GOOGLE AUTHENTICATION FOR WEB APPS lets you create web apps that use Google's user accounts for user authentication. It reminds me of one big virtual LDAP server and brings back memory of Microsoft Passport. Some people plan to construct add-ons to Google services such as Google Calendar. At Tipperary Institute, we will perform an autopsy on Google Authentication as part of a fourth year multimedia programming course. The API libraries provide an excellent way of seeing connected authentication at work.
The basic workflow of Google Account Autentication for web apps is this:
- You call Google’s service (called “AuthSub”)
- Google serves a page to the user with a login box (the one accepting the Gmail address + password)
- If the login was successful, Google forwards back to your web app, and transmits a special token
- You call the Google service again, providing this token, and you then can get certain data from Google (e.g. access to Google Calendar events, or access to Gmail’s Atom feed)
Considering the potential reach of this authentication service, it's good to know that I can log into my different Google identities from separate tabs on Firefox.
Start here: Code.Google.com.
Dare Obasanjo -- "Authentication and Web APIs"
Dave Winer -- "I don't trust Google."