One of the key features of Apps Marketplace is the use of federated login with OpenID to avoid the need for Google Apps users to manually create new accounts at a vendor's website. GITkit provides tools to help improve the user experience using a technique called an "account chooser."
The main GITkit documentation describes how to do a basic integration with the GITkit widget and APIs to enable federated login and the account chooser. This page will explain how to further modify your website to support use cases specific to Marketplace apps.
GITKit simplifies the process of using OpenID by reducing the need for websites to worry about OpenID URLs as identifiers, and just look at the email address. Importantly GITKit will only provide you with the user's email address if your website should trust it. It automatically handles the extra security logic to avoid some potential security holes when the email assertion by an identity provider should not be trusted. The user's OpenID URL is still available if you need it for advanced integration, such as handling users renames or some advanced API integrations such as using gadgets. However as Google moves from OAuth1 to OAuth2 for API integration, it will further reduce the need to worry about OpenID URLs.
No "Google Apps" button
Many Marketplace apps log users into a "realm", or a set of domains. If you have one configured in your Marketplace manifest, you need to enter this exact same realm in your Developers Console configuration. You can learn more about realm in the Apps Marketplace documentation.
Apps Marketplace initially only supported OAuth1, but Google is in the process of adding OAuth2 for Apps Marketplace. Once that support is formally launched, you will be able to use the Developers Console to specify the additional API scopes that your service needs.
Federated login from URL
One of the most popular features of Apps Marketplace is the ability to add
a link to your website from the navigation bar of Google apps like Gmail and
Calendar. In order to add such a link, you need to be able to start an OpenID
flow from a URL, and do federated login with the user's Google Apps domain.
That is, if a Google Apps customer is on the
they should be able to log in to your site by visiting a URL like
https://yoursite.com/login?domain=example.com. This URL must be
registered in your
To support this mode follow the instructions on redirecting to an IDP without using the popup widget.