I'm building an Android application, and would like users to login with their Google Apps account. However, I'm not using, nor am I interested in using any of google's services in the backend. Is this possible?
I'm picturing this approach: 1. Use AccountManager in the application to ask for the authtoken of a com.google account 2. Send that authtoken to the server with requests 3. On the server, validate that authtoken with google's servers 4. Supply information to the user from my server, based on the validity of the token There is so much documentation about accessing a google service (drive, maps, tasks) at step 3, but no information about simply validating a token. Is there a service to do this? This document seems to suggests it is possible: https://developers.google.com/accounts/docs/OAuth2Login Meanwhile the authentication and authorization home page suggests that OpenID should be used for authentication: https://developers.google.com/accounts/ The page about authenticating mobile apps describes using embedded WebViews, which I had hoped to avoid by using the AccountManager: https://developers.google.com/accounts/docs/MobileApps Although someone has written a library to do the embedded WebView approach: http://stackoverflow.com/questions/3352592/webservice-credentials-openid-android-accountmanager Are there other possible approaches? My priorities are: - not to handle passwords - be able to validate that a web request comes from a claimed user (according to google) - tie that user to a user in my system (probably via the "name" of the account in AccountManager, which is the email address) -- You received this message because you are subscribed to the Google Groups "Android Developers" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/android-developers?hl=en
