All geek questions in one place

Google OAuth Login: do not ask the User which account to use

I rely on Google OAuth to authorize the user for the site that I create. When I request permission, I already know which Google account he wants to use (I use Google OAuth as a second-level authorization). However, if the User is simultaneously registered with several Google accounts, Google redirects the user to the SelectSession interface.

When a user is redirected to https: //accounts.google.com/o/oauth2/auth? ... , he ends at https://www.google.com/a/SelectSession . This is not necessary, because I already know which session he wants to use.

Does anyone know a way to automatically select a specific account, so the user does not need to manually select a session at https://www.google.com/a/SelectSession

+4
source share
2 answers

If you already know the user's email address, you can add the user_id = request parameter as a hint. If the user is registered as an account, he will skip the selection of the account and proceed to approval.

This does not guarantee that the user will actually allow this account. This is just a hint, and there is still the option to switch to another account. If you need to know exactly which account they have chosen, you will need to confirm this later (for example, call the endpoint userinfo.)

+18
source

The point of oAuth is that the application does not know the login / password, so the proposed use is impossible. If you are in a mobile application (you did not specify), then the credentials will be stored in cookies.

You can delete cookies to log in to the user account, and not to select a new account, but for this you should consider logging out of your previous account.

-1
source

Source: https://habr.com/ru/post/1435186/

More articles:


All Articles