I am implementing Azure AD B2C, with Google.
When I login with my personal Google account, on the next page, the email and name is filled in (First-, last and full name).
When I use an another Google (test) account I just created, the name info is not filled in. This happened with several accounts, and I cannot find what causes this. In Google account settings the Full name is shown and visible for everybody.
Note:
I use a custom branding page which I made by copying the source from the default branding page. I did not find how to do that from scratch, as in this post: Azure AD B2C Branding - get the email, name info from Google+
I know that this is (most probably) not a coding issue, but a Google account issue, but I figured this is the best place to get the answer.
When I complete the wizard in Google+, about adding friends and/or interests, the names are taken from the Google+ account.
Related
Greeting,
I have a scenario, when the user that already login to my system and try to link their account into google social account (if their account is gmail) by clicking 1 button.
I have browsing about how to implement this, but nothing found.
Maybe anyone know how to doing this?
Note: I already setup the social account linking from login page and it's running well.
There are a number of good samples here.
Also here and here.
You have to use custom policies.
I have an application that authenticates users via Google Oauth. When I click Signup button, a signup screen would pop up as shown in the figure below.
The problem is that I want users to signup emails with domain name of my organization. Specifically, the username suffix should be #my_organization.com instead of #gmail.com as displayed in the figure. I have tried to modify the Oauth Consent Screen but there seems to be no option to configure this.
as you mentioned the "Sign in with Google" is for login purposes through OAuth protocol when the accounts already exists in an organization, I am afraid this is not intended to delegate user creation since this is a task only domain administrators are allowed within an organization.
The most you can achieve from OAuth is to force the sign in with an specific domain; you can do this by modifying the "hd" parameter in the authentication request you are sending using the Google's OAuth 2.0 API. Here you can check on this topic: click here
As mentioned above, if you are looking to create user accounts with a specific domain you need to be an administrator in a Google Workspace account.
I hope this information helps!
You can only use oAuth with registered Google accounts.
With Google Workspace you can use a domain in your Gmail, see.
But if that's not possible and you want a quick way to authenticate, maybe Auth0 or similar tools can help.
I'm currently building an application that uses sign in with Twitter. However, some users report losing their Twitter account (or also possibly getting banned from Twitter, etc), and am wondering if it's possible to switch those accounts to Google signin or email signin. Have not found docs on this, especially if the linked identifier is a Twitter handle instead of an email. Any help will be appreciated!
check here --> https://firebase.google.com/docs/auth/web/account-linking
But I think that the user must be logged in to do so, as you comment if they do not have how to enter with Twitter what you could do is a validation of additional data you have of the user (indicate their name, twitter user, something that you know about him) in a section that you build within the platform where new users can request to claim an account.
I have a google login in my app when I try to click on sign in with google I do not see the permission it needs to access
My app uses users contacts and so I have added it to scope in consent screen settings but it do not show any permission. Can someone help me if there is anything else that needs to be configured as I need to verify my app from google
I want permission to display like this(sample image)
Scopes that I am using
this is the api
Lets use the Google Oauth Playground to test a little.
test 1 requesting authorization to Oauth2 scopes.
I am going to select Google contacts really there is not much point in selecting this one using google People api is a much better choice.
And everything under Google People API
This is the consent screen shown me
test two authenticating with open id connect
I am going to only request
Now profile and email are special they are related to Open Id connect, which is out side of the Oauth2 because of that i was not actually shown a consent screen. Because i am Authenticating to Google that this is me logging in.
I am not Authorizing any Oauth2 scopes because none were really requested. Now this make confuse you because by requesting profile you are automatically given access to the users profile data which means that you can access the Google people api and do people/me and get the information about the person.
conclusion
Only Oauth2 scopes appear to the user requesting access. not open id scopes.
Apologies if this is a newbie question but I'm hoping someone can offer some advice.
I am fulfilling my Google Assistant intents via an Express app. I would like for users of my action to be able to get and modify data from their Strava account. Strava supports Google Authentication and I wondered if I could use node libraries such as Passport (https://www.npmjs.com/package/passport-strava-oauth2) to allow users to sign in to their strava account so that my action can make calls for their data?
I have a welcome intent that gets some Google profile data so wondering if I can pass through some details from this response?
googleApp.intent('Default Welcome Intent', (conv) => {
conv.ask(new Permission({
context: 'Hi, can I get your details from your Google account?',
permissions: 'NAME'
}));
});
Yes, but probably not in the way you're looking at.
The Permission helper requests access to specific types of information - name and location. You're looking to establish more of an identity relationship (using their email address or Google account).
You can do this using Account Linking.
If you're sure you're using Google Sign In on the Strava side then things are even easier and you can take advantage of Google Sign In for Assistant. With this, once they sign in, your Action will get an Identity Token which you can use to get information including their Google ID and the email address associated with the signed-in Google account. They only need to sign-in once - afterwards, you'll be given an Identity Token whenever they connect.
If your Strava project and your Action are both using the same Google Cloud Project, things get even easier for your users. Once they have signed in on either client, they're signed in on the other one. So you'll know who they are immediately through the Identity Token.