The best place to start for this is the Cloud Endpoints documentation. This is the best way to implement an API for an Android application, because it auto-generates the serialization/deserialization for you as well as the Android client library code necessary to make the requests. You'll notice as you look through the documentation that you can specify a "User" object as a parameter, which will automatically be injected with the logged-in user. Furthermore, the "clientIds" and "audiences" allow you to restrict the API to applications which you authorize.
How to use authentification on Google App Engine
-
16-07-2023 - |
Question
I'm looking for a good example, documentation or starting point for the following scenario.
My own Google App (Java Servlet) running within Google App Engine
SSL activated for this app
A mobile Android app talking to my Google App
OAuth or other?
My problem is step 4. Somehow I want to make sure that only my Android app is allowed to talk to my Google App and depending on the user on the mobile device I have to restrict the privileges.
But I couldn't find a "very simple" "easy to start" documentation. Would be glad if someone gives me a hint. A very short example would be great.
Solution
Licensed under: CC-BY-SA with attribution
Not affiliated with StackOverflow