0

Most of my users already use an service called 23andMe, which supports OAuth2.0.

I want to let my users register for my app by authenticating with this service. This should be easy since I can pull their email address over api once they authenticate.

I want to continually pull data from this service on behalf of my user. This should be doable using a job that uses their refresh token.

I want to let my users sign-in to my app by authenticating with this service. This is the part I'm struggling with.

Does the OAuth-capable API in question need to offer special methods in order to let users login using their service?

Or can I achieve "login with" functionality using any OAuth-capable API?

When a user clicks "login with X," do I have to check my db for a user with an email that matches their "X" email? Or is there an easier way?

I see that Google's API has a GoogleAuth object that handle session functionality

Kermit
  • 4,922
  • 4
  • 42
  • 74
  • "When a user clicks "login with X," do I have to check my db for a user with an email that matches their "X" email?" - sounds about right – Alexandru Marculescu Aug 01 '17 at 07:55
  • @AlexandruMarculescu hmm well i would still have to ask for their password, and i would someone have to access their browser client cache or whatever to find out their username with that service. – Kermit Aug 02 '17 at 16:48

1 Answers1

0

From 23andMe developer:

Our login does not behave like facebook/twitter/google auth. It is meant to allow you as a developer to request access to a 23andMe customers data as detailed https://api.23andme.com/docs/authentication/

Kermit
  • 4,922
  • 4
  • 42
  • 74