In my mobile app, I want to authenticate gmail/yahoo user via his email id & password to access my mobile app (I have done this with the Facebook). After lots of research, found repeated questions like question1, question2 and got this reference as Google api doc.
I have gone through the reference site and its code but not understood which is the domain and where to send which request.
Is there any way to authenticate gmail/yahoo user via his email id & password? Please help.
Related
I am trying to make login using OAuth2 using Apple Sign in. and I need to save the user email to the server.
after reading Sign in with Apple and authenticate with Firebase documentation , it said that
Unlike other providers supported by Firebase Auth, Apple does not
provide a photo URL.
Also, when the user chooses not to share their email with the app,
Apple provisions a unique email address for that user (of the form
xyz#privaterelay.appleid.com), which it shares with your app. If you
configured the private email relay service, Apple forwards emails sent
to the anonymized address to the user's real email address.
apple will generate unique fake email like xyz#privaterelay.appleid.com if the user refuses to share their original email.
if the user logout and then login again, will the fake email will be the same? or apple will generate a new fake email like new123#privaterelay.appleid.com ?
If I have a website where it is possible to sign in with multiple different providers (Say Facebook, GitHub, Google), what do I use as the local-to-my-site unique identifier for users? For example, if these two steps happened:
I sign in with GitHub (For the first time) and my username is mogronalol and email is mogronalol#mogronalol.com.
A local-to-my-site acccount with an email address of mogronalol#mogronalol.com and username of mogronalol is created.
If I use the email address as the local unique identifier, what happens if my email address changes in GitHub to other#other.com? The same question applies to changing username also.
If I got some sort of unique ID from GitHub, and used that as the identifier, then what do I do if my email address or username changes in GitHub. Do I just updated my local-to-my-site-copy to be the same as the one on GitHub each time I log in?
Of course, this problem is worsened if I want to log in with my Facebook account as well as my GitHub account. What happens if my email address and / or username are different across both of these? How would my local site know to link the accounts together? And if things like email address are different once the accounts are linked, which one do I use?
First, maybe you could try on some tutorial to feel how OAuth work.
After your OAuth authentication succeed, your website will receive a series of information provided by OAuth provider.example
Within this information, there are two special columns called uid and provider used to recognize user from OAuth provider.
You will use these two columns to tell which provider the authentication come from (i.e. facebook or github), also you need to save these fields to your account columns.
Then use rest of information to create the account in your website.
For example, use OAuth provider's email as email(github's email as email).
After you create account, every time you login server from OAuth provider.
You only need to check provider and uid in account column.
Let's back to your question.
If I use the email address as the local unique identifier, what happens if my email address changes in GitHub to other#other.com? The same question applies to changing username also.
If I got some sort of unique ID from GitHub, and used that as the identifier, then what do I do if my email address or username changes in GitHub. Do I just updated my local-to-my-site-copy to be the same as the one on GitHub each time I log in?
Github's email or user change won't affect your login (We only check provider and uid fields to login user).
I suggest not to sync with your OAuth provider's information(We only use OAuth provider's information when create account).
If you are going to support multiple OAuth provider, I suggest you read through this article.
You have to separate uid and provider to other table called identity.
Each account has many identities.
I also did it before.
If you don't mind, here is the sample code snippet to deal with multiple OAuth providers.
You have to think about the logic in your login flow.
For example, user has signed in and login OAuth => Link account with OAuth provider
User not signed in and login OAuth => If find user with OAuth, login, else create account using OAuth provider's information
Of course, this problem is worsened if I want to log in with my Facebook account as well as my GitHub account. What happens if my email address and / or username are different across both of these? How would my local site know to link the accounts together? And if things like email address are different once the accounts are linked, which one do I use?
We only link account, when user is already signed in.
When you link account, you could determine to use OAuth provider's information to update account(just like you used to register account).
I suggest to use the original email not to update it from OAuth provider's information.
We are developing a mobile app.
In this app we want our END USER to able to login with there email id + the password they have from our zendesk.
I can not find any way to let a END USER login with email + password. And after that, make tickets and see his open tickets.
We are using the CORE API at this point.
Have you had a look at the docs for the iOS and Android SDKs?
You can set up an AnonymousIdentity with email and name after your users auth into your app. This will give you an identity which can be used to create tickets.
There are limitations with AnonymousIdentity, described in the docs. The other option is JwtIdentity, this requires a bit of backend development to get up and running.
I am creating a rails app that requires sign up with twitter feature.And my application is based on email marketing service.Various types of email we will send user for the updates.
My concern here is that,twitter does not provide the email ID in response while authenticating a user via twitter API.
And now if I am creating that user in my database and allowing him to sign up by skipping some validation (Like email field is required). Then what should happen in the situation when my application will try to send the email to users.And this twitter user is not having email ID.
It will just skipped.
Is there any proper flow that I can use,so my app will work in correct flow.
Thanks!
Twitter doesn´t give you the email via API.
This works if you are using omniauth-facebook gem for example, but twitter doesn´t offer you the email - you have to create a workaround.
For example ask the user in a second step to fill in his/her email adress.
I am using omniauth to login with twiiter/facebook account in my site. It works great with facebook but it doesn't work with twitter. On checking log I found that twitter API doesn't send user email id back in response and in my application database email id is mandatory field.
Just wonder why email id is not sent back in response.
Is there any setting which prevents sending email id back in response?
Twitter does not provide email. This is because twitter privacy policies.
You can find the following information here: ( https://dev.twitter.com/docs/faq)
"The Twitter API does not provide the user's email address as part of the OAuth token negotiation process nor does it offer other means to obtain it."
You have to make an extra step (on your site), where you ask the user his email.
Regards
Ivangrx