We are currently investigating issues wherein SAML logins are failing in certain cases on both mobile and web. Please visit our status page to subscribe to updates.

Use googleoauth2 instead of integration/API credentials

pmbpmb Posts: 3 Expensify Newcomer

Hi guys,

I'm pretty new to this and at the moment I'm writing an app with Google App Maker for handing in travel expenses.

Currently the user sends an mail with an attached receipt to [email protected] and Expensify does the rest of the job. However this means that the user usually has to correct the created expense. The new app shall avoid this issue by making an explicit API call.

Right now I'm wondering about the security concept regarding the credentials.

One solution might be to store the (encrypted) user credentials (or the ones of an Domain Admin whose in charge to create expenses on behalf of the user) somewhere in the app/database but this could become really messy.

The easiest solution for me would be to use Google OAuth/SSO. To use the app the user is singing in with their Google account anyways so I wouldn't have to bother with the security issues then. And as mentioned before the Google account is linked the user's Expensify profile already.

So long story short; is there a way to use the Google credentials instead of the integration/API credentials?

And otherwise do you have any best practice advice for handling/storing the Expensify credentials?


Thanks in advance

Best Answers

  • Ted PeetersTed Peeters Posts: 245 Expensify Success Coach
    Accepted Answer

    Hi @pmb - thanks so much for posting in the Community! Right now, you're correct. There's no way to use any other credentials other than the partnerUserID and partnerUserSecret , but we're definitely aware that some form of OAuth connection would serve many prospective partners well.

    I'm definitely intrigued as to the problem statement your app solves:

    However this means that the user usually has to correct the created expense. The new app shall avoid this issue by making an explicit API call.

    Will this simply act as a receipt integration like our many others here, adding an expense for your specific provider to an Expensify account? If so, let me know and I'll see if we can get somebody to reach out to you.

    I'll also leave a link to our Third-Party Integration Support Methodology in case that helps at all.

  • Nicole TrepanierNicole Trepanier Posts: 325 Expensify Success Coach
    Accepted Answer

    Hi @pmb! Right now there is no way to use Google OAuth/SSO with our API server. We recommend using a password management tool to store your credentials. We do have a great Third Party Integration post here that goes through our recommended best practices. Let me know if you have any questions!

Answers

Sign In or Register to comment.