Google Apps OpenID url

拜拜、爱过 提交于 2019-12-06 19:28:52

问题


Problem:

My organisation, ExampleFooBar, uses Google Apps. On our website I want to enable OpenID Single Sign-In (like StackOverflow), but only allow @examplefoobar.com email addresses to sign in. What OpenID url should I use for a Google Apps email address?

  • As per comments on Include OpenId in drupal, the domain http://www.google.com/profiles/<username> can be used for normal Google accounts, but this doesn't work for Google Apps accounts.

  • Google also provides the url https://www.google.com/accounts/o8/id but using that would allow any google user who found our website's login page to sign in, as the sign-in page accepts any google account name.

What Google URL can I use to ensure only @examplefoobar.com email addresses can sign in?

Google documentation for Google Apps OpenID is at http://code.google.com/googleapps/domain/sso/openid_reference_implementation.html, but is incredibly unhelpful.


回答1:


By aaronsnoswell:

The OpenID url google.com/accounts/o8/site-xrds?hd=examplefoobar.com will restrict email entries to @examplefoobar.com. Additionally, I had to enable OpenID Single Sign in from the Google Apps administrator page. Hope this helps someone!

http://jeremiahlee.com/blog/2009/09/28/how-to-setup-openid-with-google-apps/

Google Apps (for business) OpenID login for ASP.NET intranet site




回答2:


The OpenID url https://google.com/accounts/o8/site-xrds?hd=yourdomain.com will restrict entries to @yourdomain.com. You also need to enable OpenID Single Sign In from the Google Apps admin page at http://www.google.com/a/cpanel/yourdomain.com/SetupIdp

You should also add an X-XRDS-Location header on your website at yourdomain.com/openid in the format:

X-XRDS-Location: https://www.google.com/accounts/o8/site-xrds?ns=2&hd=yourdomain.com



来源:https://stackoverflow.com/questions/8877985/google-apps-openid-url

易学教程内所有资源均来自网络或用户发布的内容,如有违反法律规定的内容欢迎反馈
该文章没有解决你所遇到的问题?点击提问,说说你的问题,让更多的人一起探讨吧!