Google Code offered in: 中文 - English - Português - Pусский - Español - 日本語
With Google App Engine, you can use Google Apps to:
In the next article, we discuss how to deploy your application on a custom domain. Below, we discuss the available authentication options, and how to select the correct one for your application.
Google offers two different systems for authenticating your application's users. Only one form of authentication can be used for a given application.
Google Accounts is Google's unified sign-in system. All a user needs is a valid email address (it doesn't need to be a Gmail address!) to sign up for a Google Account.
Users of Google Apps for your Domain can choose to restrict all or part of their web application to only those people who have a valid email address on their domain.
Currently, you are not able to switch authentication options for existing App Engine apps.
With Google App Engine, you can administer your application using a Google Account or a Google Apps for your Domain account. Your app's administration account should use the same authentication as the app's users. For instance, if you set your app's authentication to Google Apps, you should administer that account using a Google Apps email address. While it is possible to have an account that is both a valid Google Apps account and a valid Google Accounts account, you should avoid using such an account to administer your applications.
If your App Engine developer account is a Google Account, you can access the Administration Console at http://appengine.google.com. If you are using a Google Apps account, you can access the Administration Console at http://appengine.google.com/a/YOURDOMAIN (substituting YOURDOMAIN with your actual domain name).
If you restrict your application's authentication to your domain, all pages requiring login must be served off of some subdomain of that domain. For example, restricting users to the domain foo.com means that the application can only be accessed through subdomain.foo.com. If you trying to view the page at appid.appspot.com it will result in a server error.
The option for restricting an application's authentication settings can only be set at app creation time, so your first step is to create a new application:
You'll need to specify the Application Identifier (a unique ID you'll include in your app.yaml
configuration file) and the Application Title.
By default, Google App Engine applications use Google Accounts for authentication, which means that if your application uses authentication, anyone with a valid Google Account will be able to sign in. This does not include Google Apps accounts.
If you'd like to restrict your application to members of your Google Apps domain (i.e. only users with accounts on mydomain.com
), click on the 'Edit' button at the bottom of the orange Authentication Options box.
Select the radio button next to 'Restricted to the following Google Apps domain:' and enter your Google Apps domain (e.g. mydomain.com
) in the text box and click 'Save'. You will be taken to a confirmation screen indicating your application has been successfully registered.