API reference
Modern sign in module
AuthorizationResponse
AuthorizationResponse:
CancelledResponse|AuthorizationSuccessResponse
The response object of requestAuthorization. Either the user cancelled the flow or they successfully gave authorization.
AuthorizationSuccessResponse
AuthorizationSuccessResponse: {
data: {accessToken:string;grantedScopes:string[];serverAuthCode:string|null; };type:"success"; }
An object that contains an access token that has access to the grantedScopes.
It contains also the serverAuthCode if offlineAccess was requested.
On iOS, you can also obtain serverAuthCode by calling createAccount() with offlineAccess: true.
Type declaration
| Name | Type |
|---|---|
data | {accessToken: string;grantedScopes: string[];serverAuthCode: string | null; } |
data.accessToken | string |
data.grantedScopes | string[] |
data.serverAuthCode | string | null |
type | "success" |
EnableAppCheckParams
EnableAppCheckParams: {
debugProviderAPIKey:string; }
Parameters for enabling App Check. Provide debugProviderAPIKey to enable App Check with debug provider.
Type declaration
| Name | Type |
|---|---|
debugProviderAPIKey? | string |
OneTapConfigureParams
OneTapConfigureParams:
ClientIdOrPlistPath& {hostedDomain:string;logLevel:"debug"|"info"|"warn";offlineAccess:boolean;openIdRealm:string;profileImageSize:number;scopes:string[];webClientId:WebClientId; }
webClientId is the most important parameter in the configuration. It is required.
Type declaration
| Name | Type | Description |
|---|---|---|
hostedDomain? | string | iOS only. Specifies a hosted domain restriction. By setting this, authorization will be restricted to accounts of the user in the specified domain. |
logLevel? | "debug" | "info" | "warn" | Web only. Controls debug logging in browser console. This is implemented in Google's web SDK and is not part of their public API so it may change or be removed at any time. |
offlineAccess? | boolean | iOS only. Use requestAuthorization on Android. Must be true if you wish to access user APIs on behalf of the user from your own server. When offline access is requested, an authorization code is returned so the server can use the authorization code to exchange for a refresh token. The refresh token allows the server to access Google data on behalf of the user. Default false |
openIdRealm? | string | iOS only. The OpenID2 realm of the home web server. This allows Google to include the user's OpenID Identifier in the OpenID Connect ID token. |
profileImageSize? | number | iOS only. The desired height and width of the profile image. Default 120px |
scopes? | string[] | iOS only. The Google API scopes to request access to. Use requestAuthorization to request additional scopes on Android. Default ["email", "profile"] |
webClientId | WebClientId | The web client ID obtained from Google Cloud console. In the Modern module only, pass autoDetect to automatically determine the value from Firebase config file. |
OneTapCreateAccountParams
OneTapCreateAccountParams:
OneTapSignInParams& {accountName:string;requestVerifiedPhoneNumber:boolean; }
Type declaration
| Name | Type | Description |
|---|---|---|
accountName? | string | iOS only. An account name present on the device that should be used. Example your_email@gmail.com |
requestVerifiedPhoneNumber? | boolean | Android only. Whether to request for a verified phone number during sign-ups. Requesting it doesn't guarantee that it will be provided in the response. Default false |
OneTapExplicitSignInParams
OneTapExplicitSignInParams:
OneTapSignInParams& {accountName:string; }
Type declaration
| Name | Type | Description |
|---|---|---|
accountName? | string | iOS only. An account name present on the device that should be used. Example your_email@gmail.com |
OneTapExplicitSignInResponse
OneTapExplicitSignInResponse:
OneTapSuccessResponse|CancelledResponse
OneTapResponse
OneTapResponse:
OneTapSuccessResponse|CancelledResponse|NoSavedCredentialFound
The response object for OneTap's signIn and createAccount.
OneTapSignInParams
OneTapSignInParams: {
nonce:string;skipPrompt:boolean; } &ReducedWebSignInOptions
Learn more about additional web-only parameters at Google's reference documentation.
Type declaration
| Name | Type | Description |
|---|---|---|
nonce? | string | A cryptographically random value used to mitigate replay attacks. Supported on all platforms. |
skipPrompt? | boolean | Web only. When calling any of the sign-in methods, a prompt is displayed by default on the top-right of the web page. Set this to true to only allow signing in via the WebGoogleSigninButton. Default false |
OneTapSuccessResponse
OneTapSuccessResponse: {
data:OneTapUser;type:"success"; }
The response object when the user successfully signs in.
