I would say that is a bit unreasonable because often it's organisations using centralised identity management in-house. Where I am we're in house AD that ties in to Office 365 (and some other services login using AD).
If Apple want to mandate this, they should propose how every system is going to do it. Or at least provide a library in every web-friendly scripting language (PHP, ruby on rails, ASP.NET) to make this happen.
The only way I can see this working is a plugin that lets you pair up an existing login with an apple login (e.g. how some sites let you login with your own Google account, and you have to do a pairing with your account on their platform once).
BUT then if someone's apple ID gets hacked, you in theory could have access to an organisation's system. And as a sysadmin I would want apple to be legally liable for any damage caused by that.
We aren't a moodle house these days (people higher up the chain made the decision, and we still berate the new system for missing some of the features moodle has), but I'd love to see apple's response to my points above.