paint-brush
Simple Introduction to Google Identity Servicesby@seeni
1,845 reads
1,845 reads

Simple Introduction to Google Identity Services

by SeeniAugust 24th, 2022
Read on Terminal Reader
Read this story w/o Javascript
tldt arrow

Too Long; Didn't Read

With Google Sign-In [going away], developers would need to work with new service called Google Identity. Google Identity service, Google has designed two flows: Sign-in flows - Apps which just need to know user’s email, name for auth. Authorisation flows - apps which need to access Docs API, Sheets API on behalf of the user. This has become a mess of docs and seemingly relevant code which will render your app unusable. So I am gonna make it simple for you to decide.

Companies Mentioned

Mention Thumbnail
Mention Thumbnail

Coin Mentioned

Mention Thumbnail
featured image - Simple Introduction to Google Identity Services
Seeni HackerNoon profile picture

With Google Sign-In going away, developers would need to work with a new service called Google Identity.


But As with Google, this has become a mess of docs and seemingly relevant code which will render your app unusable. My team spent two days implementing both of them due to this mess. So I am gonna make it simple for you to decide.


With this Google Identity service, Google has designed two flows

  1. Sign-In flows - Apps that just need to know the user’s email and name for auth
  2. Authorization - Apps that need to access Docs API, Sheets API on behalf of the user.


Sign-In flows

This is the newest sign-in-flow for developers without much need for handling oauth.

It goes like this,

  1. App code triggers a google-sign in

  2. your code gets back JWT token

  3. using a standard JWT decoder, you can read names and emails.


It is that simple.

Steps:

  1. Configure WebApp consent screen in GCP. Read https://developers.google.com/identity/gsi/web/guides/get-google-api-clientid
  2. Load Google Library - https://developers.google.com/identity/gsi/web/guides/client-library
  3. Display the Sign-In Button - https://developers.google.com/identity/gsi/web/guides/display-button
  4. Add A Server script/endpoint to handle the JWT token.



Authorization

If you are the developer building integration with Google APIs, forgot above and you must do Authorisation flow. I know names are confusing. But let it be. You need Auth from the user to access his/her google docs. So, Authorisation for you.


Steps:


  1. Load the client library into your webpage - https://developers.google.com/identity/oauth2/web/guides/load-3p-authorization-library
  2. Trigger and Process the Google OAuth flow - It’s a typical OAuth2 Workflow most platforms offer like Github, Bitbucket, Facebook. https://developers.google.com/identity/oauth2/web/guides/use-code-model. (See note below)


Note: There are two models of authorization: Code model and Token model. https://developers.google.com/identity/oauth2/web/guides/choose-authorization-model.


Token model is useful only if all the actions are done from the user’s browser. If you want to use that, Refer https://developers.google.com/identity/oauth2/web/guides/use-token-model.


If your apps work offline, Go with the Code model as shown in the above steps.


This was an introductory article to give a general idea of Google Identity Services. It is not a step-by-step tutorial. Google Docs has provided all that but in a messy structure. So I have given you direct links. Enjoy!