Why isn't a Mobile App Authentication/Authorization supported by Google Cloud Endpoints?

2
votes

Apparently there's no straightforward way supported by Google Cloud Endpoints for allowing/limiting access to a private Endpoints API to only your Mobile App (Android or iOS). 1 2 3 4

There likely are many Apps where the developer would like to have her back-end on Google Cloud Platform. And, likely many of these Apps would like to use the backend API without having the App user sign-in to their Google Account.

Is (at least current version) Endpoints meant to be used by only those Mobile Apps where users are Google users or where the APIs are open? Or Am I missing something?

1
google-app-enginegoogle-cloud-endpoints

1 Answers

2
votes

you are right, out of the Box Google Cloud Endpoints only supports Google Authentication but you can build your own authentication for your preferred login provider. This is also supported by Cloud Endpoints but for some reason the documentation is not propagated.

You need to implement a class with the interface 

com.google.api.server.spi.config.Authenticator

Please have a look at the following example:

Google Cloud Endpoints and user's authentication

Regards

Michael