I was using Facebook login and other 3rd Party login in mobile game based on the way that,
client integrates Native Facebook SDK (or other native sdk)
client login and get OAuth access token
client pass access token to server side and server makes a server-side authentication to Facebook
if server side get FB Uid, then based on it creates an account or login to existing account for the user.
My question is, in order to free user from login to service every time, is it possible to directly use Apple ID on the device for such flow of authentication? What about Android and Google ID? Or other type of solutions I should look into?
I know the question is old, but it's one of the first that get get listed when searching for "apple oauth"...
Apple has anounced at the WWDC 2019 a new feature called Sign in with Apple which allows you to use oauth for apple logins like facebook, twitter, google etc. Developer resources can be found here and a good introduction here.
————- update: ————————————————
We now have Sign-In with Apple: https://developer.apple.com/sign-in-with-apple/
—————— old version —————————————
For apple user accounts there is no oAuth 'ID'-provider
https://discussions.apple.com/thread/6594633?start=0&tstart=0
https://en.m.wikipedia.org/wiki/List_of_OAuth_providers
My personal opinion about that fact is the following.
Apple wants to sell hardware. If software is needed to support that, they implement or buy it.
Apple might be wrong, as web apps are integrating Facebook, Google, Twitter, Windows Live and sometimes Weibo, LinkedIn or Amazon oAuth.
I never heard about plans for oAuth for Apple ID.
Related
I'm creating an app that signs in users with google sign in. I was wondering, do all android users that downloaded my app (from google play store) have a google account? I want the user to do as little non app-related actions as possible at the onboarding stage and google sign in just solves this corner for me but if not everyone has a google account then I'd have to make an alternative email & password option..
Thanks in advance
If you are not highly comfortable with server side and devOps, and all you want is just signup-login, I think the best option is to use Firebase Authentication and I highly recommend it.
From docs
Firebase Authentication provides backend services, easy-to-use SDKs, and ready-made UI libraries to authenticate users to your app. It supports authentication using passwords, phone numbers, popular federated identity providers like Google, Facebook and Twitter, and more.
And it is free for email and google login you mentioned. And only costs if you used phone verification when exceeds the monthly limit. See pricing here
I'm building an app for both Android and iOS. Users should be able to login but I don't want to deal with their passwords myself and want to use third party sign-in. I already implemented Google sign-in on Android (https://developers.google.com/identity/sign-in/android/start-integrating) and iOS but since I'm not sure how many iPhone users have a Google account I was wondering whether there is an Apple alternative. Can I use the Apple ID or maybe iCloud account for this purpose?
Is there a way I can use Google credentials to get basic user info like
Email, Name, Gender
and use them in my application? Its like allowing user to login into my application using Gmail.
I asked the same here.
But the answer says:
You should not use Gmail for user authentication using Google
accounts. You can use Google + Sign-in for Android instead. This will
allow you to access the user's profile information upon getting the
required permissions using OAuth. Check out the guide here:
which i followed and everything worked fine.
But if a Gmail account has no GooglePlus profile, My application asks to create a GooglePlus account. Which makes me think I implemented a GooglePlus Login instead of Gmail Login.
Is the answer for my other question right? Meaning without a GooglePlus profile you cannot have a Gmail Login in Android?
If not how can I have a Google Login in my application?
A similar question here, with no replies.
Please help. Thank You
Try article on this Url : http://nilvec.com/implementing-smtp-or-imap-xoauth-authentication-in-java.html.
I think this will help you
I wouldn't confuse a "gmail" account and a "Google+" account as being different things. Really what you want is for a user to authenticate with their "Google account", which spans many services.
On Android, the easiest way to build authentication with Google accounts is to use the Google Play Services SDK, which includes services like Google sign in.
Google+ documents an end-to-end approach to using Google Play Services SDKs that cover the issues that you asked about by using the PlusClient:
Setting up the client
Getting the user's email address using either PlusClient.getAccountName() or the REST methods.
