There are a series of steps that enable that to happen, and those steps must happen in a specific order. So as a third-party application (also known as a client), you want to get info from the provider on the user’s behalf. The first thing you’ll realize if you dig into these specifications is that there are a lot of overlapping terms and concepts. To request information on behalf of a user, you must become a client to the authentication server, also known as the provider. You then store that information and can reference it later, effectively logging the user in. Should the user consent, Google sends back some information to your application. From there, Google needs to make sure that the user consents to pass along their email and other information to your application. Once a user comes to your application and presses the Google Login button, you can send them to Google. Luckily, you can register your application as a client to Google. To do that, Google needs to know about your application. You’re about to write a third-party application, and it will let a user use a Google Login button to log in. To unpack this a bit, let’s look at how this applies to the application you’re about to build. This usually involves obtaining consent from a user. These specifications define how a third-party application can obtain information from another service. OIDC is built on top of OAuth 2, adding a few new ideas and concepts. There are two very popular and important specifications called OAuth 2 and OpenID Connect (OIDC). Remove ads How Applications Use Google Login You don’t have to store any passwords, and Google handles all the security. At that point, you can effectively log them into your application. Google then tells your application about that user. Your application waits for the user to go through authentication.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |