How to implement signin via Google Apps account in javascript or jquery ?
You can use the Google API Javascript Client Library with OAuth 2.0. It works por Google Apps accounts as well as consumer accounts, you can validate the domain after the user signs in. Another option is to use Google+ Sign In which offer other additional benefits.
Related
I'm looking for the best practice to make requests as a third-party app to Google Drive's APIs that are authenticated with Okta.
Assumptions:
Google's services are being authenticated using Okta (User go to drive.google.com >> redirect to Okta >> authentication >> Google Drive is available).
We have a public app on Google - all works easily for non-Okta users.
What will be the best practice solution? Creating an Okta app? Exchanging access tokens in runtime? Something else?
After investigating the main role of Okta in Google Workspace, I found that OAuth 2.0 works as same as it works if Google authenticates the user.
You should trigger a simple authentication with Google, which by the end of the process, you'll receive an access token you can use.
Actually, Google uses SMAL to authenticate the user and then show a consent screen for additional scopes.
Graphic flow in here
I want users to my website to use Google Accounts to authenticate / sign in to my website. The primary use case being users will edit and generate content and we want to log ownership in a secure way. We are not interested in obtaining users Google data, we just want a means to authenticate users.
After googling, I came across some documentation, which seems to explain how to do this OpenID Connect (OAuth 2.0 for Login). But the documentation immediately says "Note: If you want to provide a “sign-in with Google” button for your website or app, we recommend using Google+ Sign-In, ...", which if you follow the link ultimately takes you to Google+ Sign-In.
What's the difference between these two pages of documentation? Why does the first tell you to go to the second while not saying the first is deprecated? Are both/either suitable for my use case? All it says is "we recommend" I want to know WHY, WHY do they recommend it?
UPDATE: I also found yet another link which seems to be documenting another approach https://developers.google.com/accounts/docs/OAuth2WebServer I think this is just for "Authorization" i.e. authorizing your app to make google api calls to get user data, so cannot be used for authenticating/sign-in.
BTW I'm building my website with a Scala Spray BE REST API & NG JS FE.
A comparison of the two is available here.
Google+ Sign-In with profile scope
Has Google client libraries for authenticating with OAuth 2.0, which includes support for Google+ and other Google services (like getting social information on a user). Also this can make implementing easier and requires less boiler plate code
Has the Google+ Sign-In button to simplify sign-in Has no pre-built widgets
Supports over-the-air Android installs
OAuth login is primarily just for authentication at a lower level, that is by making raw HTTP requests, no API.
OpenID Connect protocols (OAuth 2.0 login)
Google+ Sign-In supports OIDC interoperability if you configure with the openid scope and get the user profile using getOpenIdConnect.
OAuth 2.0 login supports OIDC directly. Use it for signing in users to apps that do not need social features and run on platforms not supported by Google+ Sign-In.
I'm writing an packaged app using javascript for google chrome web store and I need to identify the users e-mail. using Identity I've retrieved OAuth 2.0 token (by chrome.identity.getAuthToken() command). What next?
I've found this documentation but i'm afraid it can be used only for hosted chrome apps.
The above documentation can be used also in cases where the application only has a client-side presence. You can extract the email_address from the id_token (https://developers.google.com/accounts/docs/OAuth2Login#obtainuserinfo); that would be most efficient. Or you can use the access_token to retrieve the same data from the user_info endpoint, which requires another AJAX request (https://developers.google.com/accounts/docs/OAuth2Login#obtaininguserprofileinformation).
If you manage to configure the G+ Sign-In widget for your extension you'll find out that it simplifies these tasks considerably. Note that G+ Sign-In has been recently updated and works for all Google account users (including Google Apps users) whether or not they have signed-up for the Google+ service. See https://developers.google.com/+/ for more information.
I m building a website and a mobile application where both of them uses common resources from my server using APIs. Is it possible to use Social Login like Facebook / Twitter / Gmail to authenticate users to use my application? This will benefit me by not creating my own security layer and rely entirely on their security mechanism to secure my APIs.
OAuth documentation states that Users grant access to their Protected Resources without sharing their credentials with the Consumer.
In my case, by giving Login via Facebook, I want these Facebook Users to login to my application and use the Protected Resources which are exposed by my APIs.
Let me know if I am on the right track or not ? How do I achieve this.
Of course you can use Facebook (or Google+) for a login mechanism on your website.
Facebook offers a button for this: https://developers.facebook.com/docs/reference/plugins/login/
Here´s more information about the Facebook login: https://developers.facebook.com/docs/concepts/login/
If you don´t want to use the Login Social Plugin, the best way is to use the JavaScript SDK: https://developers.facebook.com/docs/howtos/login/getting-started/
Google+ offers a login button too: https://developers.google.com/+/features/sign-in
I did not use the Google+ solution yet, but with the Facebook login it´s quite easy. You can just store the Facebook ID for registration and stuff.
Can any one provide a sample code so that I can login to my application with the google credentials using OAuth.
Google has GData.framework which allows access to google services. Try checking it out. Not sure about access to 3rd party apps with google credentials.