# React Native Google Sign In

> Google Sign-In for React Native and Expo apps. Package: @react-native-google-signin/google-signin. The recommended option is Universal Sign In (paid, at universal-sign-in.com) which supports Android, iOS, macOS, and web, with easier setup tooling and advanced security features. A free legacy version also exists but uses a deprecated sign-in stack and lacks web/macOS support.

## Overview

`@react-native-google-signin/google-signin` provides Google authentication for React Native and Expo apps on Android, iOS, macOS, and web.

There are two modules:
- **Universal Sign In** (recommended, [paid](https://universal-sign-in.com/#pricing)): Cross-platform API using Android Credential Manager and iOS Google Sign-In SDK. Module name: `GoogleOneTapSignIn`.
- **Original Google Sign In** (free): Legacy API for Android and iOS only. Module name: `GoogleSignin`.

Key concepts:
- Call `configure()` once before any sign-in calls
- `webClientId` is required for configuration (obtain from Google Cloud Console)
- Use `signIn()` for returning users, `createAccount()` for new users
- Use `requestAuthorization()` to request additional OAuth scopes
- Handle errors with `isErrorWithCode()` helper

## Setup

### Installation

The recommended option is [Universal Sign In](https://universal-sign-in.com) (paid). A free legacy version is also available — see [below](#public-version-free) for the differences. If you are an EAS customer, you may be able to access the paid version for free, [learn more](https://forms.gle/tpP7TfUGW1CwgaEZ8).

Why paid? According to the [State of React Native Survey](https://results.2024.stateofreactnative.com/en-US/opinions/#opinions_pain_points_multiple), unmaintained packages are **the #1 pain point** of the React Native ecosystem. Your purchase enables the module to be rock-solid, and contributions to upstream SDKs such as [1](https://github.com/openid/AppAuth-iOS/pull/788), [2](https://github.com/google/GoogleSignIn-iOS/pull/402), [3](https://github.com/googlesamples/google-services/issues/426), [4](https://github.com/google/GoogleSignIn-iOS/issues/457), [5](https://issuetracker.google.com/issues/424210681), [6](https://issuetracker.google.com/issues/474817166).

##### Universal Sign In (premium)[​](#premium "Direct link to Universal Sign In (premium)")

⭐️ **Key Features**:

* **Cross-Platform**: Unified APIs which work on **Android**, **iOS**, **Web**, and **macOS**.

  * Android: Built with [Credential Manager library](https://developers.google.com/identity/android-credential-manager)
  * Web: Uses [Sign In with Google for Web](https://developers.google.com/identity/gsi/web/guides/features)
  * iOS & macOS: Powered by the [Google Sign-In SDK](https://developers.google.com/identity/sign-in/ios/start)

* **Licensed:** see [pricing](https://universal-sign-in.com/#pricing) and [license](https://universal-sign-in.com/license).

* **Trusted**: 1 mil+ npm downloads.

* **Faster**: Reduce sign-up and sign-in times on Android, according to [Google](https://developer.android.com/identity/sign-in/legacy-gsi-migration#authentication).

* **See the UI**: [screenshots](/docs/screenshots) of the features.

* **Widely compatible & stable:** Both old and [new architecture](https://reactnative.dev/architecture/landing-page) of React Native are supported. See version [compatibility table](#requirements) below.

🔧 **Easier setup**:

* Android [Config Doctor](/docs/config-doctor.md) to diagnose configuration errors before they cost you hours.
* Automatic detection of [configuration parameters](/docs/one-tap.md#automatic-config) for faster integration.

🛡️ **Advanced [security features](/docs/security.md)**

📱 **An example app** — to showcase all features on native and web

##### Public version (free)[​](#public-version-free "Direct link to Public version (free)")

Available on the public npm registry, this version:

* Built on the [deprecated legacy Android Google Sign-In SDK](https://web.archive.org/web/20240308064911/https://developers.google.com/identity/sign-in/android/start-integrating) — Google has since moved away from it, and may remove it from Play Services at their discretion. The free package will continue to use a version where this SDK is present.
* Has platform support limited to Android and iOS.
* Contains none of the extra features listed above.

> To migrate from the public version to the premium one, follow the [migration guide](/docs/migrating.md#migrating-from-original-to-universal-sign-in).

