On Mon, Jun 11, 2012 at 11:28 AM, Goat666 <anand.thaker@gmail.com> wrote:
>
> I am working on an Android application which allows you to use your email
> account as a user id and any password for authentication. It also requires a
> verification step where you have to verify that the email address belongs to
> you.
What is the verification step and how/where do you perform it? If the
user has a
Google account registered in the AccountManager, they authenticated when they
registered it, so you can be reasonably sure it's their email address.
If you want
to send them a mail with a link/token to further verify, go ahead and to it.
You don't need a token from AccountManager for this, just the actual
email address.
You could use OpenID connect to get and verify user info, in that case get an
OAuth token such as described here (you need to prefix the scope with
'oauth2:'):
http://oauthssodemo.appspot.com/step/1
As for the token type not being documented, it is dependent on the underlying
implementation and service. The Google account related tokens services
are not a
part of the actual SDK, only the AccountManager API is. For
ClientLogin (deprecated)
tokens, you use the service name such as 'ah' (App Engine), 'cl'
(calendar), etc.
Those are documented in ClientLogin documentation. For OAuth2 tokens, you use
the scope with the 'oauth2' prefix. This works in more recent Android
versions, but
might not support all tokens.
--
You received this message because you are subscribed to the Google
Groups "Android Developers" group.
To post to this group, send email to android-developers@googlegroups.com
To unsubscribe from this group, send email to
android-developers+unsubscribe@googlegroups.com
For more options, visit this group at
http://groups.google.com/group/android-developers?hl=en
No comments:
Post a Comment