I use a application to automate posting updates from the site. Can I use the LinkedIn API without connecting OAuth libraries?
You need OAuth libraries to perform various actions with a user-Linkedin account. There're libraries for linkedin easier than others, it depends on the programming language.
Related
There seems to be very little information about getting started with Google's Drive REST API, besides the Quickstarts section (https://developers.google.com/drive/api/v3/about-sdk). I am trying to use their API in AutoIt, but I can't seem to find out how to generate an access token without using one of the available quickstart libraries. I am aware of the REST API docs (https://developers.google.com/drive/api/v3/reference/), but still, can't find anything about generating the access token. I have already generated a Client ID and a Client Secret though. Any help is appreciated.
Google's OAuth endpoints can be used with any library (or you could roll your own, but there are plenty of quality libraries). There is plenty of documentation of OAuth2 at Google, and there is the OAuth2 Playground where you can experiment with OAuth and the Google APIs.
If you have a library, Google's OAuth endpoints are available in the OpenIdConnect discovery doc at https://accounts.google.com/.well-known/openid-configuration
I want users to my website to use Google Accounts to authenticate / sign in to my website. The primary use case being users will edit and generate content and we want to log ownership in a secure way. We are not interested in obtaining users Google data, we just want a means to authenticate users.
After googling, I came across some documentation, which seems to explain how to do this OpenID Connect (OAuth 2.0 for Login). But the documentation immediately says "Note: If you want to provide a “sign-in with Google” button for your website or app, we recommend using Google+ Sign-In, ...", which if you follow the link ultimately takes you to Google+ Sign-In.
What's the difference between these two pages of documentation? Why does the first tell you to go to the second while not saying the first is deprecated? Are both/either suitable for my use case? All it says is "we recommend" I want to know WHY, WHY do they recommend it?
UPDATE: I also found yet another link which seems to be documenting another approach https://developers.google.com/accounts/docs/OAuth2WebServer I think this is just for "Authorization" i.e. authorizing your app to make google api calls to get user data, so cannot be used for authenticating/sign-in.
BTW I'm building my website with a Scala Spray BE REST API & NG JS FE.
A comparison of the two is available here.
Google+ Sign-In with profile scope
Has Google client libraries for authenticating with OAuth 2.0, which includes support for Google+ and other Google services (like getting social information on a user). Also this can make implementing easier and requires less boiler plate code
Has the Google+ Sign-In button to simplify sign-in Has no pre-built widgets
Supports over-the-air Android installs
OAuth login is primarily just for authentication at a lower level, that is by making raw HTTP requests, no API.
OpenID Connect protocols (OAuth 2.0 login)
Google+ Sign-In supports OIDC interoperability if you configure with the openid scope and get the user profile using getOpenIdConnect.
OAuth 2.0 login supports OIDC directly. Use it for signing in users to apps that do not need social features and run on platforms not supported by Google+ Sign-In.
I'm about to start a project that requires some simple YouTube non-write data operations, like gathering users playlists and videos. I read that the YouTube 2.0 API is deprecated, but I don't really want to use OAuth authentication required for API 3.0.
Does this mean that the GDATA API deprecated (in particular this: https://gdata.youtube.com/demo/index.html
Google's GData API for YouTube was deprecated on 2014-03-14 according to their api status page. This was after your original question was asked, but I'm leaving this here for other's (like myself) who are trying to keep track of which api is current..
While you do not want to use OAuth 2.0 authentication, it would appear that you will need to make the transition to use YouTube API 3.0 version. If you do want your project to have a long life, you should make the effort to move to the new authentication mechanism. This will serve you well if you access other Google (and many other cloud service) apis.
I want to use google/yahoo ids to be used to login to my website.
As its done in stackoverflow.
Can any one provide me a starting point.
That authentication method is called OpenID. You can get details at the open id website.
If your webiste uses PHP on the server, here's a resource to get you started with OpenID and PHP
UPDATE
Since I've posted this, the world of open federated authentication has evolved quite a bit. If you're interested in this you may wish to look up OAuth v2 online, or check out these links: www.oauth.net and the Google resources on OAuth2 available here.
OAuth builds upon the concepts of OpenID and it expands the functionality quite a bit, in particular in the areas of not just providing authentication but also providing authorization for applications using a centralized provider of the user's choice (i.e. Google, Facebook, Twitter or your own :) )
I have been using JanRain for the same thing. It is free and integrates with loads of different login providers, such as, Facebook, Twitter, Google, OpenId (generally), yahoo, msn, and many more.
There is code that lets you integrate it with almost any programming language/platform you want.
try this sample in CodeProject.
http://www.codeproject.com/KB/web-security/OpenIdFormsAuth.aspx
It worked fine with me.
We are using Google Apps services in our startup for email and docs. However for some other purposes such as svn and bug tracker we have our local machines on which we have installed the required apps. All of them have their own separate credential sets.
Ideally I'd like to have one authentication (i.e. that of Google Apps) and authenticate on svn & trac etc. using them. Considering Google Apps does not support OpenID, what should be a good solution? Can I setup a server which uses a particular protocol and still nicely wraps around Google Apps authentication?
There is a Google Federated Login API now, it provides OpenID services. Also, as this guy has shown, it's easy to use Google App Engine to create an OpenID provider of your own using Google IDs as the underlying credentials. HTH.
OAuth may help, up to a point -- Google Apps' gdata APIs do support it decently, see here. Of course all this requires and concerns programming, not just system administration: but then I know for sure your question IS about programming, since it's on Stack Overflow -- if you meant to ask strictly about sysadm issues, you would of course be using serverfault.com, right?-)