Tyrone wrote:
On Jan 12, 2026 at 1:37:00 PM EST, "Maria Sophia"
<mariasophia@comprehension.com> wrote:
Tyrone wrote:
Once again, you have no idea what you are talking about.
Hi Tyrone,
The question in this thread is technical and it's about WHY (not how).
But you are technically wrong. iOS does NOT require you to login multiple >> times. Some app(s) that you have are doing that, for unknown reasons. One of >> the links that YOU provided says so.
And that was just ONE link of many that had nothing to do with tokens AND 2 >> dead links.
So AGAIN, you have not proved your claim that "Why does iOS require you to >> login". iOS is NOT requiring this. It is YOUR apps AND you still have no
proved that this is even happening.
Shall I post a screen shot from 2022 to prove that I am not required to enter
my password?
If people can't understand how it works, they'll never be able to
contribute meaningfully to help answer why only iOS works this way.
Which explains YOUR posts in this thread. You DON'T understand how it works >> and thus your contributions ARE bullshit.
I've explained how iOS works with respect to token expiry & renewal.
You need to comprehend how it works before you can help answer why.
You have "explained" what you believe is happening, with links that say no >> such thing.
YOU are stating "how you think it works". A link YOU provided describes how >> it actually works.
Since you claim the explanation given is "bullshit", if you think iOS works >>> differently than described, then you should state how you think it works. >>
Hi Tyrone,
You keep asserting that "iOS does NOT require you to login multiple
times" and that it "is YOUR apps" doing this, but you have not actually described a technical model of what you think is happening inside iOS.
On Jan 12, 2026 at 4:02:55rC>PM EST, "Maria Sophia" <mariasophia@comprehension.com> wrote:
Tyrone wrote:
On Jan 12, 2026 at 1:37:00 PM EST, "Maria Sophia"
<mariasophia@comprehension.com> wrote:
Tyrone wrote:
Once again, you have no idea what you are talking about.
Hi Tyrone,
The question in this thread is technical and it's about WHY (not how).
But you are technically wrong. iOS does NOT require you to login multiple >>> times. Some app(s) that you have are doing that, for unknown reasons. One of
the links that YOU provided says so.
And that was just ONE link of many that had nothing to do with tokens AND 2 >>> dead links.
So AGAIN, you have not proved your claim that "Why does iOS require you to >>> login". iOS is NOT requiring this. It is YOUR apps AND you still have no >>> proved that this is even happening.
Shall I post a screen shot from 2022 to prove that I am not required to enter
my password?
If people can't understand how it works, they'll never be able to
contribute meaningfully to help answer why only iOS works this way.
Which explains YOUR posts in this thread. You DON'T understand how it works
and thus your contributions ARE bullshit.
I've explained how iOS works with respect to token expiry & renewal.
You need to comprehend how it works before you can help answer why.
You have "explained" what you believe is happening, with links that say no >>> such thing.
YOU are stating "how you think it works". A link YOU provided describes how
Since you claim the explanation given is "bullshit", if you think iOS works
differently than described, then you should state how you think it works. >>>
it actually works.
Hi Tyrone,
You keep asserting that "iOS does NOT require you to login multiple
times" and that it "is YOUR apps" doing this, but you have not actually
described a technical model of what you think is happening inside iOS.
A link that YOU PROVIDED describes it:
<https://developer.apple.com/documentation/signinwithapple/verifying-a-user>
"User interaction is required any time a new identity token is requested. User
sessions are long-lived on device, so calling for a new identity token on every launch, or more frequently than once a day, can result in your request failing due to throttling."
Do you EVER read the links you post?
You have "explained" what you believe is happening, with links that say no >>> such thing.
YOU are stating "how you think it works". A link YOU provided describes how
Since you claim the explanation given is "bullshit", if you think iOS works
differently than described, then you should state how you think it works. >>>
it actually works.
Hi Tyrone,
You keep asserting that "iOS does NOT require you to login multiple
times" and that it "is YOUR apps" doing this, but you have not actually
described a technical model of what you think is happening inside iOS.
A link that YOU PROVIDED describes it:
<https://developer.apple.com/documentation/signinwithapple/verifying-a-user>
"User interaction is required any time a new identity token is requested. User
sessions are long-lived on device, so calling for a new identity token on every launch, or more frequently than once a day, can result in your request failing due to throttling."
Do you EVER read the links you post?
