Keychain Extensions

We’re a few months after iOS 8 launched and changed the way we work on our iPads and iPhones. Custom keyboards like Clips make it easier to use clipboard data while typing, today view widgets bring OmniFocus front and center and share sheets radically improved inter-app communication.

So what’s next? A share sheet in mail is quite high on my wish list, but that’s just improving on what we already have.

Better stability? Share extensions that can be opened from the Control Center?These are all great, but they aren’t the kind of features that are headliners during WWDC.

While trying out Evernote’s new Scannable today I was kinda annoyed that I needed to manually enter my password in the app although I’ve got Evernote installed on my iPhone. Shared Keychain Groups have been available since iOS 2 and allow apps by the same developer to share credentials. It’s the way Carousel knows your Dropbox account and Messenger knows your Facebook login on first launch. It’s weird Evernote and Scannable don’t do the same.

Then you also have the other login inconsistency: linking services. When I try to link TweetBot on my iPad to Pocket it asks me for my username and password. Do the same with Unread and the iPad quickly switches to Pocket, and switches back to Unread which is then authenticate. Wanna link ByWord to Dropbox? It’s a similar experience to Pocket except for an accept button somewhere in between.

When you’re linking apps to Twitter or Facebook you’re in luck: these services are build in and authenticating to these services shows a system alert similar to the one that gives you access to photos or calendars.Apple started this process with Twitter and gradually expanded theses system level accounts with Flickr, Facebook, Vimeo,..

But Apple can’t keep expanding that list themselves. For the same reason they allowed any app to expose themselves via the share sheet, they should allow any service provider to integrate into the system the same way Twitter and Facebook do now.

I hope iOS 9 introduces some kind of Keychain Extensions: allow a service to register its authentication method at an OS level. When an app wants to connect to that service it checks if there’s an extension available and if so, it triggers an alert. After clicking accept, the app is connected to the service. That way users have the same experience for any service.

The sharing sheet standardized the way we share data. The keychain extension could standardize the way we interauthentice different apps and services.