Announcing Sign in with Google

How about @maschera suggestion. Would this be workable?!

1 Like

That’s a good idea, but I highly doubt Google would let that fly for security reasons. And that’s the most important part…security. Google would probably never allow a generic name or logo that doesn’t properly represent the company the user is giving their oauth credentials to.

https://support.google.com/cloud/answer/9110914?hl=en

If your app uses Google APIs to access Google users’ data, you might have to complete a verification process before you make your app publicly available for the first time.

  • All apps that access Google APIs must verify that they accurately represent their identity and intent as specified by Google’s API Services User Data Policy. If you change any of the details that appear on your OAuth consent screen, such as the project’s icon, display name, homepage or privacy policy URL, or authorized domains, you need to have your app re-verified for branding prior to updates being published to your OAuth consent screen. This brand verification process typically takes 2-3 business days.
  • Apps that request restricted scopes must also verify that they follow Google’s API Services User Data Policy, but they must also meet the Additional Requirements for Specific Scopes. One of these additional requirements is that if the app accesses or has the capability to access Google user data from or through a server, the system must undergo an independent (3P) security assessment. For this reason, this restricted scopes verification process can potentially take several weeks to complete.

I just want to add that you are granting permission to Google to share your authentication with a third party provider, such as Glide. Misrepresenting that to the user would not be good. If it was allowed, several spammers/hackers would be spoofing permission screens with legitimate but fake business logos and addresses, putting user’s data at risk.

I understand the concern, however you are connecting Google and Glide together, not Google and the individual app. All of this to save the user from having to check their email for a pin using the original authentication method.

1 Like

was just going to suggest that too. +1