Chris wrote:
Maria Sophia <mariasophia@comprehension.com> wrote:
Chris wrote:
Let's see how DonGPT responds to this...?
I'm not going to respond to your incessant personal attacks,
Firstly, calling you out on posting AI slop is not a personal attack. It's >> criticising you for being disingenuous and lying.
Secondly, if you're going to not respond then don't. Responding by saying
you're not going to respond is ... well, let's go with ... daft.
Chris, with all due respect, you are conflating one specific OAuth flow,
Apple does not use OAuth.
Seriously, give it up. You're out of your depth.
Sign in with Apple, with the authentication architecture of iOS as a whole.
It's Apple authentication. iOS/iPadOS doesn't have an "authentication
architecture".
The identity token and refresh token described in the Sign in with Apple >>> docs apply only to third party app login. They do not represent the tokens >>> used by iCloud, Apple Media Services, IDS for iMessage and FaceTime, Find >>> My, Activation Lock, or device activation.
Prove it.
Sign in with Apple is implemented through the Authentication Services
framework. It issues an ID token and a refresh token that are valid only >>> for that OAuth client. The once-per-day refresh rule applies only to
that OAuth flow. It does not apply to iCloud service tokens, Apple Media >>> Services tokens, IDS tokens, or activation tokens.
Are you using chatgpt again? Apple doesn't use OAuth.
iCloud uses its own account token and service specific credentials for
Drive, Photos, Backup, Keychain, Mail, Contacts, Calendars, Notes,
Reminders, and Safari sync. These services do not use the Sign in with
Apple token and do not share its refresh rules.
Prove it.
Apple Media Services, which covers the App Store, iTunes Store, TV,
Music, Books, and Podcasts, uses a different token family entirely. AMS
tokens are issued by a separate backend and have their own expiration
and refresh behavior.
Prove it.
iMessage and FaceTime use IDS authentication, which is documented as a
separate protocol with its own key material and its own token lifecycle. >>> IDS tokens are not interchangeable with iCloud or AMS tokens.
Prove it.
Find My uses FMIP authentication, which again is a separate service with >>> its own credentials and its own validation rules.
Prove it.
Activation and Activation Lock use activation certificates and device
specific credentials that are not part of any of the above systems.
Prove it.
I suspect all the above is again AI slop. Given you have not provided any
cites which you say you always do.
Because these authentication domains are independent, a failure or
expiration in any one of them can trigger a password prompt such as
Jan 10th 2026 <https://i.postimg.cc/ZqGn04Ln/appleid20260110.jpg>
This is why users can see Apple ID password prompts even when they have not >>> logged out or made a purchase. It is not caused by user behavior.
You wish!
Given no single person on here concurs with you - I discount candycaneeater >> as he's probably a sock - we have to apply Occam's Razor and look at the
simplest explanation: you are doing this to yourself.
That's why everyone on this newsgroup who responded, except you and Tyrone, >>> have easily admitted remembering these standard Apple ID password prompts. >>> <https://i.postimg.cc/LXzB3Lc0/appleid01.jpg>
We've all admitted to have been asked for a password once of twice a year
at most. No one gets prompts several times a day. Only you.
It is caused by the fact that iOS uses multiple authentication domains with >>> different lifetimes and different refresh rules.
That's your baseless assertion.
If you truly believe that all Apple services share a single token, please >>> cite Apple documentation that states this explicitly.
I did.
You have yet to prove that Apple uses multiple ones.
Chris,
I am going to ignore any accurate criticisms of my argument and hide
behind fake victimhood.
You appear to be making two very strong claims, both of which I dispute.
1. "Apple does not use OAuth."
2. The one identity token in the Sign in with Apple doc is
"Apple authentication" for everything.
On the first point, the label does not matter. Call it OAuth, OpenID
Connect, or "Apple web sign in", the document you keep citing is about
a specific browser / app sign in flow for third party clients. It is
scoped to that use case. It does not describe device activation, Find
My, iCloud, or Apple Media Services. It just doesn't. And never did.
On the second point, you say you "proved" Apple uses a single token by pointing to that page. But that page does not say any of the following:
1. It does not say that iCloud uses the Sign in with Apple identity
token.
2. It does not say that App Store/Apple Media Services use that
token.
3. It does not say that iMessage/FaceTime (IDS) use that token.
4. It does not say that Find My/FMIP use that token.
5. It does not say that device activation or Activation Lock use that
token.
