Yes, it's ok for the auth thing. I mean, it doesn't matter. The only difference is, you won't be able to add to the team members list people outside of your custom domain.
What I sometimes do when I know I might be adding someone outside of a custom domain, I create a project using my @gmail.com account, then add my other account of a custom domain as administrator. You can then enable billing from your custom domain account and even remove the original @gmail.com account which you'd initially created a project with. -- alex On Thu, Sep 27, 2012 at 8:29 PM, Daniel Perry <[email protected]> wrote: > Hi Alex, > Thanks, I haven't had a chance to check it out yet but it feels like this is > the answer I was looking for. I am able to create the project and get the > client ID and secret. I have all the delphi side of things figured out, that > is not a problem although I, too, have returned to it after about that many > years... :-) > One last question, when defining the new project in the apis console, the > domain is locked to my company's domain. Is this OK although the appengine > application's domain is appspot.com? > It seems to me the api console does not "know" my xxxx.appspot.com or its > authorized administrators. > Should the project ID I define in the apis console be xxxx.appspot.com with > the exact same name as my appengine project in order to link between the > two? > Thanks, > Daniel > > > On Thursday, September 27, 2012 6:39:56 PM UTC+2, alex wrote: >> >> Then what you need is exactly this, I guess: >> >> 1. Go to https://code.google.com/apis/console, create a new project if >> you don't have one. Switch to API Access tab and create client ID and >> secret choosing *Installed application* (this is important). >> >> 2. Read the whole thing here: >> https://developers.google.com/accounts/docs/OAuth2InstalledApp and >> whenever you see "scope" parameter mentioned, you should set its value >> to "https://www.googleapis.com/auth/appengine.admin";. >> >> Also, there are quite a few links to client libraries if you don't >> want to do it from scratch, but I don't believe there's one for >> Delphi. At least not from Google. Sorry, I was programming in Delphi >> like 20 years ago so I'm pretty sure my knowledge is useless. >> >> >> On Thu, Sep 27, 2012 at 6:15 PM, Daniel Perry <[email protected]> wrote: >> > Hi Alex, >> > I looked at the OAuth 2.0 under the trusted testers, it refers, as far >> > as I >> > can understand, to the generation of an API for use by users of my >> > application. >> > What I'm trying to do is much more simple, in my opinion. >> > Allow the application's administrators only (added using the >> > "permissions" >> > option of the admin console) to access one of the application's >> > servlets. >> > I can achieve this if I run everything through a browser which performs >> > the >> > authentication and stores a cookie with the account data. However, I'm >> > trying to do this without the browser from a PC application (written in >> > Delphi, in my case). >> > The more I read about OAuth 1.0 and 2.0, I get more confused. Shouldn't >> > I be >> > able to use OAuth to replace the process the browser does in the >> > background >> > with the help of cookies to perform authentication? >> > I can try and follow up on this on the OAuth forum but I think I need >> > some >> > appengine specific information like how to obtain the client_id and >> > secret >> > required for OAuth 2.0 for my appengine application. >> > Thanks, >> > Daniel >> > >> > >> > On Thursday, September 27, 2012 4:52:54 PM UTC+2, Daniel Perry wrote: >> >> >> >> Hi Alex, >> >> I might be mixing up things but the reference to the Prediction API was >> >> only used to explain I need an installed application secret in order to >> >> use >> >> OAuth 2.0 to authenticate users against my app. >> >> I am able to call the Prediction API on behalf of my users and, in >> >> fact, I >> >> did, for a while but have abandoned it for the time being. I have no >> >> issues >> >> with type of call, it works file. >> >> I don't think what I'm trying to do is to expose an API. All I'm trying >> >> to >> >> do is to allow the application's admins, who have registered google >> >> accounts, to access an administration servlet of my app. >> >> I will look at the OAuth 2.0 under the trusted testers program and see >> >> is >> >> it answers my problem. >> >> Thanks, >> >> Daniel >> >> >> >> >> >> >> >> >> >> On Thursday, September 27, 2012 3:52:34 PM UTC+2, alex wrote: >> >>> >> >>> I think you mixing up a couple things here: (1) you want to >> >>> authenticate users agains your app; (2) you want to call external >> >>> services like Predictions API (presumably on behalf of your users?). >> >>> >> >>> There are built-in Users API and OAuth (only 1.0; 2.0 is within the >> >>> trusted testers like I mentioned) services available for doing (1). Or >> >>> you can do your own custom solutions, like username/password. >> >>> >> >>> For doing (2), you should probably take a look at >> >>> https://developers.google.com/accounts/docs/OAuth2InstalledApp but >> >>> again, this has nothing to do with (1) unless you require all your >> >>> users to have a Google account. If impersonating a user is not what >> >>> you really want then probably Service accounts is what you're looking >> >>> for: