Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Google Apps OpenID url

Tags:

openid

google-apps

google-openid

Problem:

My organisation, ExampleFooBar, uses Google Apps. On our website I want to enable OpenID Single Sign-In (like StackOverflow), but only allow @examplefoobar.com email addresses to sign in. What OpenID url should I use for a Google Apps email address?

  • As per comments on Include OpenId in drupal, the domain http://www.google.com/profiles/<username> can be used for normal Google accounts, but this doesn't work for Google Apps accounts.

  • Google also provides the url https://www.google.com/accounts/o8/id but using that would allow any google user who found our website's login page to sign in, as the sign-in page accepts any google account name.

What Google URL can I use to ensure only @examplefoobar.com email addresses can sign in?

Google documentation for Google Apps OpenID is at http://code.google.com/googleapps/domain/sso/openid_reference_implementation.html, but is incredibly unhelpful.

like image 203
aaronsnoswell Avatar asked Jan 16 '12 09:01

aaronsnoswell

People also ask

What is OpenID Connect URL?

OpenID Connect defines a discovery mechanism, called OpenID Connect Discovery, where an OpenID server publishes its metadata at a well-known URL, typically. https://server.com/.well-known/openid-configuration.

What is OpenID app in my phone?

OpenID allows you to use an existing account to sign in to multiple websites, without needing to create new passwords. You may choose to associate information with your OpenID that can be shared with the websites you visit, such as a name or email address.

What is my OpenID?

OpenID Connect 1.0 is a simple identity layer on top of the OAuth 2.0 protocol. It allows Clients to verify the identity of the End-User based on the authentication performed by an Authorization Server, as well as to obtain basic profile information about the End-User in an interoperable and REST-like manner.

1 Answers

By aaronsnoswell:

The OpenID url google.com/accounts/o8/site-xrds?hd=examplefoobar.com will restrict email entries to @examplefoobar.com. Additionally, I had to enable OpenID Single Sign in from the Google Apps administrator page. Hope this helps someone!

http://jeremiahlee.com/blog/2009/09/28/how-to-setup-openid-with-google-apps/

Google Apps (for business) OpenID login for ASP.NET intranet site

like image 51
Farid Nouri Neshat Avatar answered Nov 16 '22 02:11

Farid Nouri Neshat
Sign in to Comment

Related questions

App Engine remote_api with OpenID
Ruby-OpenID: Requiring email-address from OpenID provider
DotNetOpenAuth: Message signature was incorrect
Why is HTML form redirection used in OpenID 2?
OpenID Attribute Exchange - should I use it?
is openid.claimed_id static?
Janrain's PHP-OpenID and Google/Yahoo
Why is it dangerous to use an email address as an OpenID?
How to address OpenID providers downtime?
Log-in the user with LightOpenID
How or when to follow redirected OpenIDs?
RequireNonce is true (default) but validationContext.Nonce is null
LDAP JWT OAuth scheme explanation
Login with Google account in CodeIgniter with OpenID
Google and Yahoo OpenID Endpoint
How to create OpenID Provider with Spring Boot
DotNetOpenAuth and Facebook
Can I use OpenId with the ASP MembershipProvider?
Generating users accounts inside Google App Engine
OpenID Simple Registration (sreg) vs. Attribute Exchange (ax)

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!