Posts

Showing posts from January, 2014

Choosing a Google identity scope

With all the changes to Google+ Sign-In at the end of last year, it was easy to miss some of the extended options that have been added. In particular, this update added "profile" as a valid Google+ Sign-In scope, and its not immediately obvious what the implications of choosing between the different sign-in scopes are. To help give a bit of context to the problem, there are really only three states of users that need to be considered when choosing a scope: Google+ user : This is a Google or Google Apps user who has a Google+ profile. Non-Google+ user : This is a Google or Google Apps user that has not upgraded to Google+. Google+ disabled Apps user : This is a user of a Google Apps account where the administrator has disabled Google+. We can take a look at the two main sign-in scopes with that in mind. profile The most basic sign-in scope is profile . This can be used for all three classes of users. A token will be returned through the normal OAuth 2.0 process,