Ping Identity > Blogs > PingTalk 

PingTalk Blog

Google moves to OAuth for Google Apps

  • By ,
  •  | 

Fresh on the heels of its introduction as a relying party for (Yahoo!) OpenIDs, Google today announced  support for OAuth authorization on Google App APIs.

Previously, Google App admins had to use username and passwords to sign requests for calls to Google App APIs, what Google called ClientLogin Authorization, a set-up the company said could pose security risks.
 
The OAuth feature is available today to administrators for Google Apps Premier, Education, and Government Editions.
 
Google plans a live webinar for Wednesday (9/29) at 12pm EST where they will go over the major features they have added to Google Apps in the past three months.
 
Here are the advantages Google touts and the APIs that Google supports as laid out by Ankur Jain on the Google Code blog.
 
There are several advantages to using OAuth instead of the username/password model:
 
OAuth is more secure: OAuth tokens can be scoped and set to expire by a certain date, making them more secure than using the ClientLogin mechanism.
 
OAuth is customizable: Using OAuth, you can create tokens that scripts may only use to access data of a particular scope when calling Google Apps APIs. For instance, a token set to call the Email Migration API would not be able to use your login credentials to access the Google Apps Provisioning API.
 
OAuth is an open standard: OAuth is an open source standard, making it a familiar choice for developers to work with.
 
The Google Apps APIs that support the OAuth signing mechanism are:
 
 
Follow John on Twitter and check out our Identity-Conversation Tweet list
 
 

Add your comment