Does anyone know if the REST API Paypal Apps you can create that use OAuth for Authentication allow other paypal accounts to authenticate your app access to their accounts? Or is it only meant for the account that creates the app to use it?
I guess another way to ask it is are these apps available to the public to authorize access to their accounts or are they private to the accounts that create the apps?
Thank you
Related
I am developing a website, where users will can login using their Google account. When i was about to develop this feature i came to know about two things
Gmail api
Google+ api(social)
I want to know want is the difference between these two apis, why google is providing two different apis for authentication. I tried using google+ api, and if the user doesn't have an account in Google+ then google is forcing user to register into google plus and then login to my website.
Which one is better to use for authentication into our website google or google+?
If you will use Google plus Api for authentication process then user need to have google plus account and If user is not having google plus account then He need to create it
I suggest you to use Google api for authentication because you can get basic information with it but if you want to get all social media data of google plus then you have to use google Api
Simple - API calls do not access any private user data
Authorized - API calls can read and write private user data, or the applications own data - API key plus OAuth 2.0 credentials (different for different application types)
Can I from my website, once a user is authenticated, let him login into GMail, Google+, Youtube or other Google service skipping the login screen? Does Google's SSO work this way?
If this is possible, can this be done with my login and do the SSO on behalf of their account? Maybe through some authorization token they give me, instead of their passwords. I read about this about using the Google MCC for that.
Is all this possible?
IF
the user is a Google Apps user
AND
you provide a SAML IDP
AND
the Google Apps domain is configured to use you IDP
https://developers.google.com/google-apps/sso/saml_reference_implementation
I have created my ecommerce website's business page from my personal account. To enable FB login to my website, I need the API_KEY and SECRET. From the business page, I cannot find how to create it but can create one from my personal account.
How do I create the keys from my business page?
If I create it from my personal account, will that be the proper way to do it? (Somewhere, it sounds like similar to phishing -- how will FB associate my website to keys created from my personal account?)
You don't. Only users can create apps not businesses
You set the domains which an app can be used from in the settings page
And Facebook here explicitly mentions to use personal account for app development: https://www.facebook.com/help/117200265032897
Say someone signs up with facebook. Then he wants to tweet a place. Well, I need to connect his facebook account with the account he created using twitter.
Is it commonly done?
Usually a custom application has its own database of its native user accounts and then each native user account can be associated with external services accounts.
Say, your user can associate their Facebook account and their Twitter account with their native account in your application, and then interact with those external services alike.
Does anyone know of a way to use social logins without having to create an account with a social media website? For Example, I want to use Facebook's Login on my website, but I do not want to create a Facebook account nor an app just to use their login.
Far as I know it pretty much requires (facebook) an App to be created (on developer site for facebook) in order to utilized services with a website.
Unfortunately, in order to maintain a safe development environment, and to prevent the creation of spam apps, it is required that Facebook manage its developer users. This is to allow them to block apps that act maliciously, and to allow permissions to be managed on their server for the app access token. For a more detailed answer, I'll refer you to one on StackOverflow by Lix.