Apple announced last year changes to the developer guidelines which included the following requirements regarding Account Sign-in with-in apps (bold emphasis mine):
(v) Account Sign-In: If your app doesn’t include significant account-based features, let people use it without a login. If your app supports account creation, you must also offer account deletion within the app. Apps may not require users to enter personal information to function, except when directly relevant to the core functionality of the app or required by law. If your core app functionality is not related to a specific social network (e.g. Facebook, WeChat, Weibo, Twitter, etc.), you must provide access without a login or via another mechanism. Pulling basic profile information, sharing to the social network, or inviting friends to use the app are not considered core app functionality. The app must also include a mechanism to revoke social network credentials and disable data access between the app and social network from within the app. An app may not store credentials or tokens to social networks off of the device and may only use such credentials or tokens to directly connect to the social network from the app itself while the app is in use.
https://developer.apple.com/app-store/review/guidelines/#5.1.1v
The bolded section had twice delayed enforcement which is ending soon. In a reminder to developers, Apple again pointed out that this was a requirement, and that they expect all apps to be updated and compliant prior to June 30th, 2022. I believe it unlikely it will be extended a third time.
The reminder also further clarified the expected behavior.
It’s insufficient to only provide the ability to temporarily disable or deactivate an account. People should be able to delete the account along with their personal data.
https://developer.apple.com/news/?id=12m75xbj
This gives app development teams limited time to ensure the app is updated and in compliance before enforcement action may be considered.
On the bright side, Apps which implement the changes properly, may find themselves ahead of the curve when it comes to refactoring systems in preparation for the 5 state laws (California, Connecticut, Colorado, Utah, Virginia) slated for enforcement in 2023.