can confirm that it doesn't show up when 1Password is already unlocked.

    It would still be a good idea to not show this for apple.com domains, since it's known that Apple uses their own passkey system that uses passkeys that cannot be stored in 1Password.

    Thanks for letting the team know about this issue.

  • Dave_1P
    Dave_1P

    Thanks again for reporting the issue. 🙂

    -Dave