We are using Provisioning API's(Readonly Scope) in Google Marketplace. We want to move to new Directory API's as they the older API's are getting deprecated. I couldn't find anywhere whether these new scopes are supported in Google Marketplace Manifest.
Are these new API's supported in marketplace app manifest.
Yes, you just need to turn Admin SDK on underneath the "Register Additional Profiles" page (which links to the API Console for your project) from the Vendor Profile page. You'll still need to perform 2-legged OAuth authentication to gain access.
Related
We published our app via the G-Suite marketplace.
Admins can install the app domain-wide for users to access and they are asked at that time to approve all the scopes our application needs.
When users in an domain where the app is installed try to use features that integrate with Google - specifically fetching classroom data - they are not prompted to give us access to the data we request and yet the scopes are not requested from that user.
If the user does NOT have the marketplace app installed on their domain, they are simply prompted to grant access to the data and can continue.
To workaround this we removed all the requested scopes from the marketplace listing, and now users in a domain with the app installed are asked to approve scopes individually when we request them.
However, the G-Suite marketplace documentation specifically says that we are supposed to avoid having to ask users individually to grant scopes, so this seems wrong.
Has anyone else run into this issue and found a solution?
I'd like to publish an app on the G Suite Marketplace that allows user and group management/provisioning via SCIM 2.0. Where do I need to go to configure that?
This article from 2016 made me think it would be possible (https://gsuiteupdates.googleblog.com/2016/07/automatically-provision-users-with-scim.html) but I cannot find it anywhere in Google's documentation or Marketplace SDK?
We currently user SCIM as our primary method for integrating with the Identity Providers used by our enterprise clients. Some enterprises use GSuite for SSO though. Our current app in the Google Marketplace doesn't use SCIM and therefore has to be maintained separately.
I can't find my Application Secret key in the Mobile Options tab.
I went to look into the Mobile Application Security I found out that it is no more. It is replaces by Mobile Client Access. So where is it ?
If you have Mobile Client Access instead of Mobile Application Security then it sounds like you created a MobileFirst Starter Boilerplate (the newest release) rather than a Mobile Cloud Boilerplate (deprecated as of December 15th).
The new services within the MobileFirst Starter Boilerplate do not use the Application Secret for security or validation. I would recommend you take a look at that linked deprecation announcement and see what all has changed in the move to the new services and what you as a developer would need to do to migrate your preexisting code.
The new service Mobile Client Access require only appId and Route. (no app secret)
You can find more information here: https://www.ng.bluemix.net/docs/services/mobileaccess/getting-started.html
In the "next-step section" you can find some example that explains how to use the service ( how you can see the application secret is not required).
Is it possible to use authenticate user from mobile application using Active Directory credentials in IONIC? I have gone through many google, but could not find any thing specific to Active Directory.
Ionic Framework is a front end framework. You can authenticate by any means that's available from your backend API.
auth0.com offers a soultion that might work for your needs if you want to integrate against a pre-baked solution rather that writing your own. They have a library for Ionic Framework.
You can find github repo here: https://github.com/auth0-samples/auth0-ionic2-samples
Auth0 offers identity management as a service (authentication). The Ionic Framework library claims that you can integrate against:
Google,
Facebook,
Microsoft Account,
LinkedIn,
GitHub,
Twitter,
Box,
Salesforce,
Windows Azure AD,
Google Apps,
Active Directory,
ADFS
or any SAML Identity Provider
Keep in mind that your Active Directory server will have to be available to Auth0 in some way in order for the integration to work. This may not be appropriate if you're building a purely internal enterprise app.
Google Provisioning APIs use Google data protocol which requires admin userid and password. I looking for something like Google drive APIs so that I can use authority delegated service account to fetch entreprise info also. Idea is to avoid asking Admin credentials.
The Provisioning APIs support OAuth just fine. However, you should probably use the brand new Admin SDK Directory API which also supports the newer Google API similar to Drive SDK.