how google manage one account for multiple sites like Youtube, google drive, gmail

209 views Asked by At

Google have multiple products like Youtube, Gmail, Google Drive and many more. When we login into one product like gmail then while hitting another product like youtube we will enter into this account without login. Then My question is how google uses cookies for different domain like youtube, gmail and any other. If anyone knows about this please let me know thanks in advance

1

There are 1 answers

0
rawel On

This is not google specific thing. You have to study more about single-sign-on and claims based authentication to understand how this is achieved.

The common protocols used in these scenarios are OAuth and OpenId Connect.

Basically 3 parties involved here. The User, The Application, The IP(Identity Provider).

In this example Gmail, youtube and google drive, all are applications. They all use google(accounts.google.com) as identity provider. When user try to access an Application(gmail,youtube) he is redirected to the identity provider(accounts.google.com) and get authenticated. The identity provider issue a cookie(from accounts.google.com domain) to the user. The application receive Token from Identity provider saying user is authenticated and after validation of the token, application also issue another cookie(from gmail.com or youtube.com) to the user.

As long as user has the cookie issued from identity provider, he don't want to sign in again when he logs into an application that use the same identity provider.