将Google+登录限制为特定的Apps域 [英] Restrict Google+ Sign-In to specific Apps Domain

问题描述

当前使用OAuth服务器端一次性代码流，在此处进行讨论: https://developers.google.com/+/web/signin/server-side-flow

Currently using the OAuth server side one-time-code flow, discussed here: https://developers.google.com/+/web/signin/server-side-flow

非常适合Google登录.

Works perfectly for google login.

不过，我希望能够将登录名限制为仅适用于属于特定应用程序域的用户.

I want the ability, though, to limit this login to only work for users that belong to a specific apps domain.

是否可以通过api强制执行此操作?

Is there any way to enforce this through the api?

或者我是否只限于在Google身份验证之后才通过重新分配电子邮件域来这样做?(我想避免这种情况.)

OR am I limited to only doing this on my end after google authentication by regexing the email domain? (I would like to avoid this).

谢谢！

推荐答案

不支持通过Google登录进行此操作.如果有很好的用例，我们可以允许开发人员对客户端ID设置一些限制，并且很多开发人员都将从中受益.我看到的主要问题是我们必须向用户显示的错误消息.最好在您的网站上显示该错误(并进行解释).

There is no support for doing this through Google login. We could allow a developer to set some restrictions on the client id if there are good use cases and a lot of developers would benefit with it. The primary issue I see with is the error message that we have to display to the user. It is better to display that error (and explain) on your site.

通常，作为一种好习惯，您总是希望对系统/服务进行有关授权用户(例如检查域)的检查

In general, as a good practice, you would always want to do the checks on your system/services regarding the authorized user (e.g. check domain)

这篇关于将Google+登录限制为特定的Apps域的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！