Sign Up to our social questions and Answers Engine to ask questions, answer people’s questions, and connect with other people.
Login to our social questions & Answers Engine to ask questions answer people’s questions & connect with other people.
Lost your password? Please enter your email address. You will receive a link and will create a new password via email.
Please briefly explain why you feel this question should be reported.
Please briefly explain why you feel this answer should be reported.
Please briefly explain why you feel this user should be reported.
I have a need to authenticate users using their gmail ID. However I need to do this without redirecting to google’s login page as with OpenID.
Is it possible to do it using an API call ? Does google provide such and authentication API?
Thanks,
Murtaza
There is no such API. There should not be such an API.
The redirect to the Google login page happens for several very good reasons. It lets the user know exactly what is happening. They know that you are authenticating against their Gmail Id.
It provides a layer of security between applications that use the Gmail Id and the user who provides the Gmail Id. If the user provided the username and password directly to you, they have no way of knowing that you won’t hang on to that information and do something evil or stupid with it.
Providing that kind of access would assist a malicious programmer in silently using brute force to crack some other user’s password. There’s no way for an API to prevent a malicious programmer from entering some random person’s Gmail address and trying any number of passwords very efficiently.
So, you can either accept the redirect or you can roll your own username and password system that is unrelated to Gmail.