You are reading far more into that page than Apple actually wrote.
Now to your repeated "prove it" challenge.
Apple does not publish a complete internal map of every token, key, and certificate used by every service. Neither of us can "prove" the exact internal structure short of working on the inside at Apple.
pothead <pothead@snakebite.com> wrote:
On 2026-01-11, Chris <ithinkiam@gmail.com> wrote:
Maria Sophia <mariasophia@comprehension.com> wrote:
Chris wrote:
The behaviour you're demonstrating is such an extreme edge case that I >>>>> doubt there is *any* documentation covering it. No developer will be >>>>> prepared for a genuine user to continually ignore requests to access Apple
services on an Apple device for years on end.
Hi Chris,
I'm happy to read you're unable to refute any of the facts
Why lie and deny reality, Donald?
Donald?
How many nyms does this "Maria" have?
Given he constantly lies, makes out he's the best expert, is thin skinned, and attacks everyone who disagrees with him I found a nym for him that
fits.
You intentionally snipped the majority of my post which rebuffed all your >>> "facts". This proves to me that my suspicion is correct: none of it was
discovered by you, but is simply AI slop. Why otherwise would you post two >>> links to non-existent API endpoints? That's more than a simple error.
That's a classic snit Brock McNuggets sidestep. He believes that folks won't actually
check the links.
As for this thread, I'm a Linux user but I have an iPhone and have had various
models for years.
I've never experienced being locked out and TBH I had to look up my
iCloud PW because I rarely have to enter it. I can't remember the last time in
fact.
Yep. That's normal. I'm the same.
I have a few items like Mail, Messages, Photos etc set to backup from iPhone >> to iCloud and it just works transparently.
The only time I have really used it when I upgrade to a new iPhone or want to
archive my photos locally.
So I'm not sure what Maria is talking about but if these issues were causing >> problems for users the Internet would be overflowing with complaints.
He doesn't use his ipads like any normal user would and then complains
about why they're misbehaving.
On Jan 13, 2026 at 9:10:49rC>AM EST, "badgolferman" <REMOVETHISbadgolferman@gmail.com> wrote:
On 01/13/2026 09:09, Tyrone wrote:
On Jan 13, 2026 at 1:23:51-AM EST, "Alan" <nuh-uh@nope.com> wrote:
On 2026-01-12 22:18, J||rg Lorenz wrote:
On 13.01.26 01:31, Tyrone wrote:
We all know the Sun rises in the West. My question is WHY does it rise in the
West, not HOW.
Here are my links that prove The Sun rises in the West:
<https://www.thesun.co.uk>
<https://www.thesun.co.uk/tvandshowbiz/37890247/brooklyn-beckham-nicola-peltz-birthday/>
<https://www.thesun.co.uk/health/37892058/nhs-four-hospital-trusts-surge-no-beds/>
See? All links to The Sun! I have proved my claim!
Is it your ambition to beat Arlen at any price, Troll?
He's doing what you apparently cannot:
Taking amusement out of something that he cannot change.
:-)
The point of this topic is that this illustrates a typical Arlen thread. >>> Start with an absurd premise, link to random web pages that do not support the
absurd premise, CLAIM that the websites support the absurd premise and then >>> attack everyone who points out the obvious.
Over and over and over.
I thought your OP was funny!
It was supposed to be.
As a Linux user with an iPhone and Apple watch, my method is to just leave it alone and let them work. And they do work extremely well for me.
BTW I also have a Samsung mid tier phone and it too works fine for me.
On 2026-01-12, Chris <ithinkiam@gmail.com> wrote:
pothead <pothead@snakebite.com> wrote:
On 2026-01-11, Chris <ithinkiam@gmail.com> wrote:
Maria Sophia <mariasophia@comprehension.com> wrote:
Chris wrote:
The behaviour you're demonstrating is such an extreme edge case that I >>>>>> doubt there is *any* documentation covering it. No developer will be >>>>>> prepared for a genuine user to continually ignore requests to access Apple
services on an Apple device for years on end.
Hi Chris,
I'm happy to read you're unable to refute any of the facts
Why lie and deny reality, Donald?
Donald?
How many nyms does this "Maria" have?
Given he constantly lies, makes out he's the best expert, is thin skinned, >> and attacks everyone who disagrees with him I found a nym for him that
fits.
ROTFLMAO!
That's funny!
