Since my application integrates with Outlook and the users should sign up via the Microsoft (office365 or Live) sign up page is there any special design guidelines I should follow for the signup button like the ones required by Google. If not, can I use the Microsoft logo (in terms of legal issues) on my sign-up button like this:
https://www.screencast.com/t/dUjsjZiIB
P.S. Sorry for this question not being particularly technical, but the matter is important for a live com application and I struggled to find anything specific on this around the web.
Related
If the user is logged-in with the native Twitter app installed, I want my app to open the Twitter app to request authorization.
I already implemented the flow to get the oauth_token in order to start the login process through Twitter's api. Only, the current API Documentation do not mention anything about how to use the native iOS app in the process. It only sends back a url for the user to log in.
let url = URL(string: "https://api.twitter.com/oauth/authorize?oauth_token=\(result.oauthToken)")!
DispatchQueue.main.async {
UIApplication.shared.open(url)
}
On getting the requested oauth_token, I get this link. Opening the link will display a Webview to login. Not the native Twitter iOS app.
I tried to use a deeplink to manually launch the Twitter app, but I couldn't found any resources on how to setup the link properly.
So far I have tried things like:
twitterauth://authorize?consumer_key=[KEY]&consumer_secret=[SECRET]&oauth_callback=swifter-[KEY]
or
twitterauth://authorize?oauth_token=\(result.oauthToken)
without any success...
As mentioned in another post, Clubhouse has implemented exactly this flow. So it is possible. The question is how ? 😅
This flow seems to have not been officially supported since the retirement of TwitterKit on May 1, 2018. Any applications that still offer this functionality to their end users likely have some sort of partnership with Twitter to allow for this which is otherwise undocumented publicly.
The reasoning for this was detailed sparsely in a related Twitter Developer Forums thread:
Unfortunately at this time we have had to make some incremental adjustments that are not so smooth for everyone; especially as you’ve found, for mobile app developers. We’re in the middle of a transition to a new API platform (via Twitter Developer Labs) and there will be some changes as we go along - we are asking for your feedback to help us, and if you check the ideas, authentication and authorization is something we’ve heard a lot about.
I cannot tell you today exactly when we’ll get to an enhanced solution, but this is something we are actively working on.
Direct link
The official guidance is to use the traditional WebView method until Twitter officially re-releases this capability:
I don’t believe that this is possible any longer, so I would encourage you to use the full OAuth flow. I apologise that this may not be what your users prefer, but this is the documented way to gain authorisation (we do not document or support URL schemes for the native iOS app).
Direct link
We do not support or document any means of users signing in to Twitter outside of the OAuth flow; any use of undocumented features is subject to change without notice.
Direct link
As linked above Twitter appears to be soliciting feedback on this via their UserVoice page, should you feel so inclined to suggest the re-implementation of such a feature.
I'm working on a Slack app that also links with a web app, which users can log into using Slack. It's very common for a new user to need to both log into the web app and add the app to Slack.
I'd like to let them do this with a single trip through OAuth. Since the web app needs a name, email address, and profile picture for each user, I added the "identity.basic", "identity.email", etc. scopes to the ones requested by the "Add to Slack" button. But it turns out that Slack doesn't allow this. The Slack OAuth page says "Invalid permissions requested: Cannot request both identity scopes and other scopes at the same time".
One alternative might be to request the users:read and users:read.email scopes instead of the identity scopes. But this gives our app more access than it needs; it just needs the info for the current user, not for all users on the team. (It might later need that info for all users, so I'm considering doing this anyway, but I'm not sure if users would like it.)
The other alternative seems to be to make the user go through two different OAuth permissions screens. But this seems cumbersome and not a good user experience.
So the questions are (1) is there a better way, and (2) why doesn't Slack allow combining the identity scopes with others?
