Skip to main content

API reference

Universal sign in module

AuthorizationResponse

AuthorizationResponse = CancelledResponse | AuthorizationSuccessResponse

The response object of requestAuthorization. Either the user cancelled the flow or they successfully gave authorization.

AuthorizationSuccessResponse

AuthorizationSuccessResponse = { data: { accessToken: string; grantedScopes: string[]; serverAuthCode: string | null; }; type: "success"; }

An object that contains an access token that has access to the grantedScopes. It contains also the serverAuthCode if offlineAccess was requested.

On iOS, you can also obtain serverAuthCode by calling createAccount().

Properties

PropertyType
data{ accessToken: string; grantedScopes: string[]; serverAuthCode: string | null; }
data.accessTokenstring
data.grantedScopesstring[]
data.serverAuthCodestring | null
type"success"

EnableAppCheckParams

EnableAppCheckParams = { debugProviderAPIKey?: string; }

Parameters for enabling App Check. Provide debugProviderAPIKey to enable App Check with debug provider.

Properties

PropertyType
debugProviderAPIKey?string

OneTapConfigureParams

OneTapConfigureParams = ClientIdOrPlistPath & { hostedDomain?: string; logLevel?: "debug" | "info" | "warn"; openIdRealm?: string; profileImageSize?: number; scopes?: string[]; webClientId: WebClientId; }

webClientId is the most important parameter in the configuration. It is required.

Type Declaration

NameTypeDescription
hostedDomain?stringiOS only. Specifies a hosted domain restriction. By setting this, authorization will be restricted to accounts of the user in the specified domain.
logLevel?"debug" | "info" | "warn"Web only. Controls debug logging in browser console. This is implemented in Google's web SDK and is not part of their public API so it may change or be removed at any time.
openIdRealm?stringiOS only. The OpenID2 realm of the home web server. This allows Google to include the user's OpenID Identifier in the OpenID Connect ID token.
profileImageSize?numberiOS only. The desired height and width of the profile image. Default 120px
scopes?string[]iOS only. The Google API scopes to request access to. Use requestAuthorization to request additional scopes on Android. Default ["email", "profile"]
webClientIdWebClientIdThe web client ID obtained from Google Cloud console. In the Universal module only, pass autoDetect to automatically determine the value from Firebase config file.

OneTapCreateAccountParams

OneTapCreateAccountParams = OneTapSignInParams & { accountName?: string; requestVerifiedPhoneNumber?: boolean; }

Type Declaration

NameTypeDescription
accountName?stringiOS only. An account name present on the device that should be used. Example your_email@gmail.com
requestVerifiedPhoneNumber?booleanAndroid only. Whether to request for a verified phone number during sign-ups. Requesting it doesn't guarantee that it will be provided in the response. Default false

OneTapExplicitSignInParams

OneTapExplicitSignInParams = OneTapSignInParams & { accountName?: string; }

Type Declaration

NameTypeDescription
accountName?stringiOS only. An account name present on the device that should be used. Example your_email@gmail.com

OneTapExplicitSignInResponse

OneTapExplicitSignInResponse = OneTapSuccessResponse | CancelledResponse

OneTapResponse

OneTapResponse = OneTapSuccessResponse | CancelledResponse | NoSavedCredentialFound

The response object for OneTap's signIn and createAccount.

OneTapSignInParams

OneTapSignInParams = { nonce?: string; skipPrompt?: boolean; } & ReducedWebSignInOptions

Learn more about additional web-only parameters at Google's reference documentation.

Type Declaration

NameTypeDescription
nonce?stringA cryptographically random value used to mitigate replay attacks. Supported on all platforms.
skipPrompt?booleanWeb only. When calling any of the sign-in methods, a prompt is displayed by default on the top-right of the web page. Set this to true to only allow signing in via the WebGoogleSigninButton. Default false

OneTapSuccessResponse

OneTapSuccessResponse = { data: OneTapUser; type: "success"; }

The response object when the user successfully signs in.

Properties

PropertyType
dataOneTapUser
type"success"

OneTapUser

OneTapUser = { credentialOrigin: CredentialResponse["select_by"]; idToken: string; serverAuthCode: string | null; user: { email: string | null; familyName: string | null; givenName: string | null; id: string; name: string | null; phoneNumber: string | null; photo: string | null; }; }

Properties

PropertyTypeDescription
credentialOriginCredentialResponse["select_by"]The credential origin. This is the method that was used to sign in the user. On native platforms, this is always "user". On the web it's a value from a union type.
idTokenstring-
serverAuthCodestring | nulliOS only. Not null only if a valid webClientId and offlineAccess: true was specified in configure(). Call requestAuthorization() to obtain it on Android.
user{ email: string | null; familyName: string | null; givenName: string | null; id: string; name: string | null; phoneNumber: string | null; photo: string | null; }-
user.emailstring | null-
user.familyNamestring | null-
user.givenNamestring | null-
user.idstringAn immutable identifier for the user. Unique among all Google accounts and never reused (user's email can change, this value cannot).
user.namestring | null-
user.phoneNumberstring | nullAndroid only, and only for createAccount. Requires setting requestVerifiedPhoneNumber to true.
user.photostring | null-

PlayServicesInfo

PlayServicesInfo = { installedVersion: number; minRequiredVersion: number; }

The response object for successful checkPlayServices call. It denotes that the necessary prerequisites for calling the module in methods are met.

