Assigned
Status Update
Comments
kn...@google.com <kn...@google.com> #2
I have forwarded this request to the engineering team. We will update this issue with any progress updates and a resolution.
Best Regards,
Josh Moyer
Google Cloud Platform Support
Best Regards,
Josh Moyer
Google Cloud Platform Support
g....@saltosystems.com <g....@saltosystems.com> #3
This is not only useful for IP addresses, but also for many other resources. I understand that names are currently used as identifiers, so this request is probably not trivial to implement. Maybe distinguishing between a (numeric, automatically generated) identifier and a (textual) label is the way to go?
pr...@referabuyer.com <pr...@referabuyer.com> #4
Is it any hope? We have migrated our IP address to the server with different role, and now the name of this IP address resource doesn't match its role at all. It seems to be trivial enough to momentary reserve static IP address of the old named resource, drop resource, and immediately recreate it with the new name and the old IP address.
Description
I am able to use PKCE with client ids I generate specifying Android or iOS as the credential type, but for "web applications" I am forced to utilize the client_secret when requesting a token and trying an authorization code flow. As a SPA, like Android and iOS Apps, is considered a public client, I cannot store the client_secret securely in the application. And only the web applications credential types allow me to specify web-uris as redirect uris, the Android/iOS types do not.
Ideally, I would not need to develop a server-side component for my SPA to handle the token exchange or resort to the implicit code flow. I'd like to be able to utilize the web applications credential type where I can whitelist redirect uris and leverage the PKCE flow to securely get access and id tokens (where access_type=online, not offline - I don't need refresh tokens).
Also, I am leveraging this for use with Cloud Endpoints where I want to leverage Google's OpenID Connect to authenticate a user to my API, where all my users are G Suite users.