Type declaration
| Name | Type |
|---|---|
data | OneTapUser |
type | "success" |
OneTapUser
OneTapUser: {
credentialOrigin:CredentialResponse["select_by"];idToken:string;serverAuthCode:string|null;user: {string|null;familyName:string|null;givenName:string|null;id:string;name:string|null;phoneNumber:string|null;photo:string|null; }; }
Type declaration
| Name | Type | Description |
|---|---|---|
credentialOrigin | CredentialResponse["select_by"] | The credential origin. This is the method that was used to sign in the user. On native platforms, this is always "user". On the web it's a value from a union type. |
idToken | string | - |
serverAuthCode | string | null | iOS only. Not null only if a valid webClientId and offlineAccess: true was specified in configure(). Call requestAuthorization() to obtain it on Android. |
user | {email: string | null;familyName: string | null;givenName: string | null;id: string;name: string | null;phoneNumber: string | null;photo: string | null; } | - |
user.email | string | null | - |
user.familyName | string | null | - |
user.givenName | string | null | - |
user.id | string | - |
user.name | string | null | - |
user.phoneNumber | string | null | Android only, and only for createAccount. Requires setting requestVerifiedPhoneNumber to true. |
user.photo | string | null | - |
PlayServicesInfo
PlayServicesInfo: {
installedVersion:number;minRequiredVersion:number; }
The response object for successful checkPlayServices call. It denotes that the necessary prerequisites for calling the module in methods are met.
Type declaration
| Name | Type |
|---|---|
installedVersion | number |
minRequiredVersion | number |
RequestAuthorizationParams
RequestAuthorizationParams: {
accountName:string;hostedDomain:string;offlineAccess: {enabled:boolean;forceCodeForRefreshToken:boolean; };scopes:string[]; }
Learn more in the guide.
Type declaration
| Name | Type | Description |
|---|---|---|
accountName? | string | Android only. Specifies an account on the device that should be used. |
hostedDomain? | string | Android only. Specifies a hosted domain restriction. By setting this, authorization will be restricted to accounts of the user in the specified domain. |
offlineAccess? | {enabled: boolean;forceCodeForRefreshToken: boolean; } | - |
offlineAccess.enabled | boolean | Whether to enable offline access. If enabled, serverAuthCode will be returned in the response. |
offlineAccess.forceCodeForRefreshToken? | boolean | Android only. If true, the granted code can be exchanged for an access token and a refresh token. Only use true if your server has suffered some failure and lost the user's refresh token. |
scopes | string[] | The Google API scopes to request access to. See scopes docs. |
GoogleOneTapSignIn
constGoogleOneTapSignIn: complex type, see below
The entry point of the Modern Sign In API, exposed as GoogleOneTapSignIn.
On the web, the signatures of signIn, presentExplicitSignIn, and createAccount are callback-based and on native they are Promise-based. Read more in the guide.
Type declaration
| Name | Type |
|---|---|
configure | (params: OneTapConfigureParams) => void |
checkPlayServices | (showErrorResolutionDialog?: boolean) => Promise<PlayServicesInfo> |
enableAppCheck | (params?: EnableAppCheckParams) => Promise<null> |
signIn | (params?: OneTapSignInParams) => Promise<OneTapResponse> |
createAccount | (params?: OneTapCreateAccountParams) => Promise<OneTapResponse> |
presentExplicitSignIn | (params?: OneTapExplicitSignInParams) => Promise<OneTapExplicitSignInResponse> |
requestAuthorization | (options: RequestAuthorizationParams) => Promise<AuthorizationResponse> |
signOut | (emailOrUniqueId: string) => Promise<null> |
Original Google sign in
AddScopesParams
AddScopesParams: {
scopes:string[]; }
Type declaration
| Name | Type | Description |
|---|---|---|
scopes | string[] | The Google API scopes to request access to. Default ["email", "profile"] |
ConfigureParams
ConfigureParams:
ClientIdOrPlistPath& {accountName:string;forceCodeForRefreshToken:boolean;hostedDomain:string;offlineAccess:boolean;openIdRealm:string;profileImageSize:number;scopes:string[];webClientId:WebClientId; }
Type declaration
| Name | Type | Description |
|---|---|---|
accountName? | string | Android only. An account name that should be prioritized. |
forceCodeForRefreshToken? | boolean | Android only. Only set to true if your server has suffered some failure and lost the user's refresh token. |
hostedDomain? | string | Specifies a hosted domain restriction. By setting this, authorization will be restricted to accounts of the user in the specified domain. |
offlineAccess? | boolean | Must be true if you wish to access user APIs on behalf of the user from your own server. When offline access is requested, an authorization code is returned so the server can use the authorization code to exchange for access token and refresh token. The access token allows the server to access Google data on behalf of the user. |
openIdRealm? | string | iOS only. The OpenID2 realm of the home web server. This allows Google to include the user's OpenID Identifier in the OpenID Connect ID token. |
profileImageSize? | number | iOS only. The desired height and width of the profile image. Default 120px |
scopes? | string[] | The Google API scopes to request access to. Default ["email", "profile"] |
webClientId? | WebClientId | The web client ID obtained from Google Cloud console. Required for offline access. |
GetTokensResponse
GetTokensResponse: {
accessToken:string;idToken:string; }
Type declaration
| Name | Type |
|---|---|
accessToken | string |
idToken | string |
HasPlayServicesParams
HasPlayServicesParams: {
showPlayServicesUpdateDialog:boolean; }
Type declaration
| Name | Type | Description |
|---|---|---|
showPlayServicesUpdateDialog? | boolean | Whether to show a dialog that prompts the user to install Google Play Services, if they don't have them installed. Default true |
SignInParams
SignInParams: {
loginHint:string;nonce:string; }
Type declaration
| Name | Type | Description |
|---|---|---|
loginHint? | string | iOS only. The user's ID, or email address, to be prefilled in the authentication UI if possible. See docs here. |
nonce? | string | iOS only. A cryptographically random value used to mitigate replay attacks. Currently only available for sponsors. For support across all platforms, use the Modern sign in module. |
SignInResponse
SignInResponse:
SignInSuccessResponse|CancelledResponse
SignInSilentlyResponse
SignInSilentlyResponse:
SignInSuccessResponse|NoSavedCredentialFound
The response object for calling signInSilently. Either the user details are available (without user interaction) or there was no saved credential found.
