Google Developers Blog: New OAuth support for Google Apps APIs

New OAuth support for Google Apps APIs

Monday, September 27, 2010

Cross-posted from the Google Enterprise BlogGoogle Apps is designed to provide a secure and reliable platform for your data. Until today, Google Apps administrators had to sign requests for calls to Google Apps APIs using their username and password (this is called ClientLogin Authorization).Yet sharing passwords across sites can pose security risks. Furthering our commitment to make the cloud more secure for our users, today we are pleased to announce support for OAuth authorization on Google Apps APIs.There are several advantages to using OAuth instead of the username/password model:

OAuth is more secure: OAuth tokens can be scoped and set to expire by a certain date, making them more secure than using the ClientLogin mechanism.

OAuth is customizable: Using OAuth, you can create tokens that scripts may only use to access data of a particular scope when calling Google Apps APIs. For instance, a token set to call the Email Migration API would not be able to use your login credentials to access the Google Apps Provisioning API.

OAuth is an open standard: OAuth is an open source standard, making it a familiar choice for developers to work with.

The Google Apps APIs that support the OAuth signing mechanism are:

Provisioning API

Email Migration API

Admin Settings API

Calendar Resource API

Email Settings API

Audit API

OAuth support for Google Apps APIs is another step towards making Google Apps the most secure, reliable cloud based computing environment for organizations. To learn more about OAuth support and other administrative capacities launched in Google Apps this quarter, join us for a live webinar on Wednesday, September 29th at 9am PT / 12pm EST / 5pm GMT.Administrators for Google Apps Premier, Education, and Government Editions can use OAuth authorization for Google Apps APIs starting today.For more information about the OAuth standard, visit http://oauth.net.By Ankur Jain, Google Apps Team

5 comments :

BatfinkJrSeptember 27, 2010 at 4:21 PM
Well done!

Enablers such as this will help drive innovation and increased application offerings to the Google Apps marketplace.
ReplyDelete
Jaime BriggsSeptember 27, 2010 at 8:52 PM
In my research I was worried about the authentication presses used on the Cloud but you guys goes one step ahead, I’m confident using GoogleApps as a secure Cloud solution for our company and for the ones we are helping here in Chile. Great job, keep going, we need people like you on the Cloud.
ReplyDelete
Jan Zawadzki (Hapara)September 29, 2010 at 4:51 AM
This is great but *so* close - why no two-legged OAuth?
ReplyDelete
KaushikSeptember 30, 2010 at 8:10 AM
awesome.. will give a try
ReplyDelete
DiSCoOctober 1, 2010 at 12:25 PM
Really trustworthy blog. sesli Please keep updating with great posts like this one. sesli sohbet I have booked marked your site and am about to email it

to a few friends of mine that I know would enjoy reading.. sesli chat
ReplyDelete

Add comment

New OAuth support for Google Apps APIs

5 comments :

Labels

Archive

Company-wide

Products

Developers