The new OAuth 2.0 integration with Google Apps

With our latest version, we will be using OAuth 2.0 uniformly across all the ways you could sign up for Kerika:

  • As a Google Apps for Business user, e.g. someone who has the premium (paid) version of Google Apps, and signs up at kerika.com or through the Google Apps Marketplace.
  • As a free or premium user of Box, who signs up at kerika.com or through the Box App Store.

Across all these, we are now using OAuth 2.0: the more modern, robust implementation of OAuth which lets you sign into Kerika using a Google or Box ID, without Kerika ever seeing your password!

(Background: while we were using OAuth 2.0 for people who signed up directly at Kerika.com, we had OAuth 1.0 in place for people who signed up through the Google Apps Marketplace, and we needed to make every pathway consistently work with OAuth 2.0 and completely get rid of OAuth 1.0)

This new version will affect all premium users of Google Apps:

With the old (OAuth 1.0) integration with Google, it was possible for individual users who had the premium version of Google Apps to sign up for Kerika.

With the new (OAuth 2.0) integration, the Google Apps Administrator for the domain (i.e. your company) to authorize Kerika for the entire domain.

In other words, if you are a premium user of Google Apps, your Google Apps Admin — typically someone in your IT department — will need to authorize Kerika for your domain before you can use Kerika.

This will affect you even if you are an existing user of Kerika.

The good news is that once your Google Apps Admin authorizes Kerika for your company’s domain, it won’t be necessary for individual users to authorize Kerika any more: it becomes much easier for your colleagues to sign up.