#### Accessing the private npm package[​](#package-manager-setup "Direct link to Accessing the private npm package")

The private npm package is like any other, but it's hosted on the [GitHub npm packages registry](https://docs.github.com/en/packages/working-with-a-github-packages-registry/working-with-the-npm-registry), not the public npm registry. Therefore, a small bit of setup is needed:

1. [Obtain here](https://github.com/settings/tokens/new?description=react-native-google-sign-in\&scopes=read:packages) a Personal Access Token with `packages:read` permission and set expiration to "No expiration".

2. Set up your package manager to fetch the package from the GH packages registry. In this example, we're using an `NPM_TOKEN_GOOGLE_SIGN_IN` environment variable.

* yarn v3+
* npm / yarn v1
* pnpm
* bun
* CI environments (GH Actions...)

create a `.yarnrc.yml` file in your project root with the following content:

.yarnrc.yml

```yml
npmScopes:
  react-native-google-signin:
    npmRegistryServer: https://npm.pkg.github.com
    npmAuthToken: '${NPM_TOKEN_GOOGLE_SIGN_IN}'

```

create a `.npmrc` file in your project root with the following content:

.npmrc

```txt
//npm.pkg.github.com/:_authToken=${NPM_TOKEN_GOOGLE_SIGN_IN}

@react-native-google-signin:registry=https://npm.pkg.github.com/

```

create a `.npmrc` file in your project root with the following content (pnpm respects `.npmrc`):

.npmrc

```txt
//npm.pkg.github.com/:_authToken=${NPM_TOKEN_GOOGLE_SIGN_IN}

@react-native-google-signin:registry=https://npm.pkg.github.com/

```

create a `bunfig.toml` file in your project root with the following content:

bunfig.toml

```toml
[install.scopes]
"@react-native-google-signin" = { url = "https://npm.pkg.github.com/", token = "$NPM_TOKEN_GOOGLE_SIGN_IN" }

```

Alternatively, [bun also reads `.npmrc` files](https://bun.sh/docs/pm/npmrc#configure-options-for-a-specific-registry), so the npm setup above works too.

CI environment setup is similar to the local one: you also need a `.npmrc` (or similar) file. Follow [this GitHub Actions example](https://gist.github.com/nandorojo/46b3e46de12177b9ad7e4d454310de21#file-private-npm-in-gh-actions-md) - other CI providers require very similar steps.

#### Installing[​](#installing "Direct link to Installing")

* yarn
* npm
* pnpm
* bun

```bash
yarn add @react-native-google-signin/google-signin@latest

```

```bash
npm i @react-native-google-signin/google-signin@latest

```

```bash
pnpm add @react-native-google-signin/google-signin@latest

```

```bash
bun add @react-native-google-signin/google-signin@latest

```

After installing: if you're using the Universal version, open the lockfile (`yarn.lock` / `package-lock.json`...) and verify that the package is fetched from the GitHub registry (the entry must point to `npm.pkg.github.com`, not `registry.npmjs.org`). If it does not, it means the package manager is not configured correctly — try uninstalling and reinstalling the package.

There are several guides to follow now:

* [Expo guide](/docs/setting-up/expo.md) for native mobile apps built with Expo
* [Web guide](/docs/setting-up/web.md) if you want to use the package on web
* If you're not using Expo but plain React Native, follow [Android guide](/docs/setting-up/android.md) and [iOS guide](/docs/setting-up/ios.md)

#### Requirements[​](#requirements "Direct link to Requirements")

For latest version of Universal Sign In, `compileSdkVersion` must be >= 35 and `kotlinVersion` must be >= 2.0.21 in your Android project. If you use Expo SDK 53 or newer, these requirements are already met. Use [`expo-build-properties`](https://docs.expo.dev/versions/latest/sdk/build-properties/#example-appjson-with-config-plugin) to specify these values on Expo SDK <= 52.

The latest version of the Universal Sign In package supports (use older versions of the package if you run older React Native / Expo):

|              | supported range |
| ------------ | --------------- |
| expo         | 52.0.40 - 55    |
| react-native | 0.76.0 - 0.85   |

---

### Android setup guide

warning

If you use Expo, follow [this guide](/docs/setting-up/expo.md) instead. This guide applies to vanilla React Native apps only.

#### Google project configuration[​](#google-project-configuration "Direct link to Google project configuration")

* Follow [this](/docs/setting-up/get-config-file.md) guide to set up your project and get the configuration information which you'll need later.

