Authentication for Web Applications

Web applications that need to access to services protected by a user's Google or Google Apps (hosted) account can do so using the Google Authentication service. This service lets web applications get access without ever handling their users' account login information. Many but not all Google services support the Authentication service; check first with the service you want to access.

Google offers two libraries for handling authentication: one using the OAuth open standard, and a second interface called AuthSub, developed prior to the release of the OAuth standard.

Factors to keep in mind when choosing between OAuth and AuthSub authentication:

• Universality: If your application will need authentication from other service providers as well as Google (assuming those providers support OAuth), use OAuth to avoid setting up multiple authentication mechanisms.
• Security: AuthSub allows for registered and unregistered access, offering several options with regard to security requirements. OAuth requires web applications to be registered with Google, have a security certificate on file, and sign all requests.