Getting the user's profile info using the PlusClient.loadPerson()
Documentation for using Google's OAuth2 to authenticate a user are provided at https://developers.google.com/accounts/docs/OAuth2Login. As the page notes, however, you and your users get additional features if they use a Google+ account and the Google+ Sign-in, but this is not necessary.
The scopes required are
https://www.googleapis.com/auth/userinfo.profile for name and gender
https://www.googleapis.com/auth/userinfo.email for the user's email address
Update: I should amend that these scopes are now deprecated, and scheduled for removal. See the URL above for details.
I'd like to use SSO (Single Sign-On) for users of my app, but I don't understand how to apply it to my case.
To summarize, we have:
a database
a website
an iPhone app / an Android App
Currently, it's possible to create an account on the site, and then use the same credentials to connect from the mobile apps. All communications between mobile apps and server work through http requests.
To put it simply, I would firstly
be able to use Google accounts to authenticate users
offering Android users to choose one of Google accounts associated with their smartphone
I found several sources of information:
Google - Using OAuth 2.0 for Login
Android - Remembering Users
Unlike what I saw in some examples, I don't need to make request to Google services like Google Calendar or Tasks, I just want to authenticate the user.
Does someone could tell me what I need to do on the website and on the mobile app. Should I store information in my database? How to ensure that after authentication, all http requests from the mobile application are really from authenticated user?
Do not hesitate to ask me to clarify some points.
Thanks in advance
As OAuth is a standard for authorization and not for authentication, it doesn't support any direct method for this. However, most providers allow you to call an endpoint that returns the id of the logged in user. Google returns the id as part of the basic profile information. This step is described in the first article you already mentioned. There are multiple libraries available to simplify this step for you.
So for identifying a user you acquire his Google user id and store/match it in your database.
To get the user's id on an Android device, there's an even more simple way. Just use Google Play Services as described in its documentation. You can find the user id in the response to the call in the last section of the documentation.
Now there's still the problem that you have to send the user id from the device to your web server and verify that this call was issued by your app. Fortunately, Google has also built a method into Google Play Services for exactly this scenario. There's a blog post by Tim Bray at the Android Developers Blog about this.
I'm creating an app that will need users to create an account. (Like Facebook or Twitter would require you to.)
BUT, since it's an Android app, should/can I let them sign in with their Google Account using AccountManager or some other service? It'd be very helpful if they could just sign in to their Google account and their settings and other options would be saved to that account.
Main questions summed up:
Is it possible to let a user just use their Google account in my app?
If so, do I use AccountManager to have them sign in and save account information/settings?
What are other options?
Yes, you can get users to log into their Google Services using their Google credentials, for example, I have an app on Google Tasks and I use the Android AccountManager to let users authenticate themselves using their Google account on the android device (No need for users to enter their password!)
There are some really good examples to get you started:
This is an in-depth look into how you can authenticate based on the users Android credentials, has an example of how things work and how the UI should be: http://www.finalconcept.com.au/article/view/android-account-manager-step-by-step-2
This is an example of getting AccountManager to work with a Google service like Google Tasks: https://developers.google.com/google-apps/tasks/oauth-and-tasks-on-android
The last example is using the same concept for accessing the Google Picasa service: http://code.google.com/p/google-api-java-client/wiki/AndroidAccountManager
The other options you have is to have users manually enter their username/password. For that you have to use a third party authentication API (like signpost for OAuth) for them to log in.
In my tasks/todo application I provide users both options to sign in, using their android credentials or using third party authentication for users that want to log in using some other account (an account which is not enabled on that device)
Let me know if you have more questions
Although it is a new development, Google Plus Sign-in introduced as part of Google Play Services can also be used. More info can be found at Android developers blog. See example implementation from Banjo app
There seems to be a big limitation - The user need to have Google+ app installed on the device to use this.
Also this is a pretty good blog if someone is interested in implementing the solution.
#Soham gave you some very useful links but he didn't correct one major error: AccountManager is the entity that manages the accounts on your Android device - it has nothing to do with your google account! you can use google account and create a NEW account on your device using the AccountManager.
The rest you can learn from the links Soham gave you.