Thanks Claudio, that informations helps us a lot. On Thu, Jun 2, 2011 at 1:09 PM, Claudio Cherubino <[email protected]>wrote:
> Hi Jorge, > > Let's start with the first two questions: > > 1) Because of security reasons, the developers can't change the description > of the scope. However, we are already working on making them more > descriptive. > > 2) To revoke 3-legged OAuth tokens, you have to go to the Account Settings > page for the user and then click on "Authorizing applications & sites". The > direct link is https://www.google.com/accounts/b/0/IssuedAuthSubTokens. > > Claudio > > On Wed, Jun 1, 2011 at 2:07 PM, Jorge Luis Mendez <[email protected]>wrote: > >> Any help on those inquires would be greatly appreciated. Specially number >> 1. >> >> Thanks. >> >> >> On Thu, May 26, 2011 at 9:52 AM, Jorge Luis Mendez >> <[email protected]>wrote: >> >>> Hi Michael, >>> >>> Thanks for your previous responses. We've been trying OAuth for a couple >>> of days now and so far it's working great but I do have some questions that >>> need to be addressed before we decide to ditch ClientLogin in favor or OAuth >>> for our installed application. >>> >>> 1. The scopes that we are requesting access for are: >>> >>> - https://apps-apis.google.com/a/feeds/domain/ (AdminSettings API) >>> - https://apps-apis.google.com/a/feeds/ (Provisioning API) (we tried >>> https://apps-apis.google.com/a/feeds/user/ too) >>> >>> Now, the web page shown after the user has authenticated displays that we >>> are requesting access to "Unknown" products. >>> >>> Are we using a wrong feed? We require read-only access to AdminSettings >>> and read/write to Provisioning. >>> How can we make the request so that the displayed product shows >>> "AdminSettings" , "Provisioning", or any message that presents a less >>> sketchy feeling than "Unknown"? >>> >>> 2. You mentioned that 3-legged OAuth access tokens can be revoked if >>> needed. After authenticating I couldn't find the granted permissions in the >>> web admin panel for revocation. How can this be accomplished?. >>> >>> 3. Can you provide more details about what it means for 3-legged OAuth >>> tokens to be long lived. In which situations will it be required to obtain a >>> new access token? Will it expire after a certain amount of time? >>> >>> 4. One last question, we need to know to which domain the user >>> authenticated and the account name used. I've noticed a "user email" that >>> contains the email the user used to authenticate but since it is not >>> mentioned in the documentation I've seen, I'm not sure if it's an >>> experimental feature that we can't rely on. Is this user email field >>> guaranteed to be passed back to our application? Is it part of the protocol? >>> >>> Thanks for your help, >>> Jorge >>> >>> On Wed, May 4, 2011 at 2:56 AM, Michael Manoochehri < >>> [email protected]> wrote: >>> >>>> Hi Jorge: >>>> >>>> 1. No, your application can request access tokens with multiple scopes, >>>> meaning that you can authorize access to all 3 APIs at once. >>>> >>>> 2. In the OAuth 1.0 flow, 3 Legged OAuth access tokens are long lived, >>>> so you could have the user authorize access once, and then store the access >>>> token for later use. The access token can later be revoked if need be. >>>> >>>> 3. Unfortunately, we currently have no sandbox or test accounts for use >>>> with the Google Apps APIs. >>>> >>>> If you haven't already, check out the suggested OAuth 1.0 flow for >>>> applications that cannot launch a web browser: >>>> >>>> http://sites.google.com/site/oauthgoog/UXFedLogin/nobrowser/input-capable-devices >>>> >>>> Michael >>>> >>>> -- >>>> You received this message because you are subscribed to the Google >>>> Groups "Google Apps Domain Information and Management APIs" group. >>>> To post to this group, send email to >>>> [email protected]. >>>> To unsubscribe from this group, send email to >>>> [email protected]. >>>> For more options, visit this group at >>>> http://groups.google.com/group/google-apps-mgmt-apis?hl=en. >>>> >>> >>> >> -- >> You received this message because you are subscribed to the Google Groups >> "Google Apps Domain Information and Management APIs" group. >> To post to this group, send email to >> [email protected]. >> To unsubscribe from this group, send email to >> [email protected]. >> For more options, visit this group at >> http://groups.google.com/group/google-apps-mgmt-apis?hl=en. >> > > -- > You received this message because you are subscribed to the Google Groups > "Google Apps Domain Information and Management APIs" group. > To post to this group, send email to > [email protected]. > To unsubscribe from this group, send email to > [email protected]. > For more options, visit this group at > http://groups.google.com/group/google-apps-mgmt-apis?hl=en. > -- You received this message because you are subscribed to the Google Groups "Google Apps Domain Information and Management APIs" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/google-apps-mgmt-apis?hl=en.
