Jordan, thanks for the suggestion to user a service account. I will try implementing that. Will the user information still be present in the signed JWT headers as described in these docs <https://cloud.google.com/iap/docs/signed-headers-howto#retrieve_the_user_identity> if I use a service account for subsequent requests? The issue cannot be related to session refreshes as it occurs immediately after refreshing the page. I have reviewed that page previously and will address that issue separately in my app. I also have a question open on Stack Exchange here <https://stackoverflow.com/questions/50221155/app-engine-identity-aware-proxy-ajax-requests-failing-with-http-code-405> .
On Tuesday, May 8, 2018 at 2:09:07 PM UTC-5, Jordan (Cloud Platform Support) wrote: > > As described in the documentation > <https://cloud.google.com/iap/docs/concepts-overview#how_iap_works>, > Cloud IAP is used for securing your applications with Google OAuth from all > incoming requests (this includes external clients, and your own application > as Attila mentioned). > > Since your application cannot follow the OAuth redirect to login, it is > therefore recommended to use Service Account authentication > <https://cloud.google.com/iap/docs/authentication-howto#authenticating_from_a_service_account> > > when making requests via code from your own application. > > As for your client-end AJAX sessions, you can follow the Managing Cloud > IAP sessions <https://cloud.google.com/iap/docs/sessions-howto> to > properly handle AJAX session refreshes. > > - Note: Google Groups is reserved for general product discussions and is > not for technical support. For further technical support in coding your > application with Cloud IAP, it is recommended to post your detailed > questions <https://stackoverflow.com/help/how-to-ask> to Stack Exchange > <https://cloud.google.com/support/docs/stackexchange> using the supported > Cloud tags. > -- You received this message because you are subscribed to the Google Groups "Google App Engine" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. Visit this group at https://groups.google.com/group/google-appengine. To view this discussion on the web visit https://groups.google.com/d/msgid/google-appengine/80c4aabb-d611-4348-b4fa-0b103002b2c7%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