Properties

PropertyType
installedVersionnumber
minRequiredVersionnumber

RequestAuthorizationParams

RequestAuthorizationParams = { accountName?: string; hostedDomain?: string; offlineAccess?: { enabled: boolean; forceCodeForRefreshToken?: boolean; }; scopes: string[]; }

Learn more in the guide.

Properties

PropertyTypeDescription
accountName?stringAndroid only. Specifies an account on the device that should be used.
hostedDomain?stringAndroid only. Specifies a hosted domain restriction. By setting this, authorization will be restricted to accounts of the user in the specified domain.
offlineAccess?{ enabled: boolean; forceCodeForRefreshToken?: boolean; }-
offlineAccess.enabledbooleanWhether to enable offline access. If enabled, serverAuthCode will be returned in the response.
offlineAccess.forceCodeForRefreshToken?booleanAndroid only. If true, the granted code can be exchanged for an access token and a refresh token. Only use true if your server has suffered some failure and lost the user's refresh token.
scopesstring[]The Google API scopes to request access to. See scopes docs.

GoogleOneTapSignIn

const GoogleOneTapSignIn: complex type, see below

The entry point of the Universal Sign In API, exposed as GoogleOneTapSignIn.

On the web, the signatures of signIn, presentExplicitSignIn, and createAccount are callback-based and on native they are Promise-based. Read more in the guide.

Type Declaration

| Name | Type | | -------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------------------------------- | | configure | (params: OneTapConfigureParams) => void | | checkPlayServices | (showErrorResolutionDialog?: boolean) => Promise<PlayServicesInfo> | | enableAppCheck | (params?: EnableAppCheckParams) => Promise<null> | | signIn | (params?: OneTapSignInParams) => Promise<OneTapResponse> | | createAccount | (params?: OneTapCreateAccountParams) => Promise<OneTapResponse> | | clearCachedAccessToken() | (tokenString: string) => Promise<null> | GoogleSignin.clearCachedAccessToken | | presentExplicitSignIn | (params?: OneTapExplicitSignInParams) => Promise<OneTapExplicitSignInResponse> | | requestAuthorization | (options: RequestAuthorizationParams) => Promise<AuthorizationResponse> | | signOut | () => Promise<null> | | revokeAccess | (emailOrUniqueId: string) => Promise<null> |

Original Google sign in

AddScopesParams

AddScopesParams = { scopes: string[]; }

Properties

PropertyTypeDescription
scopesstring[]The Google API scopes to request access to. Default ["email", "profile"]

ConfigureParams

ConfigureParams = ClientIdOrPlistPath & { accountName?: string; forceCodeForRefreshToken?: boolean; hostedDomain?: string; offlineAccess?: boolean; openIdRealm?: string; profileImageSize?: number; scopes?: string[]; webClientId?: WebClientId; }

Type Declaration

NameTypeDescription
accountName?stringAndroid only. An account name that should be prioritized.
forceCodeForRefreshToken?booleanAndroid only. Only set to true if your server has suffered some failure and lost the user's refresh token.
hostedDomain?stringSpecifies a hosted domain restriction. By setting this, authorization will be restricted to accounts of the user in the specified domain.
offlineAccess?booleanMust be true if you wish to access user APIs on behalf of the user from your own server. When offline access is requested, an authorization code is returned so the server can use the authorization code to exchange for access token and refresh token. The access token allows the server to access Google data on behalf of the user.
openIdRealm?stringiOS only. The OpenID2 realm of the home web server. This allows Google to include the user's OpenID Identifier in the OpenID Connect ID token.
profileImageSize?numberiOS only. The desired height and width of the profile image. Default 120px
scopes?string[]The Google API scopes to request access to. Default ["email", "profile"]
webClientId?WebClientIdThe web client ID obtained from Google Cloud console. Required for offline access.

