links for 2010-03-07

  • Google supports the OAuth standard for API authentication. By using this module, web applications can access a user's Google Apps account without needing the user's login details. The user logs into the site with their Drupal username and password. Once authenticated, they are then immediately redirected to the Google login page where they must confirm (or reject) that the website is allowed to use an authorization token to access their Google account.

    Administrators of Google Apps Premier and Education editions can also use a special type of OAuth, called 2-legged OAuth. Unlike standard OAuth, the user is not actually authenticated with Google, but the site is able to act on their behalf to pull in or update their account data. Currently this authentication is implemented, but no APIs make use of it yet.