SignInSuccessResponse
SignInSuccessResponse: {
data:User;type:"success"; }
The response object when the user signs in successfully.
Type declaration
| Name | Type | Description |
|---|---|---|
data | User | The user details. |
type | "success" | - |
User
User: {
idToken:string|null;scopes:string[];serverAuthCode:string|null;user: {string;familyName:string|null;givenName:string|null;id:string;name:string|null;photo:string|null; }; }
Type declaration
| Name | Type | Description |
|---|---|---|
idToken | string | null | JWT (JSON Web Token) that serves as a secure credential for your user's identity. |
scopes | string[] | The Google API scopes that the user granted access to. |
serverAuthCode | string | null | Code that you can securely send to your server to exchange for an access and refresh token. Use the access token to call Google APIs on behalf of the user and, optionally, store the refresh token to acquire a new access token when the access token expires. Not null only if a valid webClientId and offlineAccess was enabled in configure(). |
user | {email: string;familyName: string | null;givenName: string | null;id: string;name: string | null;photo: string | null; } | - |
user.email | string | - |
user.familyName | string | null | - |
user.givenName | string | null | - |
user.id | string | - |
user.name | string | null | - |
user.photo | string | null | - |
GoogleSignin
constGoogleSignin: complex type, see below
The entry point of the Google Sign In API, exposed as GoogleSignin.
Type declaration
| Name | Type |
|---|---|
addScopes | (options: AddScopesParams) => Promise<SignInResponse | null> |
clearCachedAccessToken | (tokenString: string) => Promise<null> |
configure | (options?: ConfigureParams) => void |
enableAppCheck | (params?: EnableAppCheckParams) => Promise<null> |
getCurrentUser | () => User | null |
getTokens | () => Promise<GetTokensResponse> |
hasPlayServices | (options?: HasPlayServicesParams) => Promise<boolean> |
hasPreviousSignIn | () => boolean |
revokeAccess | () => Promise<null> |
signIn | (options: SignInParams) => Promise<SignInResponse> |
signInSilently | () => Promise<SignInSilentlyResponse> |
signOut | () => Promise<null> |
Constants
statusCodes
conststatusCodes:Readonly<{IN_PROGRESS:string;ONE_TAP_START_FAILED:string;PLAY_SERVICES_NOT_AVAILABLE:string; }>
Read more about the meaning of the error codes in the guide.
Type declaration
| Name | Type |
|---|---|
IN_PROGRESS | string |
ONE_TAP_START_FAILED | string |
PLAY_SERVICES_NOT_AVAILABLE | string |
Functions
isCancelledResponse()
isCancelledResponse(
response:OneTapResponse):response is CancelledResponse
TypeScript helper to check if a response is a cancelled response. This is the same as checking if the response.type === "cancelled".
Use this if you prefer to use a function instead of comparing with a raw string.
It supports both One Tap and Original Google Sign In responses.
Parameters
| Parameter | Type |
|---|---|
response | OneTapResponse |
Returns
response is CancelledResponse
Example
const response = await GoogleOneTapSignIn.createAccount();
if (isCancelledResponse(response)) {
// handle cancelled response
}
isErrorWithCode()
isErrorWithCode(
error:any):error is NativeModuleError
TypeScript helper to check if an object has the code property.
This is used to avoid as casting when you access the code property on errors returned by the module.