UPDATE to clarify, in response to the answer from #erik-kalkoken:
I'm aware of the differences between "Add to Slack" and "Sign In with Slack". I certainly don't intend to take away the option for most users to do a simple "Sign In with Slack". However, with this particular app, it makes no sense to do "Add to Slack" without also being signed in to the web app. This needs to be done by one person per Slack team before other users on that team can use it. Our onboarding process for new teams is a bit cumbersome, and I'm looking for ways to make it simpler and smoother. Since the sign-in and add steps could theoretically be combined into one step, I would prefer to do that.
Part of this may be because we aren't developing a "Slack app"; we're developing a Slack integration for a web app. The web app can be used without using Slack, and has its own concepts of users and communities.
The "better way" in my opinion would be to not combine these two functions on your website, because their effect is very different. I would argue that it would be confusing to users if they are combined and would not make a good user experience.
"Add to Slack" is installing a Slack app for the whole Slack team. You only do this once and its usually done by the admin of a Slack team.
"Sign in with Slack" is used to authenticate any user of a Slack team. You would use this function every time you log into your app and its used by many users of a Slack team.
How can I add a configuration page for my slack app?
example: asana has an add configuration button which leads to a page which we can use to then connect the slack user account with asana account
Several Slack apps (e.g. Twitter, Google Calendar) provide a configuration page after installation into Slack. However this feature seams to be available only to commercial partners of Slack, but not as a standard feature for every app developers.
Developers need to implement it by themselves with an external app / script that is linked the Slack app and store the configurations in their own database.
See also this answer for a full explanation on how this works.
Looking on the official Slack Plattform Roadmap for Developers this feature might be implemented in the future under "Install apps from within Slack".
Update:
You can now use Dialogs to create something similar to configuration pages. It allows you to open a custom modal window with up to 5 inputs (text or drop-downs). Its still not the same as having a full configuration page like the internal Slack apps have, but its a huge step forward and might be sufficient for many cases.
It seems this used to be possible, but not anymore. Here's my dilemma: I'm creating an iPad educational software app, and I want to let students log in with their Google Apps for Education accounts using OpenID-Connect.
... I guess my first question is: is the current Google+ SDK the right way to perform login against GAFE? What about the forthcoming "Google Classroom"?
So say I do this - the student pushes the "login with google button", the sdk performs an app switch to safari and lets the user log in to their google account, push the permissioning buttons, and app-switches back to my app, and the user is now logged in. Fine. At the end of the class period, the user logs out of my app and hands in their device. The next period, though, another student logs in, and because the first user has forgotten to also log out of google in safari, the second user has access to their account.
... My second question is: is this a valid concern? Seems like this would be a pretty common usage pattern.
... Third question - can I get around this? Can I make Google+ sdk use an internal UIWebView, or no web stuff at all? This is what seems like used to be possible, but no longer...
EDIT: Spoke to google tech support for apps-for-enterprise (thx M!) and they say that there is no way to authenticate against google openid-connect without going through a browser. This is, I believe, a security problem - students being kids, they will forget to log out of the browser, and the next kids will get into mischief. Oh well.
The GPPSignin class describes itself as:
It provides single sign-on via the Google+ app (if installed), Chrome
for iOS (if installed), or Mobile Safari.
Internal web views are not mentioned. You may need to implement OAuth2.0 on your own to allow your internal UIWebView to manage authorization.
Google publishes an API which includes a method to signOut. You can use it at your app's discretion in addition to the SDK requirement that a user be able to sign out manually.
https://developers.google.com/+/mobile/ios/api/interface_g_p_p_sign_in
I am working with the Firefeed app (based on Firebase) and I am wondering how I can give users the option to both login with Facebook and Twitter.
I correctly set-up my firebase but I guess the issue is that I either use
authClient.login("facebook");
or
authClient.login("twitter");
How can use both to give them the choice? I know, its probably a beginner questions. :)
Many thanks!
I'm not quite sure what you're looking for here. If you want to allow people to log in with either option, then you can simply have 2 buttons, one that says "Log in with Twitter" and one that says "Log in with Facebook".
If you want to have an account system that merges multiple social accounts into a single account on your system, so that users could log in with either system and access the same data, this is a little more complex. There's a thorough answer here:
How can I login with multiple social services with Firebase?