Thanks for the heads up Brad.
Can you answer these questions please?
1.) Will there be an overlap where both the SID cookie and the new
header will work for authorization?
2.) Can the auth token obtained from getCredentials() in Android be
used in this new header? See
3.) Can the auth token obtained from AccountManager.getAccounts() in
Android 2.0+ be used in this new header? See
On Feb 11, 12:12 am, Brad Hawkes <bhaw...@google.com> wrote:
> Hello friends,
> We just wanted to let you know about changes coming for Reader
> authentication. We will be changing the details for how our normal web-
> browsing experience handles authentication. This change will break
> clients that are based on using the SID cookie to communicate with
> Reader (this seems to be many current clients). To ensure that your
> app continues to be able to access Reader data you should transition
> to using ClientLogin to access Reader. This is the general mechanism
> that is preferred for communication with many Google services. Details
> of how to use ClientLogin, along with some libraries that are
> Here is a quick summary of how to make this change:
> For those apps that area already obtaining authentication fromhttps://www.google.com/accounts/ClientLoginyou should get back as
> part of your response an Auth= value. For every request you send to
> Reader you should provide that value as a HTTP header and things will
> work as usual.
> The header format is: Authorization:GoogleLogin auth=[value obtained
> from ClientLogin]
> Also please keep in mind that both SID cookies and Auth tokens do
> expire. You should store your Auth token, but if you start to get 401
> errors you may need to obtain a new Auth token. You should not do
> retries on 401 errors unless you have obtained a new Auth token.
> Thanks for your attention.
> Brad Hawkes
> Google Reader Team