Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Google OAuth2 API. Check user has two factor authentication (Not GSuite)

Tags:

google-api

google-oauth

google-api-client

I use scopes:

  • https://www.googleapis.com/auth/userinfo.profile
  • https://www.googleapis.com/auth/userinfo.email

but result data of:

  • https://www.googleapis.com/oauth2/v1/userinfo
  • https://www.googleapis.com/oauth2/v3/tokeninfo

not contains info about exist two-factor auth on google account. Can I get boolean or another value about it?

like image 256
arturgspb Avatar asked Jul 25 '17 11:07

arturgspb

People also ask

How do I enable two factor authentication (2FA) in GSuite?

Two Factor authentication can be turned on through any user’s Google account settings, but its use can also be required by the Gsuite administrator through the Gsuite admin panel. Authenticate into your admin panel at admin.google.com. Choose the Security Icon.

How do I Turn on two-factor authentication for my Google account?

Turning on two-factor authentication for your google account should take two minutes or less to complete. While logged into your google account view your profile icon at top right. Click your icon and choose “Manage your google account” button in the dropdown. Select “Security” in the navigation bar.

What OAuth protocol does Google use for authentication?

Google APIs use the OAuth 2.0 protocol for authentication and authorization. Google supports common OAuth 2.0 scenarios such as those for web server, client-side, installed, and limited-input device applications.

How does Google handle the user authentication?

Google handles the user authentication, session selection, and user consent. The result is an authorization code, which the application can exchange for an access token and a refresh token. The application should store the refresh token for future use and use the access token to access a Google API.

Video Answer

1 Answers

Sorry we don't expose If a user has 2 factor auth or not) through API. We have been thinking about this for a while.

We have been doing a lot of things to improve the security for all users (including the ones who have not enabled 2nd factor). This is based on the risk signals and we ask for second factor if the user has a phone # on their account even without a user enabling "strict" 2nd factor. This allows us to protect all users. The difference being in one case 2nd factor is required in all sign-in vs required when we think there is risk.

The problem is that if we do expose whether a user has enabled strict 2nd factor, a lot of 3rd parties will "force" users to become a "strict" 2 factor users without understanding what that means. So for now we don't have a timeline.

like image 83
nvnagr Avatar answered Sep 21 '22 14:09

nvnagr
Sign in to Comment

Related questions

How to unit test calls to Google API
Obtaining a basic google auth-token from AccountManager
GooglePlayServices not available due to error 2
Missing End Time Google Calendar
Google Sign-in is not working
Getting Google Refresh Token with Laravel Socialite
authenticating a service account to call a Google API with JavaScript client library
Does Google People API support ability to query
Need help formatting datetime timezone for Google API
How to use Refresh Token Google API in Python? [duplicate]
Indexing API 403 Permission denied. Failed to verify the URL ownership
How can "proposed new times" be retrieved for an event?
Allow users to logon to my site with Google account, without 3d party cookies
Upload via the Youtube via api set to Private (locked)
Google Authentication API: How to get the user's gmail address
Google API Sign In Button: Basic v. Custom
Google Drive Query issue with single quote and back slash
How to get more than 100 results from Google Custom Search API
OAuth 2.0 for Server to Server Applications using Python 3.4, cannot import name 'SERVICE_ACCOUNT'
Google API Signout Not working

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!