Trying to submit my app to Apple App Store. It uses only Google Sign in for authentication. How do I provide a test account they can use. I tried supplying a spare gmail account I use for testing on my side, but they were block as suspicious activity
Related
My app require user sign in. and only social login is available. (google/apple)
for request review, I provide test account, but when they couldn't log in due to the authentication or 2-step verification process. so my app was rejected.
(Even though I create new google account and didn't set any security settings including the 2-step verification, however the identity verification process is included)
As an old memory, I know that Facebook was able to create test accounts for review
Is there a way to create a test account without any security settings provided by Google or Apple?
Please give me an idea...
I am building an SSO system for android where I am the identity provider. And I want users to sign in from my app that will automatically log them in to google workspace (or any other enterprise application e.g salesforce). I cannot figure out what and how to send identity values from my Idp to Google workspace.
This can't be done this way round. When a user signs in to your app she can't be automatically signed in to any other application. The options that you have are:
When a user signs in to your application you can ask Google for an access token. As part of your sign-in process, you can run an OAuth flow against Google Authorization Servers and ask for proper permissions. This will allow the user to additionally log in to their Google account, consent to release information to your app and you will then get an access token that will enable you to call Google's APIs. This way your users will have to log in twice (both to your app and to Google).
You can rely on Google to log users into your app. So, Google will be the OIDC Provider and your app will only be the client. People will log in to their Google account, and you will get an ID token in return. You can use the data from the ID token to create user accounts and sessions in your app.
In the first case, you will want to have a look at OAuth flows, like the code flow. In the latter, you will need OIDC flow, e.g. the OIDC code flow.
Keeweb deployed as self hosted on kubernetes and integrated with gdrive but getting "Google hasn’t verified this app" error.
Nothing in log, follow steps - https://github.com/keeweb/keeweb#self-hosting
means exactly that. An app was created on Google cloud console. This app is being used to request consent of a user to access their data. So a consent screen has been configured.
Any app which requests data of a user, and uses sensitive scopes will need to go though the verification process with google in order to be sure that the app is secure.
Unverified apps
An unverified app is an app or Apps Script that requests a sensitive or restricted OAuth scope, but hasn't gone through the Google verification process. Users of unverified apps or your test builds might get warnings based on the OAuth scopes you're using. This is to protect users and their data from deceptive apps.
I have a react native app and a Node JS backend. The react native app makes a Google sign in request and returns an ID token. How can I set it up so that signing in through the app will create a user in my cognito user pool?
In Cognito, I have set up Google sign in set up as a social identity provider. On the browser, I am able to make google sign in requests, and it will automatically create a user profile in the Cognito user pool.
I followed this guide: https://aws.amazon.com/premiumsupport/knowledge-center/cognito-google-social-identity-provider/
How can i achieve the same result using react native google sign in.
Sounds like this is the architecture you want:
Your apps use tokens from AWS Cognito
Users can also sign in via other login systems
What this means is that you should avoid 'React Native Google Sign In', since it does not fit with these requirements. Instead your React app should only know about Cognito, which is also the technically simplest option.
RESOURCES OF MINE
Have a read of the article and notice that my code supports federated logins but only points to Cognito.
Federated Logins Blog post
React SPA Code
I want to develop an application that uses Google as the authentication provider, but I want my app to know if the Google account is using 2-step verification before the account is enrolled in my app.
Can't find the required API in Google dev docs.
This answer here explains how to find out if users have 2-step verification turned on. See API documentation here and parameters here.