https://developers.google.com/accounts/docs/OAuth2ServiceAccount >> >>> >> >>> Though, I think the best thing is to ask folks at OAuth 2.0 forum: >> >>> https://groups.google.com/forum/#!forum/oauth2-dev >> >>> Sorry if I misunderstood what you're actually trying to do. >> >>> >> >>> -- alex >> >>> >> >>> >> >>> On Thu, Sep 27, 2012 at 3:16 PM, Daniel Perry <[email protected]> >> >>> wrote: >> >>> > Hi Alex, >> >>> > Thanks for your comment. >> >>> > I am trying to access my own app deployed on production servers. >> >>> > However, my application is a java application so the scope is in the >> >>> > web.xml, as far as I understand. >> >>> > I can set the scope for only part of the application, too. >> >>> > However, I'm trying to authenticate a user using an installed >> >>> > application, >> >>> > not a web page. For this I need a secret key. >> >>> > These are available when registring to use a google service like, in >> >>> > my >> >>> > case, the prediction API. I'm unable to figure out how to get OAuth >> >>> > 2.0 >> >>> > secrets for my appengine app. I can register to get OAuth 1.0 secret >> >>> > and key >> >>> > but, as I wrote in a previous post, I failed to complete the OAth >> >>> > 1.0 >> >>> > dance >> >>> > successfully. >> >>> > Have you previously used OAuth 2.0 from an installed application? >> >>> > Thanks, >> >>> > Daniel >> >>> > >> >>> > >> >>> > On Thursday, September 27, 2012 10:47:53 AM UTC+2, alex wrote: >> >>> >> >> >>> >> Hey Daniel, >> >>> >> >> >>> >> If you're trying to access your own app deployed on production >> >>> >> servers, it's already available: see appcfg.py --oauth2. Look >> >>> >> inside >> >>> >> appcfg.py - there's a specific scope for that. Off the top of my >> >>> >> head, >> >>> >> it must be something like >> >>> >> "https://www.googleapis.com/auth/appengine.admin"; but I'm not sure. >> >>> >> Though, if I'm not mistaken, it currently authorizes for the whole >> >>> >> app >> >>> >> (all or nothing, i.e. as an admin). >> >>> >> >> >>> >> Otherwise, if you're talking about an app exposing some kind of API >> >>> >> to >> >>> >> external parties, OAuth 2.0 is available within Endpoints service, >> >>> >> which is currently under trusted tester program. You can sign up >> >>> >> here: >> >>> >> http://endpoints-trusted-tester.appspot.com/ >> >>> >> >> >>> >> -- alex >> >>> >> >> >>> >> On Wed, Sep 26, 2012 at 7:23 PM, Daniel Perry <[email protected]> >> >>> >> wrote: >> >>> >> > Hi, >> >>> >> > As I can't seem to get help regarding my failure to use OAuth 1.0 >> >>> >> > to >> >>> >> > access >> >>> >> > my appengine application, are there plans to add OAuth 2.0 >> >>> >> > support >> >>> >> > to >> >>> >> > enable >> >>> >> > authentication using this method? Or, perhaps, if such support >> >>> >> > already >> >>> >> > exists, how do I get the correct key for authenticating an >> >>> >> > installed >> >>> >> > application to use my appengine servlet? >> >>> >> > The use of OAuth 1.0 appears to be deprecated but still >> >>> >> > operational, >> >>> >> > but >> >>> >> > I >> >>> >> > would prefer 2.0, in any case. >> >>> >> > Thanks, >> >>> >> > Daniel >> >>> >> > >> >>> >> > -- >> >>> >> > You received this message because you are subscribed to the >> >>> >> > Google >> >>> >> > Groups >> >>> >> > "Google App Engine" group. >> >>> >> > To view this discussion on the web visit >> >>> >> > https://groups.google.com/d/msg/google-appengine/-/N63R_R7OgWsJ. >> >>> >> > To post to this group, send email to >> >>> >> > [email protected]. >> >>> >> > To unsubscribe from this group, send email to >> >>> >> > [email protected]. >> >>> >> > For more options, visit this group at >> >>> >> > http://groups.google.com/group/google-appengine?hl=en. >> >>> > >> >>> > -- >> >>> > You received this message because you are subscribed to the Google >> >>> > Groups >> >>> > "Google App Engine" group. >> >>> > To view this discussion on the web visit >> >>> > https://groups.google.com/d/msg/google-appengine/-/_PKJrhm5AR4J. >> >>> > >> >>> > To post to this group, send email to [email protected]. >> >>> > To unsubscribe from this group, send email to >> >>> > [email protected]. >> >>> > For more options, visit this group at >> >>> > http://groups.google.com/group/google-appengine?hl=en. >> > >> > -- >> > You received this message because you are subscribed to the Google >> > Groups >> > "Google App Engine" group. >> > To view this discussion on the web visit >> > https://groups.google.com/d/msg/google-appengine/-/JYCT32jC1acJ. >> > >> > To post to this group, send email to [email protected]. >> > To unsubscribe from this group, send email to >> > [email protected]. >> > For more options, visit this group at >> > http://groups.google.com/group/google-appengine?hl=en. > > -- > You received this message because you are subscribed to the Google Groups > "Google App Engine" group. > To view this discussion on the web visit > https://groups.google.com/d/msg/google-appengine/-/IRCD1VHoEPQJ. > > To post to this group, send email to [email protected]. > To unsubscribe from this group, send email to > [email protected]. > For more options, visit this group at > http://groups.google.com/group/google-appengine?hl=en. -- You received this message because you are subscribed to the Google Groups "Google App Engine" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/google-appengine?hl=en.