GetTokensResponse

GetTokensResponse = { accessToken: string; idToken: string; }

Properties

PropertyType
accessTokenstring
idTokenstring

HasPlayServicesParams

HasPlayServicesParams = { showPlayServicesUpdateDialog?: boolean; }

Properties

PropertyTypeDescription
showPlayServicesUpdateDialog?booleanWhether to show a dialog that prompts the user to install Google Play Services, if they don't have them installed. Default true

SignInParams

SignInParams = { loginHint?: string; nonce?: string; }

Properties

PropertyTypeDescription
loginHint?stringiOS only. The user's ID, or email address, to be prefilled in the authentication UI if possible. See docs here.
nonce?stringiOS only. A cryptographically random value used to mitigate replay attacks. Only available in the paid version. For support across all platforms, use the Universal sign in module.

SignInResponse

SignInResponse = SignInSuccessResponse | CancelledResponse

SignInSilentlyResponse

SignInSilentlyResponse = SignInSuccessResponse | NoSavedCredentialFound

The response object for calling signInSilently. Either the user details are available (without user interaction) or there was no saved credential found.

SignInSuccessResponse

SignInSuccessResponse = { data: User; type: "success"; }

The response object when the user signs in successfully.

Properties

PropertyTypeDescription
dataUserThe user details.
type"success"-

User

User = { idToken: string | null; scopes: string[]; serverAuthCode: string | null; user: { email: string; familyName: string | null; givenName: string | null; id: string; name: string | null; photo: string | null; }; }

Properties

PropertyTypeDescription
idTokenstring | nullJWT (JSON Web Token) that serves as a secure credential for your user's identity.
scopesstring[]The Google API scopes that the user granted access to.
serverAuthCodestring | nullCode that you can securely send to your server to exchange for an access and refresh token. Use the access token to call Google APIs on behalf of the user and, optionally, store the refresh token to acquire a new access token when the access token expires. Not null only if a valid webClientId and offlineAccess was enabled in configure().
user{ email: string; familyName: string | null; givenName: string | null; id: string; name: string | null; photo: string | null; }-
user.emailstring-
user.familyNamestring | null-
user.givenNamestring | null-
user.idstring-
user.namestring | null-
user.photostring | null-

GoogleSignin

const GoogleSignin: complex type, see below

The entry point of the Google Sign In API, exposed as GoogleSignin.

Type Declaration

NameType
addScopes()(options: AddScopesParams) => Promise<null | SignInResponse>
clearCachedAccessToken()(tokenString: string) => Promise<null>
configure()(options?: ConfigureParams) => void
enableAppCheck()(params?: EnableAppCheckParams) => Promise<null>
getCurrentUser()() => null | User
getTokens()() => Promise<GetTokensResponse>
hasPlayServices()(options?: HasPlayServicesParams) => Promise<boolean>
hasPreviousSignIn()() => boolean
revokeAccess()() => Promise<null>
signIn()(options: SignInParams) => Promise<SignInResponse>
signInSilently()() => Promise<SignInSilentlyResponse>
signOut()() => Promise<null>

Constants

statusCodes

const statusCodes: Readonly<{ IN_PROGRESS: string; ONE_TAP_START_FAILED: string; PLAY_SERVICES_NOT_AVAILABLE: string; }>

Read more about the meaning of the error codes in the guide.

Functions

isCancelledResponse()

isCancelledResponse(response: OneTapResponse): response is CancelledResponse

TypeScript helper to check if a response is a cancelled response. This is the same as checking if the response.type === "cancelled".

Use this if you prefer to use a function instead of comparing with a raw string.

It supports both One Tap and Original Google Sign In responses.

Parameters

ParameterType
responseOneTapResponse

Returns

response is CancelledResponse

Example

const response = await GoogleOneTapSignIn.createAccount();

if (isCancelledResponse(response)) {
  // handle cancelled response
}

isErrorWithCode()

isErrorWithCode(error: any): error is NativeModuleError

TypeScript helper to check if an object has the code property. This is used to avoid as casting when you access the code property on errors returned by the module.

Parameters

ParameterType
errorany

Returns

error is NativeModuleError

isNoSavedCredentialFoundResponse()

isNoSavedCredentialFoundResponse(response: OneTapResponse): response is NoSavedCredentialFound

TypeScript helper to check if a response is a noSavedCredentialFound response. This is the same as checking if the response.type === "noSavedCredentialFound".

Use this if you prefer to use a function instead of comparing with a raw string.

It supports both One Tap and Original Google Sign In responses.

Parameters

ParameterType
responseOneTapResponse

Returns

response is NoSavedCredentialFound

Example

const response = await GoogleOneTapSignIn.signIn();

if (isNoSavedCredentialFoundResponse(response)) {
  // the case when no user was previously signed in
}

isSuccessResponse()

isSuccessResponse(response: OneTapResponse): response is OneTapSuccessResponse

TypeScript helper to check if a response is a cancelled response. This is the same as checking if the response.type === "cancelled".

