Menu
Is it possible to achieve SSO with the built-in OpenId on App Engine? I've been trying to integrate a Marketplace app and get the user logged in when coming from Google Apps (the admin panel or universal navigation). I failed miserably, then now I found this:
"The one exception to this is applications which do hybrid OpenID/OAuth — whitelisting does not currently work with this approach." (from here)
I assume that I have to implement OpenId using a library instead of using the built-in one to achieve SSO with Google Apps in my app? Or if it is possible with built-in OpenId, is there an example anywhere that shows how to do this?
475
Google IdP is a user management platform for Google Apps and services. On top of that, Google IdP also acts as a SAML identity provider for third party web applications such as Salesforce and Workday.
A user browses to the application or website they want access to, aka, the Service Provider. The Service Provider sends a token that contains some information about the user, like their email address, to the SSO system, aka, the Identity Provider, as part of a request to authenticate the user.
Later Google posted an article about how to do it in Python:
http://code.google.com/googleapps/marketplace/tutorial_python_gae.html
The summary is:
federated_identity.For example:
from google.appengine.api import users
# [...]
login_url = users.create_login_url(dest_url='http://my-app.appspot.com/',
_auth_domain=None,
federated_identity=google_apps_domain_name)
self.redirect(login_url)
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With