You should indeed be able to reuse the user token provided in order to make subsequent requests to IAP from your own app. Note that when that token expires you would need to follow the suggested 'Managing Cloud IAP sessions <https://cloud.google.com/iap/docs/sessions-howto>' guide to refresh the token.
You can of course not use IAP and implement your own authentication (doesn't even have to be Google OAuth, e.g your own login screen and user database). This would free up your application to make self-authenticated requests to itself (however you choose to do so), and use IDs in URL parameters or headers to pass user information like email addresses. - Note: for all further technical support in authenticating and coding your application to fit your needs, it is recommended to post further additional detailed questions <https://stackoverflow.com/help/how-to-ask>to Stack Exchange <https://cloud.google.com/support/docs/stackexchange> using the supported Cloud tags. -- You received this message because you are subscribed to the Google Groups "Google App Engine" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. Visit this group at https://groups.google.com/group/google-appengine. To view this discussion on the web visit https://groups.google.com/d/msgid/google-appengine/75fc762b-a626-4737-8a55-dcf578a0c034%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
