The Register® — Biting the hand that feeds IT

Feeds

Google locks up cloud apps and throws away the keys

Psst, wanna secure connection? Get a certificate

Agentless Backup is Not a Myth

Google has introduced certificate-based authentication for developers requiring secure connections to the advertising broker's cloud.

Google Service Accounts - announced today in a post in a blog post - will validate web apps' access to the company's servers with a certificate rather than passwords or shared keys.

This authentication approach for server-to-server interactions makes for better security mainly because they aren't guessable or even human readable. The system is already in place for Google Apps Engine engineers.

Devs can create one of the new service accounts through the Google API Console. The certificate is compliant with OAuth 2.0 specifications and uses unique freshly-generated JSON Web Tokens that it exchanges in return for access tokens.

The certification method is available as a few lines of code in Python, Java and PHP. Service accounts are currently supported by the following Google developer services: Google Cloud Storage; Google Prediction API; Google URL Shortener; Google OAuth 2.0 Authorization Server; Google APIs Console; and Google APIs Client Libraries. ®

Regcast training : Hyper-V 3.0, VM high availability and disaster recovery

Anonymous Coward

The thing that fucks me off about Google is their constant changing of things. The API's are terrible as it is, and never seem to match up with their latest service changes. God knows how much of my life I've wasted fighting their API's.

Anon because well.. Google know enough about you!

1
1

More from The Register

Bjarne Again: Hallelujah for C++
Plus: Now officially OK to admit you never used STL algorithms
Interwebs taunt Sir Jony over Apple eye candy makeover
Hey Ive, Ive... add more unicorns, willya?
SCO vs. IBM battle resumes over ownership of Unix
Zombie lawsuit back and wants to suck the brains out of Linux
Apple: iOS7 dayglo Barbie makeover is UNFINISHED - report
Plus: You don't like the icons? Blame marketing
Red Hat to ditch MySQL for MariaDB in RHEL 7
So long, Oracle! Don't let the door hit you on the way out
Shy? Socially inadequate? Fiddling with your phone could help
App 'tells the brutal truth' about social inadequates' chatup lines
Java EE 7 melds HTML5 with enterprise apps
New release arrives with GlassFish, NetBeans support
 breaking news
'Office Facebook' firm Tibbr wants you to PAY for mobe-meetings app
Great idea. Punters won't cough for it though
 breaking news
The only Waze is Google: Ad giant tipped to gobble map app 'for $1.3bn'
Pac-Man-satnav-ish upstart in bidding war with Apple, Facebook
 breaking news
PM Cameron calls for modern, programmable computers! (We think)
IT education musings to G8 chiefs to mystify IT industry