OAuth IMAP / SMTP access in Gmail
Google has long believed that users should be able to export their data and use it with any other services at their discretion. For many years, Gmail has supported the standard API through the POP and IMAP protocols, at no additional cost to our users. These efforts are consistent with our broader intentions to simplify access to data from third-party services.
In addition to simplifying the export of your data, we also allow users to allow data access to Google for third-party (non-Google) applications and websites. One of the most common examples is to allow access to your address book for a social network so that it sends invitations to your friends.
The user can, of course, communicate his password from a third-party Google account to the application to allow such access, but there is a safer way - to use the standard OAuth protocol, which will allow the user to give his consent to access certain resources without telling his password. Most of the Google API features support OAuth, and since March 30, 2010, it is also available for Gmail's IMAP / SMTP.
A new feature is available at Google Code Labs, and we have provided a site with documentation and code samples . In addition, Google began collaborating with other companies such as Yahoo and Mozilla on creating a standard for using OAuth with IMAP / SMTP (For more information, see the OAuth mailing list for IMAP ).
')
One of the first companies using the new feature is Syphir, in its SmartPush application for the iPhone, as shown in the screenshots. Unlike other similar applications, Syphir SmartPush never sees and does not save a user password from GMail, just thanks to the support of access through OAuth.
We look forward to the completion of the development of a new standard for using OAuth with IMAP / SMTP and adding its support to all email clients.
Eric Sachs, Senior Product Manager
In addition to simplifying the export of your data, we also allow users to allow data access to Google for third-party (non-Google) applications and websites. One of the most common examples is to allow access to your address book for a social network so that it sends invitations to your friends.
The user can, of course, communicate his password from a third-party Google account to the application to allow such access, but there is a safer way - to use the standard OAuth protocol, which will allow the user to give his consent to access certain resources without telling his password. Most of the Google API features support OAuth, and since March 30, 2010, it is also available for Gmail's IMAP / SMTP.
A new feature is available at Google Code Labs, and we have provided a site with documentation and code samples . In addition, Google began collaborating with other companies such as Yahoo and Mozilla on creating a standard for using OAuth with IMAP / SMTP (For more information, see the OAuth mailing list for IMAP ).
')
One of the first companies using the new feature is Syphir, in its SmartPush application for the iPhone, as shown in the screenshots. Unlike other similar applications, Syphir SmartPush never sees and does not save a user password from GMail, just thanks to the support of access through OAuth.
We look forward to the completion of the development of a new standard for using OAuth with IMAP / SMTP and adding its support to all email clients.
Eric Sachs, Senior Product Manager
Source: https://habr.com/ru/post/90212/
All Articles