On Wed, Aug 27, 2014 at 5:29 AM, Mobile Web Dev <[email protected]> wrote:
> 1. I already have a subdomain address and an SSL certificate for it. How > I do create an app engine app and point the subdomain DNS record to it? I > assume its through the admin console and the "App engine apps" option. > After I add this domain its asking me to prove i own the domain. I > already did this when i moved the email over so why do i have to do it > again? > > 2. I only want users from this google domain I own to access this web app. > How do I restrict this app engine to only accept oauth logins from our > company's google domian? > > 3. Whats the best way to access HTTP Rest services I host internally > behind a firewall from this new app engine app? > > 4. Is there a way to know who the authenticated user is when calling my > internal services? I'd like to apply some auth roles based on which google > account they login with. > 1. You would create the App Engine app through the Google Cloud Console, then map the subdomain and SSL cert through the Google Apps admin console. How did you prove ownership of the domain when you did it the first time (for email)? 2. Are you using the Users API or another auth library? If you're using the Users API, you can retrieve the authenticating domain and match against that. If you're not using the Users API, then you'll need to consult the documentation included with your auth library. 3. The best way would be to cryptographically sign App Engine requests to your internal services, so you know that the requests are valid and are coming from your application. You can also get a Compute Engine machine, route all requests through it and whitelist only the IP of the Compute Engine VM. 4. Yes but you'd have to build some way of passing that information along with the request; for example you could pass it as part of the headers. ----------------- -Vinny P Technology & Media Consultant Chicago, IL App Engine Code Samples: http://www.learntogoogleit.com -- You received this message because you are subscribed to the Google Groups "Google App Engine" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. Visit this group at http://groups.google.com/group/google-appengine. For more options, visit https://groups.google.com/d/optout.
