I have a question regarding Oauth2 login for Google API. Suppose my application knows the credentials of user (stored securely somewhere in my app's database), is there a way to bypass the login screen by prefilling the username and password from the backend in someway so that the Oauth2 confirmation screen to get the access token only shows the scope permissions confirmation?
How to Prefill Google API Oauth2 Login with Credentials
465 Views Asked by urbanspr1nter At
1
There are 1 best solutions below
Related Questions in OAUTH-2.0
- discord.py - Oauth2 - join user to guild
- Implementing Incremental consent when using both application and delegated permissions
- Verifying Google Identity OAuth2 token with Ruby
- spring security error Caused by: org.attoparser.ParseException: Exception evaluating SpringEL expression: s
- Encountering HttpError 403 and 500 When Using Google Sheets API with Service Account
- get refresh token in axios interceptor
- spring error exception with oauth2 and securityconfig
- What oauth 2.0 endpoint is used to validate a bearer token
- Not enough permissions to access API request https://api.linkedin.com/v2/me
- How to specify the client ID and redirect URI in Swagger OAuth2.0 configuration for Swagger UI?
- OAuth2 PHP change invalid_token response
- Call Databricks API from an ASP.NET Core web application
- Secure to share Access Token over public API using CORs?
- How to use Oauth in order to log‑in on .googleapis.com on almost any arbitrary endpoints domains from the web browser?
- OAuth access token attribute based reverse proxying of http ressources
Related Questions in GOOGLE-API
- Can you use the Drive API to share a file in Google Drive to an oath2 subject rather than email address?
- youtube api quota limit of 10000api
- How can i get the reviews in google maps via API
- Google api nearbysearch how to filter data business_status
- Optimizing Gmail API Query or Alternative Method to Retrieve Total Email Size
- How to use Oauth in order to log‑in on .googleapis.com on almost any arbitrary endpoints domains from the web browser?
- How do I get rid of any type of Memory Saver in Chrome
- Google Picker API not firing callback when using toUri() in iframe
- Python Google Speech v1 voice_activity_timeouts error
- How to config expo MapView correctly?
- Google can't find my keyfilePath in my NextJS app?
- Renaming a file - Google API direct download link
- Access Regular Gmail Account with API in Lambda
- Security of Google Drive API Objects using Google Service Account Credentials in Client Side Code for Website
- Dataportablity api stops working after two weeks
Related Questions in GDATA-API
- Creating a report with GA4 data API and using segments
- OAuth2 with python gdata_api : 400 Bad request
- Google Calendar API Does Not Return Newly Created Events
- Using Oauth2 AccessToken of a particular user in gdata for retrieving picasa photos
- Appending data on to a Google Spread-Sheet with gspread
- Custom Fields and Extended properties - Are they Same?
- WearableListenerService onMessageReceived() not called
- Trouble with oauth2client.client.Storage
- How to create and update gmail group using Google-Contacts
- NullPointerExceptions while trying to read data from a public Google Spreadsheet
- how to programatically add access permisson like addEditors() and addViewers() in google spreadsheet through java code
- How to create OAuthParameters from access token for Google Contacts API
- ClientLogin Shutdown: Does this affect Gdata Library?
- Calling Google Contacts API through OAuth 2.0 service account gives AuthenticationException
- Error code for storage limit on Google Contact API
Trending Questions
- UIImageView Frame Doesn't Reflect Constraints
- Is it possible to use adb commands to click on a view by finding its ID?
- How to create a new web character symbol recognizable by html/javascript?
- Why isn't my CSS3 animation smooth in Google Chrome (but very smooth on other browsers)?
- Heap Gives Page Fault
- Connect ffmpeg to Visual Studio 2008
- Both Object- and ValueAnimator jumps when Duration is set above API LvL 24
- How to avoid default initialization of objects in std::vector?
- second argument of the command line arguments in a format other than char** argv or char* argv[]
- How to improve efficiency of algorithm which generates next lexicographic permutation?
- Navigating to the another actvity app getting crash in android
- How to read the particular message format in android and store in sqlite database?
- Resetting inventory status after order is cancelled
- Efficiently compute powers of X in SSE/AVX
- Insert into an external database using ajax and php : POST 500 (Internal Server Error)
Popular # Hahtags
Popular Questions
- How do I undo the most recent local commits in Git?
- How can I remove a specific item from an array in JavaScript?
- How do I delete a Git branch locally and remotely?
- Find all files containing a specific text (string) on Linux?
- How do I revert a Git repository to a previous commit?
- How do I create an HTML button that acts like a link?
- How do I check out a remote Git branch?
- How do I force "git pull" to overwrite local files?
- How do I list all files of a directory?
- How to check whether a string contains a substring in JavaScript?
- How do I redirect to another webpage?
- How can I iterate over rows in a Pandas DataFrame?
- How do I convert a String to an int in Java?
- Does Python have a string 'contains' substring method?
- How do I check if a string contains a specific word?
One of the main benefits of OAuth2 is that it allows a user to give your application access to some resource or other without having to supply their login credentials. The exception is the "password" grant which allows the client application to act on the user's behalf, but is generally discouraged.
Google's login screen is loaded from their site, so you can't control the data that it renders or bypass it. One of the other important things about OAuth is that the user usually gets to decide whether to grant access or not. If the user has previously granted access to your application, and is already logged in to Google, then they will probably be redirected without having to log in again.
You shouldn't really be storing a user's Google credentials on your site - no matter how secure you think they are - one of the main reasons standards like OAuth exist is to avoid just this situation.