CODEWITHSUNDEEP
intuit-partner-platform
Clement
Clement

Reputation: 4297

Intuit Open authentication and email addresses

At http://docs.developer.intuit.com/0025_Intuit_Anywhere/0010_Getting_Started/0030_Integrate_your_app/0030_Signing_Into_and_out_of_Intuit_From_Within_Your_App/Sign-in/Implement_SSO_and_OpenID_in_Your_App

it says the following:

"Intuit does not verify the user email address associated with the user's OpenID account. Therefore, do not use the email address for authentication and do not link user accounts based on email address."

What does it mean "do not use the email address for authentication"? I mean, isn't the user already authenticated, through OpenId.

Also it says that the user email address is not verified. But what if my app needs to send an email to a user that has logged through OpenId. How can I be sure the user will actually get the email? What is the recommended pattern to handle that?

Thanks

EDIT: also, can I use the email to uniquely identify a user, and if not, what should I use to uniquely identify a user from the open id response?

EDIT 2: also, is the developer charged when a user logs in with open id and the 36 day trial expires? Or is it just when using the "Connect to quickbooks" that the developer is charged, in which case, open id authentication itself is free?

Upvotes: 1

Views: 224

Answers (1)

Jarred Keneally
Jarred Keneally

Reputation: 1931

Clement,
It means when a customer goes to the Intuit Appcenter and creates an account the email is not verified immediately, so you cannot single sign on a user based only on their email address if they already have an account in your system. You need to prompt them to login one time to map the two accounts.

If they are completely new then you can auto provision an account on your side and single sign them in, if you require the customer to verify their email address then you can send them a verification email.

thanks
Jarred

Upvotes: 4

Related Questions