My ASP.NET MVC has login with Google, Facebook and Microsoft. It works fine. But when the user tries to login with gmail, the next message is shown in the google login page:
IP_ADDRESS_SERVER is asking for some information from your Google Account. To see and approve the request, sign in. Learn more
Instead of showing the ip address, I would like to show the application name or the domain, something like:
MyWebApplication is asking for some information from your Google Account. To see and approve the request, sign in. Learn more
or
www.mywebsite.com is asking for some information from your Google Account. To see and approve the request, sign in. Learn more
How can I achieve that? Should I change some configuration in the application?
You need to register the application with Google.
Related
I implemented a Linkedin connection in one of my apps. It works great but I need to enter my Linkedin credentials even if I'm already connected on Linkedin's website.
Note my picture in the upper right corner.
When I authenticate on Linkedin's website, I have something like 10 minutes during which I don't need to authenticate, just accept my application's permissions requirements.
I would like to get this behavior as long as I'm connected to Linkedin's website. For instance, I would like that a user that comes on my application, if he's already logged on Linkedin, only needs to accept my permissions requirements.
well this is totally up to your server. if you reboot the service/app then yes you have to log in. but once a user is loggedin you can use the refresh token to keep him logged in as long is possible (unless he logs out himself).
if this does accure while the app isnt getting any restart. you should definitly look at the refresh token.
I have a web application setup to handle webhook requests from an Actions-on-Google/Dialogflow application using the Google Assistant. Users don't need to sign-in to a google account in order to use my web application and I'd prefer to keep it that way, so that users can sign in with any email address.
I also want my users to be able to interact with my application using the Google Assistant, and be able to access personal/contextual data via the assistant (i.e. when a speaker says, "what's on my shopping list", the web app needs to be able to know what my means).
Currently, I have this working by using my web app to issue a unique short code to my user (in the web app UI) and then with an intent on the Assistant where the speaker says "My code is 1-2-3-4" and then my web app can identify the user from then on (by saving the userId from the webhook request to whatever user got the short code 1234 and then using that userId to lookup the user on each subsequent request.)
My question is, is there a better way to do this? Ideally, in my web app, I'd like to have something like an "Authorize Google Assistant" button, which would then link the user's google account to their web-app account, so that the conversation on the Assistant is seamless.
Has anyone done this before?
Thanks
This is the perfect use case for Account Linking with the Google Assistant.
From your users' perspective, they will start to use your Action. If they're doing so through a speaker and they haven't linked the account yet, they'll be directed to a mobile device to do so. On a mobile device, they'll be redirected to a page on your website where they will been to authenticate themselves and authorize your server to let them in through the Assistant. Once they have done so, they won't need to log in again, the accounts will be linked, and they'll be able to use the voice Action without further obstruction.
From your perspective as a developer, you'll need to setup an OAuth2 server (I suggest the code flow). That login process I mentioned is the first step in the OAuth dance, and will end up with you issuing a code to Google. They will then exchange this code for an Auth Token (with a limited lifetime) and a Refresh Token (which does not expire). They will periodically use the Refresh Token to get new, valid, Auth Tokens for this user. When the user issues a voice command, the Auth Token will be passed as a field in the JSON to your fulfillment server, and you can use this to verify who the user is and that they are authorized to use your service.
I am trying to create a sample test application that authenticates a user wearing Google Glass.
I have read the following page
https://developers.google.com/glass/develop/gdk/authentication
I need to know how will the authentication actually work. Now lets say I have an app "XYZ" uploaded onto MyGlass. User turns on the app via MyGlass and then automatically gets redirected to a web page say, for example,
http://www.example.com/glass/authenticate.html
In this web page, he has to sign in using a username and password. Once he clicks submit will he be redirected to another webpage on the browser or will the Glass application get activated. Where will the userToken be obtained. Will it be on Glass?
I am really confused. Please can someone help me out.
What exactly is the flow for authentication on Glass?
Assuming you're doing 3rd part authentication (i.e. your own users, not google accounts).
Once you click Submit on your login page:
Server-side: If the user is valid, call the Mirror API to insert the account, including your authToken and the userToken. The userToken will be a query parameter added to your login url by the glassware store.
Close the page using window.close(). The Glassware will then be installed on the user's device.
When the user launches your glassware, retrieve the account from the Mirror API, and then retrieve the authToken that you inserted in step 1. for that particular account.
All of the authentication features I see for the Instagram API make the user "allow access" to your app by redirecting them. I have seen several apps that let the user login directly, can someone please enlighten me on how they are doing this?
If the app uses Instagram's authentication, it first redirects to instagram login page and you have to enter username/password, and then it will show a page to allow access, after this it will redirect to the application.
But some apps directly ask for username/password from their UI, these apps store your password, and use it to authenticate using a automated devices running Instagram, so they can post pictures on your behalf, the reason they do this is cause there is no API for posting pic, the only way apps can post pics is by collecting username/password and then posting pics using automated devices. This is risky, never give your username/password. Doing this is against the terms and condition. Only login if the login screen looks like Instagram login page.
I'm building my website to pull out my own linkedin profile info. And it is working but when a visitor comes to the site, they will have to login to see my profile info displayed on my page. This should be a public website and I don't want visitors to log in to their linkedin account in order to see my public page.
Is there anyway to do this (so that visitors can see my info without having to be logged in) ? Thank you
NOTE: I'm using their REST API by the way.
Simple code
Per the documentation (section #1, bullet point 3), it is not possible to share your profile information via the API without the user both authenticating your LinkedIn application that is pulling the info, and also the authenticated user then being connected to you in some way. From that document, "Each user must grant your application access to their LinkedIn network and they can only see data from their own LinkedIn network. For example, you cannot gather information about a LinkedIn member in one user's LinkedIn network and show that information to other users"
In short, the REST API is probably not the way to go to expose un-authenticate user's to your profile. What you might want to do is use one of the plugins, such as the Member Profile plugin.