You intentionally snipped the majority of my post which rebuffed all your >>>> "facts". This proves to me that my suspicion is correct: none of it was >>>> discovered by you, but is simply AI slop. Why otherwise would you post two >>>> links to non-existent API endpoints? That's more than a simple error.
That's a classic snit Brock McNuggets sidestep. He believes that folks won't actually
check the links.
As for this thread, I'm a Linux user but I have an iPhone and have had various
models for years.
I've never experienced being locked out and TBH I had to look up my
iCloud PW because I rarely have to enter it. I can't remember the last time in
fact.
Yep. That's normal. I'm the same.
Good to know. I'm not an Apple person. And by rarely having to enter it that comes down to upgrading the phone or changing some aspect of iCloud, which is rare.
In normal day to day use, I don't remember it asking.
And to the point I have never been locked out.
My experience is set it and forget it.
I have a few items like Mail, Messages, Photos etc set to backup from iPhone
to iCloud and it just works transparently.
The only time I have really used it when I upgrade to a new iPhone or want to
archive my photos locally.
So I'm not sure what Maria is talking about but if these issues were causing
problems for users the Internet would be overflowing with complaints.
He doesn't use his ipads like any normal user would and then complains
about why they're misbehaving.
As a Linux user with an iPhone and Apple watch, my method is to just leave it alone and let them work. And they do work extremely well for me.
BTW I also have a Samsung mid tier phone and it too works fine for me.
On Jan 13, 2026 at 10:30:27rC>AM EST, "pothead" <pothead@snakebite.com> wrote:
As a Linux user with an iPhone and Apple watch, my method is to just leave it
alone and let them work. And they do work extremely well for me.
BTW I also have a Samsung mid tier phone and it too works fine for me.
That descibes most people. Normal adults.
But Arlen has an agenda here. It is to ALWAYS make Apple "look bad".
The first question a normal person would ask is "Is anyone else seeing this?
I have to login multiple times a day on every iOS device I have".
And the normal answers would come back. "Nope, I have never seen this at all.
Have you tried a soft/hard reset? What apps do you have installed?". Etc. Lots of troubleshooting back and forth would follow.
But Arlen's first question was "WHY is this happening?" Of course, he wants to steer the conversation into something like "Because Apple is tracking you on the mothership mainframes".
AGAIN, you have to first prove that something IS happening before you can ask WHY it is happening. That is Logic 101. Inventing a scenario - and trying to prove it with dead links AND links that say NOTHING about logging in AND a single screen shot from 4 years ago - is all you need to know about Arlen's motives here.
Maria Sophia <mariasophia@comprehension.com> wrote:
Chris wrote:
Maria Sophia <mariasophia@comprehension.com> wrote:
Chris wrote:
Let's see how DonGPT responds to this...?
I'm not going to respond to your incessant personal attacks,
Firstly, calling you out on posting AI slop is not a personal attack. It's >>> criticising you for being disingenuous and lying.
Secondly, if you're going to not respond then don't. Responding by saying >>> you're not going to respond is ... well, let's go with ... daft.
Chris, with all due respect, you are conflating one specific OAuth flow, >>>Apple does not use OAuth.
Seriously, give it up. You're out of your depth.
Sign in with Apple, with the authentication architecture of iOS as a whole.
It's Apple authentication. iOS/iPadOS doesn't have an "authentication
architecture".
The identity token and refresh token described in the Sign in with Apple >>>> docs apply only to third party app login. They do not represent the tokens >>>> used by iCloud, Apple Media Services, IDS for iMessage and FaceTime, Find >>>> My, Activation Lock, or device activation.
Prove it.
Sign in with Apple is implemented through the Authentication Services
framework. It issues an ID token and a refresh token that are valid only >>>> for that OAuth client. The once-per-day refresh rule applies only to
that OAuth flow. It does not apply to iCloud service tokens, Apple Media >>>> Services tokens, IDS tokens, or activation tokens.
Are you using chatgpt again? Apple doesn't use OAuth.
iCloud uses its own account token and service specific credentials for >>>> Drive, Photos, Backup, Keychain, Mail, Contacts, Calendars, Notes,
Reminders, and Safari sync. These services do not use the Sign in with >>>> Apple token and do not share its refresh rules.
Prove it.
Apple Media Services, which covers the App Store, iTunes Store, TV,
Music, Books, and Podcasts, uses a different token family entirely. AMS >>>> tokens are issued by a separate backend and have their own expiration
and refresh behavior.