Use this if you prefer to use a function instead of comparing with a raw string.

It supports both One Tap and Original Google Sign In responses.

Parameters

ParameterType
responseOneTapResponse

Returns

response is OneTapSuccessResponse

Example

const response = await GoogleOneTapSignIn.createAccount();

if (isSuccessResponse(response)) {
  // handle user signed in
}

React Components

GoogleLogoButtonProps

GoogleLogoButtonProps = { label?: string; shape?: "rectangular" | "circular"; textStyle?: StyleProp<TextStyle>; theme?: "light" | "dark" | "neutral"; variant?: "standard" | "icon"; }

Properties

PropertyTypeDescription
label?string-
shape?"rectangular" | "circular"-
textStyle?StyleProp<TextStyle>Style for the button text. Provide the Roboto font family with a weight of 500.
theme?"light" | "dark" | "neutral"-
variant?"standard" | "icon"-

GoogleSigninButtonProps

GoogleSigninButtonProps = ViewProps & { color?: "dark" | "light"; disabled?: boolean; onPress?: () => void; size?: number; }

Type Declaration

NameType
color?"dark" | "light"
disabled?boolean
onPress()?() => void
size?number

WebGoogleSignInButtonProps

WebGoogleSignInButtonProps = Omit<GsiButtonConfiguration, "logo_alignment"> & { logoAlignment?: GsiButtonConfiguration["logo_alignment"]; onError?: (error: Error) => void; }

Type Declaration

NameType
logoAlignment?GsiButtonConfiguration["logo_alignment"]
onError()?(error: Error) => void

GoogleLogoButton

const GoogleLogoButton: React.FC<PressableProps & GoogleLogoButtonProps>

Sign in button that follows the Google branding guidelines.

WebGoogleSigninButton

const WebGoogleSigninButton: React.FC<WebGoogleSignInButtonProps>

GoogleSigninButton()

GoogleSigninButton(props: GoogleSigninButtonProps): Element

Native Google Sign-In button component. Prefer using the GoogleLogoButton for a more customizable button.

Parameters

ParameterType
propsGoogleSigninButtonProps

Returns

Element

Type Aliases

CancelledResponse

CancelledResponse = { data: null; type: "cancelled"; }

The response object when the user cancels the flow for any operation that requires user interaction.

On the web, this is also returned while cooldown period is active. Detecting the cooldown period itself is not possible on the web for user privacy reasons. On Android, it can be detected via ONE_TAP_START_FAILED

Properties

PropertyType
datanull
type"cancelled"

ClientIdOrPlistPath

ClientIdOrPlistPath = { iosClientId?: string; } | { googleServicePlistPath?: string; }

iOS only. Configures the iOS client ID. By default, the iOS client ID is taken from the GoogleService-Info.plist Firebase config file (if present).

You can specify a different bundle path for the config file, e.g. "GoogleService-Info-Staging".

Alternatively, set the client ID explicitly by providing iosClientId.

Type Declaration

{ iosClientId?: string; }

NameTypeDescription
iosClientId?stringIf you want to specify the client ID of type iOS. It is taken from the GoogleService-Info.plist file by default.

{ googleServicePlistPath?: string; }

NameTypeDescription
googleServicePlistPath?stringiOS only. Use this to specify a different bundle path name for the GoogleService-Info Firebase config file. Example "GoogleService-Info-Staging"

NoSavedCredentialFound

NoSavedCredentialFound = { data: null; type: "noSavedCredentialFound"; }

The response to calling One Tap's signIn and Original Google Sign In's signInSilently when no user was previously signed in, or they have since signed out or revoked access.

Properties

PropertyType
datanull
type"noSavedCredentialFound"

Web Universal sign in module

WebOneTapSignInCallbacks

WebOneTapSignInCallbacks = { momentListener?: MomentListener; onError: (error: NativeModuleError) => void | Promise<void>; onResponse: (userInfo: OneTapExplicitSignInResponse) => void | Promise<void>; }

When using Universal sign in on the web, the sign in result is delivered via a callback, not via a promise. The shape of data delivered to the callback is the same as the shape of the data in the promise, enabling code reuse. Read more in the guide.

Properties

PropertyTypeDescription
momentListener?MomentListenerA callback function that is called when important events take place. See reference.
onError(error: NativeModuleError) => void | Promise<void>Called when an error occurs. You can use the code property of the error to determine the reason for the error. The reported errors on the web are in the same format as the errors reported on the native platforms, so you can reuse your error handling code.
onResponse(userInfo: OneTapExplicitSignInResponse) => void | Promise<void>Called when the user successfully signs in, or cancels the sign in, either using the web One-tap flow or the button flow.