Google today announced an update to Google+ Sign-In, adding three improvements: support for all Google account types, easy migration from other auth methods, and incremental auth. All three are available immediately for developers who want to implement them in their apps.
Support for all Google account types means Google+ Sign-In can now handle accounts even if they don’t have a Google+ profile or are a Google Apps user. In other words, Google+ Sign-In isn’t limited to average Google+ users anymore.
As for developers who are using OpenID v2 or OAuth 2.0 Login for authentication, Google is urging them to move to Google+ Sign-In. The company has made it very easy: over-the-air installs, interactive posts, cross-device sign-in, and full compatibility with the OpenID Connect standard. The migration guide is here.
Last but not least, incremental auth is a new way to ask users for the right permission scopes at the right time. Instead of asking all permissions at once, developers can now ask more specifically, although as a result, more frequently.
Google offers two examples:
- If your app allows users to save music playlists to Google Drive, you can ask for basic profile info at startup, and only ask for Google Drive permissions when they’re ready to save their first mix.
- Likewise: you can ask for Google Calendar permissions only when users RSVP to an event, and so on.
Google recommends that developers ask for the minimum set of permissions up front, and then ask for further permissions only when they’re required. Google claims this approach “not only helps users understand how their information will be used in your app, it can also reduce friction and increase app engagement.” We agree with the former but aren’t necessarily sold on the latter: users may find multiple prompts annoying.