Google Apps Marketplace SDK + OOuth 2 Domain Sharing

Question

Google Apps Marketplace SDK + OOuth 2 Domain Sharing

We are working on a Google Apps application for installation by a domain administrator. At first we tried to list it using a list of the (now obsolete) market, but all new applications should now go through the Google Apps Marketplace SDK.

We have a problem with the new SSO GAM SDK, however, despite the fact that it was installed inside our domain inside, each user is requested through the consent screen when sending them to the OAuth login address. The OAuth URL requests the same permission scope that is registered on the GAM SDK configuration screen.

The documents seem completely contradictory in how to remove unsolicited SSOs for applications installed by the GA administrator.

What url, with what parameters should we send users for authentication using GA without requesting (supposedly already granted) consent?

+8

google-apps google-oauth google-apps-marketplace

sgrove Dec 18 '13 at 21:20

source share

1 answer

Arun nagarajan · Answer 1 · 2013-12-19T17:18:52+0000

Can you share the code with which you are requesting authorization?

9 out of 10 times if every user in the domain receives a request because you are requesting "offline" access. Domain authorization cannot be performed for offline access. For example, in Python you can do it like this:

constructor_kwargs = { 'redirect_uri': GOOGLE_AUTH_CALLBACK_URL, 'auth_uri': client_info['auth_uri'], 'token_uri': client_info['token_uri'], 'access_type' : 'online' } flow = OAuth2WebServerFlow(client_info['client_id'], client_info['client_secret'], SCOPES, **constructor_kwargs)

Google Apps Marketplace SDK + OOuth 2 Domain Sharing

More articles: