...
Starting with v0.7, Giles has a two part authentication mechanism. First, it requires applications to send an OpenId token (supplied by Google) to authenticate a user. Giles then generates a shorter-lived authentication token specifically for Giles that can be used to use Giles' REST Api. In addition, in order to be able to authenticate users via an OpenId token any application needs to be registered with Giles first.
To register an application with Giles, go to Giles' system config page and add the client id (not the secret!) that your OpenId provider (currently Google) generated for your application to the list of registered client ids. If you try to authenticate a user with an OpenId token of an unregistered application, Giles will respond with:
Code Block |
---|
{
"errorCode" : "401",
"errorMsg" : "AUDIENCE_MISMATCH"
} |
Retrieve Giles authentication token
...