June 27th, 2008 | Published in Google Code
We just released a feature we call multi-scope auth tokens. Multi-scope auth tokens allow your web application to be authorized to access a user's data for more than one service at a time. This same functionality is available in both AuthSub and in OAuth, which we announced yesterday.
Let's say you want to pull in a user's Google Calendar and find relevant Picasa Web Albums pictures for each event on their calendar. Previously, you needed to generate two AuthSubRequest URLs and have your visitors authorize access to their photos and calendars separately. Now, it's all done in one step.
How do you accomplish this?
It's easy. Simply specify two (or more) separate scopes separated by a space character (which ends up being encoded as a %20).
For AuthSub, the scope is specified as part of the AuthSubRequest URL. Here's an example:
https://www.google.com/accounts/AuthSubRequest?What is the end-user experience?
Try it out -- and post about your mashups in the Google Groups for the APIs you're using.