0

So I am creating an application for my google apps domain. It will have its very own google apps account associated with it, from which it can store/retrieve/manipulate data.

The application should use this google account alone and the user should have no indication that it is using a google account. Is there a way to programmatically authenticate my entire application and not prompt the user authenticate/authorize?

Chris Rice
  • 728
  • 2
  • 9
  • 32
  • 1
    sorry, no, the user must authorize it at one stage or another. – CamelCamelCamel Mar 04 '12 at 04:26
  • EDIT: I guess i didn't say it right. When the users access my application i DO NOT want to access their google account. I only want the application to talk to 1 google account alone. One that the user would not have access to the username and password for. – Chris Rice Mar 04 '12 at 23:23

1 Answers1

1

I think you are looking for two legged OAUTH.

You can generate a OAUTH token and secret in the control panel of Google Apps and assign the authorized scopes to this token/secret pair. For instance, you can authorize access to the calendar of all users in your Google Apps domain using the token/secret.

You can then programmatically access the calendars of all users.

Because this token/secret is authorized by the Google Apps domain administrator, individual users do not need to grant access anymore. That is why this is called two legged Oauth, whereas three legged Oauth requires user interaction to obtain a token/secret for an individual user.

This question on SO might interest you too.

Community
  • 1
  • 1
koma
  • 6,486
  • 2
  • 27
  • 53
  • This is sorta want i want, I guess i didn't say it right. When the users access my application i DO NOT want to access their google account. I only want the application to talk to 1 google account alone. One that the user would not have access to the username and password for. – Chris Rice Mar 04 '12 at 23:23
  • That is not a problem. You setup your OAUTH token in the GAPPS control panel. You create the 'dummy' user that you want to use in the background and you manipulate dummy users data as you wish, independently of the user actually using the app. – koma Mar 05 '12 at 08:35