Developer-authenticated end users with Google Cloud Platform

1
votes

For authenticating end users to things like IoT services, many cloud services have a custom option: The client authenticates with the dev's own server (however the dev implements that), which in turn gets a token from the cloud service and sends that to the client for authentication with the cloud service. Amazon and Twilio are examples of this. This allows for a fully customizable auth.

If I understand correctly, Google Cloud Platform requires end users to authenticate with Google's OAuth2 service, meaning they must sign in with a Google account. I don't see any way around this, but the limitation is so severe that I wonder if I'm missing something. Is there some way I can instead authenticate users my own way?

1
authenticationoauth-2.0google-cloud-platform

1 Answers

2
votes

meaning they must sign in with a Google account

That's not entirely correct, you probably overlooked this in the very doc you referenced (emphasis mine):

Firebase Authentication gives you a robust, secure authentication system-in-a-box that helps you do sign in with any account your users want to use. Firebase Authentication supports password authentication in addition to federated sign in with Google, Facebook, Twitter, and more, allowing you to easily scale your authentication system as you grow on desktop and mobile.

So you can have your users choose their username and password or login using one of their supported 3rd party non-Google accounts.

But it will still be Google handling the authentication for you, which is good if you plan to use other GCP products/services as the authentication can be propaged.

If you want to handle the authentication yourself - nothing stops you from doing that, but it may be difficult/impossible to integrate it with other GCP products/services. The Plain OAuth 2.0 might be what you're looking for (I don't understand it enough), search for it in the Compare Auth Options guide.