Google recently removed my app from the App Store. I was asked to provide login access to my app for them to review the app "In app experience issue".
My App is using phone number authentication, I believe if Google wants to access my app they can login with any phone number, provide the authentication code and gain access. But I was asked to provide the login details, the problem is if I give Google just any registered phone number, it will still ask for a phone authentication code to login.
How can I add a default phone number that will not ask to provide authentication code tat will login the user. My app is built with android studio and firebase as backend.
Or is there anyway I can provide google with access to my app, that wont request authentication?
You should make one number (preferably a phone number you own) always take the same authentication code (OTP).
ideally this should be done from backend, but if it easier for you, you can make it hard coded into your app, like the following pseudo code:
if(phoneNumber == 001xxxxxxxxx)
then if(userInputOTP == 1234) then isOTPCorrect = true
Related
I’m a little bit stuck on a subject.. I was developing 2 mobile applications with Flutter, each with an authentication system. I would like to develop the following functionality:
I log on to the "A" application, I save my credentials.
I open the "B" app, I can find the account with which I signed in the "A" app. (For example: On my iphone, if I sign in with my google account to Gmail, I find the same account on all the google apps on my phone).
So I would have to be able to store the passwords & identifiers securely on the phone, and only my 2 applications could have access to this "common" database. I looked at Hive/ SQFLITE, but I don’t think it’s suitable for this kind of functionality to share between 2 apps...
Thank you for your help,
JH
This sounds very similar to Google Account Linking with OAuth-based App Flip:
OAuth-based App Flip Linking (App Flip) allows your users to easily
and quickly link their accounts in your authentication system to their
Google accounts. If your app is installed on your user’s phone when
they initiate the account linking process, they are seamlessly flipped
to your app to obtain user authorization.
This approach provides a faster and easier linking process since the
user does not have to re-enter their username and password to
authenticate; instead, App Flip leverages the credentials from the
user's account on your app. Once a user has linked their Google
account with your app, they can take advantage of any integrations
that you have developed.
That said, you will need to go Android/iOS-specific to solve this on your own, but you can draw a lot of inspiration from the App Flip example code provided by Google!
On Android you will be using Intents that return data to their caller. The idea would be to have the "A" app listen for a custom intent for example using package receive_intent that shows some kind of "Allow B to login with A" screen and returns the credentials like this:
import 'package:receive_intent/receive_intent.dart';
// ...
Future<void> _setActivityResult() async {
// ...
await ReceiveIntent.setResult(kActivityResultOk, data: {"credentials": "abc123"})
}
// ...
Best of luck!
For my app, users are invited by email to join.
Currently, the link in the email is opening the web-browser to a page where the user creates his password. Then, the user has to install the app, open the app, and log in with his email and the password he created.
I am trying to make the process easier. I am thinking that in the invitation email, the link can point to "an app link". I know iOS has "Universal Links". The app will most probably not be installed, so on iOS, it will open the App Store app to install the app.
I am thinking to create the registration process in the app. But the issue is after the user installs and opens the app, the "app link" is lost.
The "App Store" app does not pass the original link to the app when the user opens the app first time after install.
Without the information from the link, I am not able to know in the app the email for which the user needs to create the password. I could ask the user for email also, but I was hoping not having to ask him about that.
I guess it's the same for Android.
Any thoughts how to make sign-up process easier?
EDIT: I chose a correct answer but to anybody who might be looking for an answer, I don't think Firebase or anyone else has a 100% reliable way of making a connection between the device where the link was clicked and the device where the app is installed. All the libraries are using some accuracy value and asks you to check it in code. If you think about it, it makes sense, because when the link is clicked and gets open (and that can be in any web-browser app) the JS code needs to compute some hash of the device and it will try to compare it to the hash of the device computed by the app's code when app is open after install.
You can use Firebase Dynamic Links to achieve this.
Please refer Firebase Dynamic Links
i think you have to use Webview for this
You can do this with Appsflyer SDK.
Checkout the documentation https://www.appsflyer.com/blog/app-installation-referral-conversion-tracking/
I would like to do Google Sign-in for a Fire TV app. Unfortunately I can't use Google play services for this so I need a work around. The only thing I could think of is have the login screen be a uiwebview Google sign in web page. Has anyone ever got Google sign in to work with amazon devices? Any input would be appreciated.
To answer your question, yes it's possible to do that using a webview by following the guide here:
https://developers.google.com/identity/sign-in/web/sign-in
Once the user is signed in you would get the onSignIn() callback in the webview which provides you with the user's details that you can send back to your java class to carry on with the sign up/in steps.
Would I do it? Not in a million years!
My main concern is that you would be affecting the user experience on a device that doesn't have a traditional touchscreen entry point. The 10-foot UI has a different interaction than a tablet or a smartphone (try typing a complex password without a touchscreen keyboard). Why should I put my users through ~200 remote clicks just to type an average length email address and password?
The convenience of Google signin is in the native integration with the Android identity system, where with a few taps you can grant permissions to read your userid and much more.
Why don't you instead take advantage of a similar method, native to the Amazon platform?
You would start with the assumption that a user on Fire TV is already logged into their Amazon account, which means that if you had the ability to read their email address and userid you could achieve the same as what you do on Android TV... and you do!
Take a look at https://developer.amazon.com/public/apis/engage/login-with-amazon
UX: it displays a "Log in with Amazon" button, shows the user a permission pop up and, once they accept, you will get a callback with some of their details. No need for a webview.
While logging in using facebook login button(SDK 4.3) , email id is a mandatory field required by my app. But in the permissions screen the user can deselect the email permission.But still the login is successful . Is there a way to overcome this ?
Thanks
You should not be de-authorizing the user for not giving your app permission. It generates a poor user experience and might be against the Facebook policy as you are indirectly spamming the user for permissions if they do not provide it.
Your best bet is to continue without emailID.
You can read the policies in detail here : https://developers.facebook.com/policy/
I'm working on LinkedIn ingratiation in my Android app, and I've completed this using simple Webview which will ask for Email and password every time,
what i want to do is getting the Login credential from LinkedIn app (if already installed in device), as in Facebook.
But i'm not able to find any tutorial about it.
Plz help me out.
Thanks
You can not and should not. On Android all apps have a private area to store their data. Unless you have root you can't read another app's data (unless the info is saved to public storage which in this case it is not).
What you should be doing is getting your own authorization by asking the user directly for details and permission and using that. I believe LinkedIn uses OAuth2.0 so look into logging in using that.
You can refer this link:
https://www.studytutorial.in/linkedin-integration-and-login-in-android-tutorial
And also if you are integrating LinkedIn Login in your application, you might face a difficulty that user must have to installed LinkedIn App in his/her mobile. As per the documentaion,
https://developer.linkedin.com/docs/android-sdk
For your reference