- Google Identity Services is a platform that you will have to make friends with if you are a developer
- Google identity services are key for your apps to work properly
- What are the key aspects of the new login and authorization flows?
With Google Sign-In all but disappearing, developers will have to work with new systems. In this sense, Google identity services, also known as Google Identity Services, are for many the future of developers. But how do they work and what should you know about them?
The first thing to say is that, like other Google products, basically this is now a mess of seemingly relevant documents and code that could render your apps unusable. There are constant complaints from teams that have had to adapt everything for days on end to solve it.
What’s changing with Google identity services?
In principle, with this Google Identity service, Google has designed two well-differentiated flows:
- Login flows: Applications that only need to know the username and email for authentication, and therefore are generally easier to access.
- Authorization: Applications that in addition to knowing the username and email address need to access the Docs API and Sheets API on behalf of the user, and therefore are more difficult to access.
This is the newest login flow for developers, without requiring us to control authentication.
- The app code activates a Google login
- Eu code retrieve JWT token
- Using a standard JWT decoder, you can read names and emails
Having said that, you’ll need to configure the web app consent screen on GCPso here are some links that should be of interest to you in this type of situation:
If you are the developer creating the integration with Google APIs, forget all of the above and focus only on the authorization flow. As we said, the names that Google has assigned to all this are somewhat confusing.
Note, on the other hand, that there are two authorization models: code model and token model. Since this link You will be able to know more details about it and decide on the one you consider most appropriate.
If your apps work offline, it’s best to stick with the code model and you’re good to go.
In short, this was an introductory article to give us a general idea of Google Identity Services, not a step-by-step tutorial like those that will surely come in the future. Google had offered us the same information although in a disorganized way, so we have decided to collect it so that everyone understands it.