Prove it.
iMessage and FaceTime use IDS authentication, which is documented as a >>>> separate protocol with its own key material and its own token lifecycle. >>>> IDS tokens are not interchangeable with iCloud or AMS tokens.
Prove it.
Find My uses FMIP authentication, which again is a separate service with >>>> its own credentials and its own validation rules.
Prove it.
Activation and Activation Lock use activation certificates and device
specific credentials that are not part of any of the above systems.
Prove it.
I suspect all the above is again AI slop. Given you have not provided any >>> cites which you say you always do.
Because these authentication domains are independent, a failure or
expiration in any one of them can trigger a password prompt such as
Jan 10th 2026 <https://i.postimg.cc/ZqGn04Ln/appleid20260110.jpg>
This is why users can see Apple ID password prompts even when they have not
logged out or made a purchase. It is not caused by user behavior.
You wish!
Given no single person on here concurs with you - I discount candycaneeater >>> as he's probably a sock - we have to apply Occam's Razor and look at the >>> simplest explanation: you are doing this to yourself.
That's why everyone on this newsgroup who responded, except you and Tyrone,
have easily admitted remembering these standard Apple ID password prompts. >>>> <https://i.postimg.cc/LXzB3Lc0/appleid01.jpg>
We've all admitted to have been asked for a password once of twice a year >>> at most. No one gets prompts several times a day. Only you.
It is caused by the fact that iOS uses multiple authentication domains with
different lifetimes and different refresh rules.
That's your baseless assertion.
If you truly believe that all Apple services share a single token, please >>>> cite Apple documentation that states this explicitly.
I did.
You have yet to prove that Apple uses multiple ones.
Chris,
I am going to ignore any accurate criticisms of my argument and hide
behind fake victimhood.
There. Fixed it for you.
You appear to be making two very strong claims, both of which I dispute.
1. "Apple does not use OAuth."
2. The one identity token in the Sign in with Apple doc is
"Apple authentication" for everything.
On the first point, the label does not matter. Call it OAuth, OpenID
Connect, or "Apple web sign in", the document you keep citing is about
a specific browser / app sign in flow for third party clients. It is
scoped to that use case. It does not describe device activation, Find
My, iCloud, or Apple Media Services. It just doesn't. And never did.
Of course it matters. They are specific brands and have different
mechanisms. Anyone who values facts would stick to accuracy and stop making stuff up.
The fact you don't care about accuracy adds even more weight to your disinterest in truth. All you want is a nodding dog audience. Which is very reminiscent of a well known personality...
On the second point, you say you "proved" Apple uses a single token by
pointing to that page. But that page does not say any of the following:
Further evidence that accuracy and facts are alien concepts to you. I never claimed any proof. You asked for cites to evidence my position. Which I
gave. Something you've refused to do. Because you can't.
1. It does not say that iCloud uses the Sign in with Apple identity
token.
2. It does not say that App Store/Apple Media Services use that
token.
3. It does not say that iMessage/FaceTime (IDS) use that token.
4. It does not say that Find My/FMIP use that token.
5. It does not say that device activation or Activation Lock use that
token.
It's the only documented mechanism we have. Why wouldn't Apple use it?
You are reading far more into that page than Apple actually wrote.
Now to your repeated "prove it" challenge.
Apple does not publish a complete internal map of every token, key, and
certificate used by every service. Neither of us can "prove" the exact
internal structure short of working on the inside at Apple.
Thanks for confirming you have no evidence to support your claims.
All you have is guesswork and a single observation of unusual behaviour caused by an extreme edge case scenario.
This is a futile exercise.
Hi Chris,
You keep trying to shift the discussion to my behavior instead of focusing your response toward the technical question of why it's designed this way.
The question is why iOS behaves differently from every other platform,
including macOS, when its credentials age out. That question does not go
away no matter how many times you attack my motives.
My behavior cannot change how iOS works, nor why Apple designed it that
way. My behavior can only test what will happen if you refuse to enter the password over an extended period of time, not whether it's being asked.
| Sysop: | Amessyroom |
|---|---|
| Location: | Fayetteville, NC |
| Users: | 59 |
| Nodes: | 6 (1 / 5) |
| Uptime: | 01:34:04 |
| Calls: | 812 |
| Calls today: | 2 |
| Files: | 1,287 |
| D/L today: |
21 files (23,351K bytes) |
| Messages: | 210,094 |
