I use the oauth api for login on my sites. Right now if a user needs a site based on a subdomain (user.mysite.com) I have to manually add it in the console so the login button will work at that new domain. The console says you can't use a wildcard such *.mysite.com. Is there way way to make this dynamic or a way to add a site programmatically?
I use a tool to create the subdomains and if I could add it to the list of approved domain when upon creation that would be great.
Related
I have an application that authenticates users via Google Oauth. When I click Signup button, a signup screen would pop up as shown in the figure below.
The problem is that I want users to signup emails with domain name of my organization. Specifically, the username suffix should be #my_organization.com instead of #gmail.com as displayed in the figure. I have tried to modify the Oauth Consent Screen but there seems to be no option to configure this.
as you mentioned the "Sign in with Google" is for login purposes through OAuth protocol when the accounts already exists in an organization, I am afraid this is not intended to delegate user creation since this is a task only domain administrators are allowed within an organization.
The most you can achieve from OAuth is to force the sign in with an specific domain; you can do this by modifying the "hd" parameter in the authentication request you are sending using the Google's OAuth 2.0 API. Here you can check on this topic: click here
As mentioned above, if you are looking to create user accounts with a specific domain you need to be an administrator in a Google Workspace account.
I hope this information helps!
You can only use oAuth with registered Google accounts.
With Google Workspace you can use a domain in your Gmail, see.
But if that's not possible and you want a quick way to authenticate, maybe Auth0 or similar tools can help.
Recently we migrated our website to AAD. Website is working fine after AAD migration. But the issue is, we are generating one word document and that document contains hyperlink (web api call to generate the another attachment dynamically) to open another attachment.
We are unable to validate that request because web api call from word application.
Is ther any way to acheive this functionality.
Did you want to generate the another attachment dynamically which require authentication after users click the hyperlink in the document.
How did you want to authenticate the dynamically? Based on my understanding, if the web API also protect bu Azure AD using the Authentication / Authorization, we can enable to redirect the unauthenticated request to Azure AD like figure below:
I'm trying to create a web service for my college, which uses Google Apps for education. We have our own themed login page. I was wondering if its possible to use oauth/ openID to use our Google apps account to log in. I know when I use generic oauth, I can enter the school email address and force it to take the Google apps domain, but is there a way to redirect to it directly?
You can use the hd parameter in the oauth request to specify a google apps domain to login through. I believe the apps domain needs to have the option enabled and/or be a paying domain, but I am not certain about this part
Example URL
https://accounts.google.com/o/oauth2/auth?access_type=offline&DOMAIN.COM&response_type=code&redirect_uri=http%3A%2F%2Flocalhost&scope=https%3A%2F%2Fwww.googleapis.com%2Fauth%2Fuserinfo.email%20https%3A%2F%2Fwww.googleapis.com%2Fauth%2Fcalendar&client_id=CLIENT_ID&type=web_server
I'm wondering something... about my google apps domain.
I'm using the OAuth 2.0 as client side.
For now, i'm requesting an access token using this url "https://accounts.google.com/o/oauth2/auth?". If the user isn't connected to his google account he is redirected to a page like this : https://accounts.google.com/ServiceLogin?service=lso&passive=1209600&continue=xxxxxxxxxx.......
but i want to use my custom page (using my google apps domain). I try manually to do what i want and that working (https://www.google.com/a/mydomain.com/ServiceLogin?service=lso&passive=1209600&continue=xxxxxxxxxx.......) but i don't know i can i do it programmatically...
Does anyone done what i'm trying to do ?
Regards,
Sebastien
You can add the hd=example.com parameter to the initial request.
See:
Restrict Login Email with Google OAuth2.0 to Specific Domain Name
I want to create an web application that will link up a student's facebook, twitter and orkut accounts all under one shed. Its like connecting all the students within a college, to login into the web app, the userid will be the unique studentID provided by the college
itself.
Now, once a student has logged-in, he can open his facebook, twitter and orkut a/c in the same window, lets say under tabs. How can i do that??
I mean how can i pass a student's Facebook's user-id and password to facebook server and if user authentication is done, then show the student his facebook wall.
I am very confused and don't know how to deal with this.
Storing username and passwords is not a very good idea. Neither Facebook nor twitter supports it through API.
For Facebook integration use the OpenGraph protocol with any SDK that Facebook provides, like Javascript SDK. Mogli is a ruby wrapper for OpenGraph API
For Twitter, there are multiple options like John Nunemaker's Twitter gem. Use that to talk to Twitter API.
Ultimately, it comes down to the architecture of your application. You can start by creating models like 'FacebookConnection' or 'TwitterConnection' and linking them to your 'User' model.
Solving it easy, just make the link open twitter/facebook. if they are signed in there already, their homepage will show, otherwise they will be prompted to enter user/pass.
To integrate your application with those platform, each platform got it's API and connect method, with this you won't need the user password be stored in your app. You instead will, twitter as an example, create a twitter application that communicate with twitter's API, and then redirect the user to twitter asking twitter to grant your application some access to the signed in user account, almost the same as you will sign in with your google account here on stackoverflow.
To do the communication with each of those platform, refer to the API/Connect documentation they provide and implement it in your web application. Don't reinvent the wheel, most of the communication functionality will be already coded in an easy to use library, whether for rubyonrails or most other development frameworks/languages.
look at facebook connect, oath (for twitter) etc instead of storing passwords
divs/iframes with some kind of tab control (jQuery?) to handle toggling of what should be visible.