Posts

Showing posts from January, 2014

Choosing a Google identity scope

With all the changes to Google+ Sign-In at the end of last year, it was easy to miss some of the extended options that have been added. In particular, this update added "profile" as a valid Google+ Sign-In scope, and its not immediately obvious what the implications of choosing between the different sign-in scopes are.To help give a bit of context to the problem, there are really only three states of users that need to be considered when choosing a scope:Google+ user: This is a Google or Google Apps user who has a Google+ profile. Non-Google+ user: This is a Google or Google Apps user that has not upgraded to Google+.Google+ disabled Apps user: This is a user of a Google Apps account where the administrator has disabled Google+. We can take a look at the two main sign-in scopes with that in mind.profileThe most basic sign-in scope is profile. This can be used for all three classes of users. A token will be returned through the normal OAuth 2.0 process, and you will be able t…