Menu
How can I let users log in to my web app with their Google account, and verify that they logged in from a certain Google Apps domain?
Does the hd parameter to the Google Authorization service ensure that only the selected domain can be used to login?
Or can I get the logged in user's email and verify that it ends with "@domain.com"? This doesn't seem like such a good idea.
After login I also need to access the users' Google Contacts, which according to the documentation requires AuthSub proxy authentication.
218
Have a look at the OpenID docs others suggested. In brief, you need to redirect the user to a custom login URL based on their domain name - i.e. you need to find out their domain name before you redirect i.e. your hd parameter, which indeed forces login to the specified domain
This is also needed to support SSO for Google Apps domains, where the authentication for the user isn't handled by Google but by a third party service.
Make sure you check the openID provider, not just the email address domain name, once you do get the auth info.
186
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
