I am setting up an App Engine application, and I want to register all my users based on their phone number (like Whatsapp).
The server will need to send an SMS to the user to authenticate. Then the user can log in with a combination of their phone number + password.
Does Google Apps support this type of authentication model, or do I have to use a Google Account?
I saw Twilio support, but that seems more for setting up an app that sends a bunch of SMSes/VoIP server side. I just need to receive one SMS per user to confirm their phone number.
Note: this will be a iOS/Android app, with possible web support in the future.
The App Engine does not force you to use any authentication mechanism. You can choose Google Account option when creating your app, and you may find it useful for admin logins, for example, but you don't have to use it for all users of your app.
The App Engine does not offer a built-in support for SMS authentication, but there is nothing that prevents you from using it. Twilio API offers all the tools that you need.
Note that SMS authentication model has major limitations. For example, people tend to change phones and sometimes their phone numbers, and they typically lose access to the previous phone/number immediately upon switching, which makes it difficult to transfer their accounts. This is one of the reasons why more apps choose a two-step verification (username/password with SMS confirmation) as opposed to a single-step SMS-only approach.
Related
I'm new to web dev, and trying to build an application using google app engine's java standard environment, which will require user authentication. I'd like to provide authentication which requires only a username and password of the user, as opposed to a phone number or social account.
As I look through the options listed in app engine's auth tutorial, if I'm understanding them correctly, none of them allow login without a phone number or social account? https://cloud.google.com/appengine/docs/standard/java/oauth/
If so, are there alternatives available while still using app engine? I've read some about 'web container managed authentication' but I'm not sure if its something app engine will support, or if its a full solution.
Is it possible/feasible to roll fully custom authentication in the app engine standard environment? As I search for custom authentication tutorials I see a lot of articles recommending against this, but it's not clear to me what the alternative is.
Thanks for any information
As it's mention on the OpenID Connect documents of Google Cloud, it's important for you and your users security to authenticate using well proven and debugged code. Google offers Firebase Authentication which let's users log in with an Email and password.
If you still want to implement the authorize part on your own, you can use your preferred web framework and probably it will have an authorizing process.
For example, in python you can use Django authorize system to provide users for a custom way to log in.
But, as I said before, I highly recommend you to use the Google APIs for authorizing as they are OpenID certificated.
I have a google business apps account.
My requirement is to scan all emails of my support email and process them.
This has to be done on the server side without any manual interaction.
I am able to make this work with IMAP, but i am looking at making this work with Google API.
This doesn't work with the Google API unless i do manual client consent.
Or i need to use the service account, in which case i have to get a domain wide access although my requirement is only for one email id. This is against my company's information security policy hence cannot use this option.
Require help on how i can use Google API to do the integration between my server and gmail server at a individual email account level. Any suggestions?
I am the admin of a Google domain and I need to he able to read users emails in my php app. How is this possible? I have tried to use IMAP but it won't even connect. Is there something special that apps have to do?
Here is a list of all the ways to read a user's Gmail mailbox, outside of App Engine :
IMAP, as you said. Provided it is enabled on your domain. Most of our customers disable it for security reasons (no audit trace of the connections).
Apps Script, but it requires the user's consent, even if you're an admin
The Email Audit API, but an Email extraction takes approximately 2 weeks (no kidding)
If IMAP is enabled on your domain, then it's the best choice. However, by default GAE does not allow outgoing connections apart from HTTP requests. The workaround for this limitation is the Sockets API, currently in preview. You can check it out here.
Note that you will also need to use an OAuth2 service account (domain-wide delegation) and IMAP-XOAuth2 to authenticate with the IMAP protocol.
I never used Google technologies to develop webapps before, and I'm a bit overloaded and confused. A lot of information.
My scenario: Developing a webapp for, say, company.com, using Google App Engine (Python, Webapp2, Jinja2...). The domain company.com is Google hosted (e-mail and calendars are the important parts here). So, I want my GAE-based app to add events to the domain users' calendar, send them e-mails, etc. The basic flow is:
A user of this domain logs into the web app, using his/her mail: myname#company.com. (IMPORTANT: Users CAN'T use their private GMail accounts, or any other OpenID-based authentication. Just their domain accounts). I know this can be configurated from the admin console, when creating the app.
The user fills a form, and a new calendar event is created. This event is added to his/her calendar, and to his/her manager's calendar too. The user receives a confirmation e-mail (event created) and the manager a notification e-mail (someone invited you...).
I've been reading a lot about authentication, authorization, google app engine and google apps, but I still don't have a clear image about what technologies/libraries/apis I should use.
I've seen a lot of examples using oAuth and Calendar API v2, but oAuth is deprecated, and seems that I should use oAuth2. Calendar API v2 is deprecated too, and v3 is recommended... I see a lot of entry points in the documentation, and I don't know where to start.
Any piece of advice is strongly appreciated. Many thanks in advance.
I am developing an app to be hosted on Google App Engine. Users will be able to use their Google IDs to login to the app. The app also has a client counterpart in the form of a Blackberry Application.
My question is - is there a suggested way for my app to collect the user's Google credentials so that I can authenticate it against Google using OpenID semantics? In Android, for example, I can use the Accounts API so that I don't need to explicitly ask the user to enter credentials. What's the way to do this in Blackberry?
I see 2 ways, neither of which is ideal:
Write my own form in my native Blackberry app where the user enters Google ID and password, which I then use to obtain the authenticator token and perform the rest of the authentication behind the scenes. But the point is - it is inappropriate to ask a user to trust my app with their Google credentials.
Use standard Google Open ID Authentication mechanism - which opens up the web browser and displays Google's Open ID login page. Although this is a one-time thing (after which I can save the authentication token so that future requests to GAE do not require any prompting for credentials), the user experience is still disruptive since it involves opening the browser in addition to my native BB app.
So, what's the suggested way forward?
Using the browser to authenticate is pretty much the only standard way to do this. A number of Android apps do this for OAuth or OpenID endpoints too. Depending on how the Blackberry's protocol handlers work, you should be able to set a continue URL that results in your app being called back by the browser when authentication completes.