I have a list of emails(gmail) and a list of google ids without any access/refresh tokens. Is it possible to figure out which google id belongs to which email?
Related
I am working with facebook Account Kit. During signup, I want the user to verify both email and phone so they can login with either of them. But currently facebook lets only phone or only email for one user id. Is there a way I can use both for a single user?
No, there is currently no way for an email and a phone number to share the same user ID. You would need to handle this yourself by using only one of these values as the user ID, and having an association between these 2 values.
For my own gmail account, I have multiple email addresses associated with it. For example, I have an email address from my university that is associated with my gmail, and I can send emails from my gmail as if they are coming from my university email address.
I'm reading up on the Google APIs, and I see that I can get a user's gmail address, but can I also get any other email address that is associated with their gmail account?
When a user logs in to my site, I'd like to present them with a list of the gmail-associated email addresses and let them select the one they would like to use.
EDIT: Thanks everyone for the answers, but I don't think any of them answers the question. I've been playing with Google's OAuth playground. It is strange that I can get lots of very personal information (a list of a user's contacts and even received emails) but I can't get the user's alternative email addresses.
Your description is a little vague. Are you talking about send-as alias accounts or alternate email accounts?
Send-as Alias
Either way, you can interact with the send-as accounts here: Manage Send-as Alias
Alternate Emails via Admin SDK
As for alternate email accounts, they can be accessed via:
Admin SDK: https://developers.google.com/admin-sdk/directory/v1/guides/manage-user-aliases?hl=en
Google Apps Script: https://developers.google.com/apps-script/reference/gmail/gmail-app#getAliases()
Additional info here on how the accounts work.
Email addresses associated with your account
Alternate email addresses and other Google products
Connect other email accounts to your Google Account
Federated Login
Also, I'm not exactly sure how you are trying to incorporate this functionality into your site but another area I recommend checking out is Federated Login for Google Account Users. This might also provide you with the functionality you seek.
Using federated login (also known as federated identity), your website
or application can allow visitors to sign in using their Google user
accounts. Federated login frees users from having to set up separate
login accounts for different websites, and frees you from the task of
implementing login authentication measures.
It has been a while since the question was asked. You can use the Google People API to get a user's primary email address and aliases. Here's the documentation. The scope you need to use is: https://www.googleapis.com/auth/user.addresses.read
This will return all the email addresses for the user and also tell you which is the primary one.
If you use OAuth to have your users sign-in with their Google accounts (with or without G+) the user will be prompted (by Google) to select which of their accounts they wish to authorize your application to use:
https://developers.google.com/accounts/docs/OAuth2Login
So to directly answer your question, I'm not aware of an API to return that list of users - however you shouldn't need to, Google will take care of this before returning to your application.
If your user is already logged in, and you wish to give them the ability to change the Google account they are using, I believe it is possible to prompt them again to select the account they are interested in (search for select_account on the link above).
This is possible. However, this has changed since Google announced the deprecation of their Google+ People API, which a lot of folks used to get all the email addresses for a user. The current most voted answer now goes to a 404.
Google Plus People API Replacement
Google has replaced the Google Plus People API /plus/v1/people/me with https://developers.google.com/people/ and you’ll want to use the https://www.googleapis.com/auth/user.emails.read profile scope as discussed here as a replacement. The schema is different, so you'll need to change your mapping as well.
If your app already used the following scopes from the old /plus/v1/people/me your user will not have to re-consent when you switch to the new API:
email
profile
https://www.googleapis.com/auth/plus.login
https://www.googleapis.com/auth/plus.me
https://www.googleapis.com/auth/plus.profile.agerange.read
https://www.googleapis.com/auth/plus.profile.emails.read
https://www.googleapis.com/auth/plus.profile.language.read
Is there an API to get the list of all Google groups a user is part of (of course, with his/her permission) and vice versa (given a Google group, get all users part of that group).
The Google Apps Provisioning API lets you retrieve the current memberships for a Google Apps user as well as list all members of a Google Apps Google Group. However, there is no way to do this for consumer (#gmail.com) Google Accounts and regular (#googlegroups.com) Google Groups.
Also it need not be Google Apps Provisioning. They also have gdata Services and retrieve Groups function. For example
if you have an user example#domain.com, then you can use RetrieveGroups(String memberId, bool directOnly) where memberId is the email address and directOnly must be set to True. This works sleek.
We are looking to integrate Facebook, Google, Twitter into an existing site.
Unlike most implementations, the user MUST be a customer prior being able to login with Facebook, Google, etc. The current database design is as follows;
userid | username | password | customerno
So the idea is if a user decides to login using Facebook, we need to validate that they are also an existing customer using their customer number which is alphanumeric. Once authenticated, they are no longer required to authenticate using their customer number. If they are not yet a customer, they will first need to create an account with us.
Do I need to design a new table for each provider? If so what should the design look like?
How do I authenticate a user who has logged in using Facebook with their existing customer number?
How do I authenticate a user who has logged in using Facebook with their existing customer number?
That depends on what criteria you have to recognize someone as a customer …
IMHO the best and easiest way to connect Facebook users to existing accounts on some other page is the email address. If you don’t have that, and see no other reliable way to identify someone as a customer with the data that Facebook can provide – then maybe you could just ask the user for their customer id on your site before connecting their Facebook account.
As for your database design – if you read the email address on every connect/login, then you could just look that up to find your user id. Otherwise, you could either add extra fields to your existing user table, where you save someone’s Facebook/Google/... user id. But if you want to use multiple services, maybe it’d be better to put this data into a second table like
userid | foreign_user_id | type
where type would be one of 'facebook', 'google' etc. to identify the login provider that foreign_user_id comes from.
Currently on my website, users login with their login id and password, they are also required to enter their email when they register. Both login_id and email column on the users table have unique index. users table also stores other data associated with the user such as gender,last_name,first_name but these are optional (nullable) fields.
There are two changes I would like to make to the website.
The first one is, users can use their email (in addition to login_id) to login. For new users, when they register, they no longer need to provide a login_id because they will be using their email to login.
The second change is, they can login with facebook. For new users, if they login with facebook for the first time, their facebook uid will be obtained and stored in my database. This means I will have to add a facebook_uid column on the users table.
For existing users, when they login with facebook for the first time, I should first obtain their email address from their facebook profile and then check if there already exists a record using that email in the users table, if yes, their facebook uid will also be stored on the facebook_uid column on that record.
According to facebook, its platform supports two different OAuth 2.0 flows for user login: server-side flow and client-side flow. Which one or both is required for this use case?
Also, what problems can be anticipated when I implement the features like I describe above?
You could take either approach for this, it's entirely up to you. Both methods will give you the data you need, it's a question of how comfortable you are working on the back vs front end. You just need to ask for permission to access to the user's email address.
Problems that could happen: I'm not sure but there may be legal restrictions on storing the user's Facebook ID. Also, what if someone (not me, an evil person!) registers with my email address and you don't validate that they really have access to that address - then when I log in via Facebook, the app will assume we're the same person and the evil hacker now has access to my account. Unlikely scenario but could happen...