I am developing an app for google assistant, an app also contains chat conversation between the members.
So, is there any way to link different user with my App.
Take a look at the account linking feature: https://developers.google.com/actions/identity/account-linking
However, you will need your own OAuth server.
Once account linking is set up, you can enable your app to trigger account linking in two ways: when your app is invoked or during a conversation within your app.
Related
We are developing an Enterprise level application, where there are several end users that will register themselves for some web application. We want them to use MFA, probably 'all' of them, user/password, Biometrics, google authenticator, but the register pages should not be the Microsoft Azure AD register pages, but branded pages from the application. The user should basically not know or care that the app is running in Azure. This should work for Browser logins and (perhaps a mobile app one day, but not now).
The examples I find online is mostly how to register if you're a user for Azure, not the app 'in' Azure.
In short, the steps should be:
User goes to website of app, click register
A register page shows, register a user, then prompts them some MFA choices and biometric choices
Next time the user visits the site, the authentication is used through the registered choices. Also check the device being used that is running the authenticator or biometric so it us only the registered one.
But all should be branded web pages and dialogue windows from the app itself.
This is a very old post, but it seems to answer my question, and the links to older Microsoft pages has links to newest pages also.
In short, you need an Azure Premium account which gives the ability to customise the experience.
I'm trying to get Google oAuth clientId but it says:
To create an OAuth client ID, you must first set a product name on the consent screen
So, when I click on Configure Consent Screen:
In my app, I'm using passport.js and google's oAuth20.My app can let anyone log in with a google account. And for that I need the clientId.
But it says to choose Internal and External option. I don't know what's this. The consent screen was not there before.
What do I do?
The consent screen is primarily used by Google to understand your application. Internal means within organization and external refers to any user. So whenever you setup your application for the first time, Google wants to understand who you are building this application for.Just follow this link for the entire Oauth setup procedure
I would like to create an application where I can access ONLY my own Google Drive files for programmatic operations that I perform on my own managed spreadsheets. However, on 2020 January 1st, restricted scopes are going to require verification from Google in order to use the Google Drive API fully.
How can I use restricted scopes for accessing ONLY my personal Gmail account after January 1st?
According to the OAuth API:
When can I skip submitting my app for a review?
You do not need to submit your app for review if it's going to be used in any of the following scenarios:
• The app is not shared with anyone else.
• The app is used to send emails through WordPress, or similar single account SMTP plug-ins.
• The owner and users of your apps belong to the same G Suite domain or customer. Learn more about public and internal applications. If you aren't an Apps Script developer, learn how to mark your app as internal in the FAQ How can I mark my app as internal-only?
• The app is domain installed or whitelisted by a G Suite domain administrator. If your app is intended for G Suite users, access might depend on domain administrator permission. Obtaining a verification will likely make it easier for administrators to grant access.
• The app is in development mode and not ready to be public. Note that the app will be subject to the OAuth user quota.
• The app is trying to access data from users' Google Cloud Platform project. For instructions on using a service account, see Using OAuth 2.0 for Server to Server Applications.
How can I mark my app as not being sharable with anyone else?
Google updated their FAQ, and it much more clearly delineates what is required in order to keep using Google Drive with restricted scopes:
You do not need to submit your app for review if it's going to be used in any of the following scenarios:
Personal Use: The app is not shared with anyone else or will be used by fewer than 100 users. Hence, you can continue using the app by bypassing the unverified app warning during sign-in.
SMTP/IMAP/WP: The app is used to send emails through WordPress, or similar single account SMTP plug-ins.
Internal Use: An app is internal when the people in your domains only use it internally. Learn more about public and internal applications. Learn how to mark your app as internal in the FAQ How can I mark my app as internal-only?
Domain-Wide Install: If your app is intended for only G Suite enterprise users, access will depend on permission being granted by the domain administrator. G Suite domain administrators are the only ones that can whitelist the app for use within their domains. To learn how to make your app Domain-Wide Install, see My application has users with enterprise accounts from another G Suite Domain. How does this apply to my G Suite or Cloud Identity enterprise accounts?
Development/Testing/Staging: If your app is in development/testing/staging mode and not ready to be publicly accessible, then you do not need to submit your app for verification. Note that your app will be subject to the unverified app screen and the 100-user cap will be in effect when an app is in development/testing/staging.
Service Accounts: When your app is trying to access data from users' Google Cloud Platform project and can run API requests on its behalf. To understand what service accounts are, see Service accounts.
For instructions on using a service account, see Using OAuth 2.0 for Server to Server Applications.
I am currently building a Google Assistant App/ Action using API.AI and node.js. My application needs to get permissions from the user, to get his Facebook likes and make FB Graph API calls from node.js. How can I do that? Do I need to build an android/ ios app for that?
You will need to implement account linking. However, you will not be able to use the Facebook OAuth directly but have to implement your own OAuth server. Your service will independently need to get the user to provide the Facebook OAuth credentials so you can use their API.
I'm writing an in-house app and we're using some of the Google API's in Express/node.
Since I'm only going to use one google account (an email I made just for this purpose), what's the best authentication configuration to use?
It's a service account.
From the Google Developer Console create a service account for your app, the use the API key generated in your app.