2

Apparently there's no straightforward way supported by Google Cloud Endpoints for allowing/limiting access to a private Endpoints API to only your Mobile App (Android or iOS). 1 2 3 4

There likely are many Apps where the developer would like to have her back-end on Google Cloud Platform. And, likely many of these Apps would like to use the backend API without having the App user sign-in to their Google Account.

Is (at least current version) Endpoints meant to be used by only those Mobile Apps where users are Google users or where the APIs are open? Or Am I missing something?

Community
  • 1
  • 1
user362953
  • 435
  • 2
  • 13

1 Answers1

2

you are right, out of the Box Google Cloud Endpoints only supports Google Authentication but you can build your own authentication for your preferred login provider. This is also supported by Cloud Endpoints but for some reason the documentation is not propagated.

You need to implement a class with the interface 

com.google.api.server.spi.config.Authenticator

Please have a look at the following example:

Google Cloud Endpoints and user's authentication

Regards

Michael

Community
  • 1
  • 1
Michael Meyer
  • 2,179
  • 3
  • 24
  • 33
  • Thanks Michael. Being a common use case, I was expecting it to be supported out of the box. – user362953 Mar 10 '17 at 06:00
  • you are right. I hope that Google will ship a solution for Firebase Authentication – Michael Meyer Mar 10 '17 at 10:39
  • I am new to Firebase. Are you referring to [Anonymous Authentication?] (https://firebase.google.com/docs/auth/android/anonymous-auth). Is that secure/reliable way to Authenticate Apps, without user sign-in? – user362953 Mar 10 '17 at 19:18