Parameters
| Parameter | Type |
|---|---|
error | any |
Returns
error is NativeModuleError
isNoSavedCredentialFoundResponse()
isNoSavedCredentialFoundResponse(
response:OneTapResponse):response is NoSavedCredentialFound
TypeScript helper to check if a response is a noSavedCredentialFound response. This is the same as checking if the response.type === "noSavedCredentialFound".
Use this if you prefer to use a function instead of comparing with a raw string.
It supports both One Tap and Original Google Sign In responses.
Parameters
| Parameter | Type |
|---|---|
response | OneTapResponse |
Returns
response is NoSavedCredentialFound
Example
const response = await GoogleOneTapSignIn.signIn();
if (isNoSavedCredentialFoundResponse(response)) {
// the case when no user was previously signed in
}
isSuccessResponse()
isSuccessResponse(
response:OneTapResponse):response is OneTapSuccessResponse
TypeScript helper to check if a response is a cancelled response. This is the same as checking if the response.type === "cancelled".
Use this if you prefer to use a function instead of comparing with a raw string.
It supports both One Tap and Original Google Sign In responses.
Parameters
| Parameter | Type |
|---|---|
response | OneTapResponse |
Returns
response is OneTapSuccessResponse
Example
const response = await GoogleOneTapSignIn.createAccount();
if (isSuccessResponse(response)) {
// handle user signed in
}
React Components
GoogleSigninButtonProps
GoogleSigninButtonProps:
ViewProps& {color:"dark"|"light";disabled:boolean;onPress: () =>void;size:number; }
Type declaration
| Name | Type |
|---|---|
color? | "dark" | "light" |
disabled? | boolean |
onPress? | () => void |
size? | number |
WebGoogleSignInButtonProps
WebGoogleSignInButtonProps:
Omit<GsiButtonConfiguration,"logo_alignment"> & {logoAlignment:GsiButtonConfiguration["logo_alignment"];onError: (error:Error) =>void; }
Type declaration
| Name | Type |
|---|---|
logoAlignment? | GsiButtonConfiguration["logo_alignment"] |
onError? | (error: Error) => void |
GoogleSigninButton()
GoogleSigninButton(
props:GoogleSigninButtonProps):Element
Parameters
| Parameter | Type |
|---|---|
props | GoogleSigninButtonProps |
Returns
Element
WebGoogleSigninButton()
WebGoogleSigninButton(
props:WebGoogleSignInButtonProps):Element
Parameters
| Parameter | Type |
|---|---|
props | WebGoogleSignInButtonProps |
Returns
Element
Type Aliases
CancelledResponse
CancelledResponse: {
data:null;type:"cancelled"; }
The response object when the user cancels the flow for any operation that requires user interaction.
On the web, this is also returned while cooldown period is active.
Detecting the cooldown period itself is not possible on the web for user privacy reasons.
On Android, it can be detected via ONE_TAP_START_FAILED
Type declaration
| Name | Type |
|---|---|
data | null |
type | "cancelled" |
ClientIdOrPlistPath
ClientIdOrPlistPath: {
iosClientId:string; } | {googleServicePlistPath:string; }
iOS only. Configures the iOS client ID. By default, the iOS client ID is taken from the GoogleService-Info.plist Firebase config file (if present).
You can specify a different bundle path for the config file, e.g. "GoogleService-Info-Staging".
Alternatively, set the client ID explicitly by providing iosClientId.
NoSavedCredentialFound
NoSavedCredentialFound: {
data:null;type:"noSavedCredentialFound"; }
The response to calling One Tap's signIn and Original Google Sign In's signInSilently when no user was previously signed in, or they have since signed out or revoked access.
Type declaration
| Name | Type |
|---|---|
data | null |
type | "noSavedCredentialFound" |
Web Modern sign in module
WebOneTapSignInCallbacks
WebOneTapSignInCallbacks: {
momentListener:MomentListener;onError: (error:NativeModuleError) =>void|Promise<void>;onResponse: (userInfo:OneTapExplicitSignInResponse) =>void|Promise<void>; }
When using Modern sign in on the web, the sign in result is delivered via a callback, not via a promise. The shape of data delivered to the callback is the same as the shape of the data in the promise, enabling code reuse. Read more in the guide.
Type declaration
| Name | Type | Description |
|---|---|---|
momentListener? | MomentListener | A callback function that is called when important events take place. See reference. |
onError | (error: NativeModuleError) => void | Promise<void> | Called when an error occurs. You can use the code property of the error to determine the reason for the error. The reported errors on the web are in the same format as the errors reported on the native platforms, so you can reuse your error handling code. |
onResponse | (userInfo: OneTapExplicitSignInResponse) => void | Promise<void> | Called when the user successfully signs in, or cancels the sign in, either using the web One-tap flow or the button flow. |