Integrators must implement a web host to redirect the users for authentication purposes. This authentication is a different modality, but the same purpose as the authentication provided by the Android authentication. This web host must have a mobile friendly web site.
The web host must determine mobile web requests vs desktop web requests based on the user-agent header value. The page delivered on mobile web requests must be mobile web friendly on Android and iOS. Beside the user-agent header value, the client will provide you no other hint as to the environment where this user is making the request (desktop or web).
The server must implement an HTTPS protocol using GET. The path and host are definable by the integrator. The integrator must support URL lengths of 2,048 chars. This includes the scheme, host, port, path and parameters.
All parameters will be UTF-8 encoded prior to being URL-encoded.
Request
Upon request, Google provides the following as URL parameters:
| Fields | |
|---|---|
gspMajorVersion
|
int
Major version number for this request. |
gspAuthenticationRequest
|
AuthenticationRequest
Authentication request. |
gspAssociationId
|
string
If present, this contains an identifier that the integrator uses to look up credentials for the user that is challenged. If this is not present, the user has the option to change the account identification. |
gspCallbackUrl
|
string
URL to redirect the user to in order to finish the authentication flow on Google. This value is url encoded. |
Response
Upon completion of the authentication, the user must be redirected to the
gspCallbackUrl using HTTPS GET. This URL must have the following query
parameters:
| Fields | |||||||
|---|---|---|---|---|---|---|---|
gspResult
|
int
|
||||||
gspAuthenticationResponse
|
AuthenticationResponse
Authentication response. |
||||||