##### Without Firebase Authentication[​](#without-firebase-authentication "Direct link to Without Firebase Authentication")

You don't need to do any more modifications.

##### With Firebase Authentication[​](#with-firebase-authentication "Direct link to With Firebase Authentication")

###### 1. Download the configuration file[​](#1-download-the-configuration-file "Direct link to 1. Download the configuration file")

* Download the configuration file (`google-services.json`) from Firebase. Then, place it into your project according to [these instructions](https://developers.google.com/android/guides/google-services-plugin#adding_the_json_file).

###### 2. Update gradle files[​](#2-update-gradle-files "Direct link to 2. Update gradle files")

Update `android/build.gradle` with

android/build.gradle

```groovy
buildscript {
// ...
    dependencies {
        classpath 'com.google.gms:google-services:4.4.0' // <--- use this version or newer
    }
}

```

Update `android/app/build.gradle` with

android/app/build.gradle

```groovy
apply plugin: "com.android.application"
apply plugin: "org.jetbrains.kotlin.android"
apply plugin: "com.facebook.react"
apply plugin: 'com.google.gms.google-services'

```

This ends the setup for Firebase.

#### Rebuild the native project[​](#rebuild-the-native-project "Direct link to Rebuild the native project")

Do not forget to rebuild the native app after the setup is done.

---

### Expo setup

#### Prepare your Expo project[​](#prepare-your-expo-project "Direct link to Prepare your Expo project")

note

This package cannot be used in [Expo Go](https://docs.expo.dev/workflow/overview/#expo-go-an-optional-tool-for-learning) because it uses native code. This applies to both the [Original](/docs/original.md) and [Universal](/docs/one-tap.md) modules.

However, you can add custom native code to an Expo app by using a [development build](https://docs.expo.dev/workflow/overview/#development-builds). That is the recommended approach for production apps, and is documented in this guide.

#### Add config plugin[​](#add-config-plugin "Direct link to Add config plugin")

After installing the npm package, add a config plugin (read more details below) to the [`plugins`](https://docs.expo.io/versions/latest/config/app/#plugins) array of your `app.json` or `app.config.js`. There are 2 config plugins available: for projects with Firebase, and without Firebase.

##### Expo without Firebase[​](#expo-without-firebase "Direct link to Expo without Firebase")

If you're *not* using Firebase, provide the `iosUrlScheme` option to the config plugin.

To obtain `iosUrlScheme`, follow [these instructions](/docs/setting-up/get-config-file.md?firebase-or-not=cloud-console#ios).

app.json | js

```json
{
  "expo": {
    "plugins": [
      [
        "@react-native-google-signin/google-signin",
        {
          "iosUrlScheme": "com.googleusercontent.apps._some_id_here_"
        }
      ]
    ]
  }
}

```

##### Expo and Firebase Authentication[​](#expo-and-firebase-authentication "Direct link to Expo and Firebase Authentication")

If you are using Firebase Authentication, follow [these instructions](/docs/setting-up/get-config-file.md?firebase-or-not=firebase#step-2) to get `google-services.json` file for Android and [these instructions](/docs/setting-up/get-config-file.md?firebase-or-not=firebase#ios)) to get `GoogleService-Info.plist` for iOS.

Place them into your project and specify the paths to the files:

app.json | js

```json
{
  "expo": {
    "plugins": ["@react-native-google-signin/google-signin"],
    "android": {
      "googleServicesFile": "./google-services.json"
    },
    "ios": {
      "googleServicesFile": "./GoogleService-Info.plist"
    }
  }
}

```

#### Build the native app[​](#build-the-native-app "Direct link to Build the native app")

Run the following to generate the native project directories.

```sh
npx expo prebuild --clean

```

Rebuild your app and read the [config guide](/docs/setting-up/get-config-file.md)!

```sh
npx expo run:android && npx expo run:ios

```

---

### Collecting configuration information

Before getting your hands dirty with code, some configuration needs to be taken care of. Configuration information collected in this guide is used in later steps of the setup and in the `configure()` call: [1](/docs/one-tap.md#configure) or [2](/docs/original.md#configure).

You **do not** need to use Firebase to configure Google Sign In.

#### Android[​](#android "Direct link to Android")

Follow the two steps below to set up Google Sign In for your Android app.

warning

In case you encounter any of the following issues, revisit this guide - it means the steps below weren't fully completed.

* if you ever get the infamous `DEVELOPER_ERROR` error
* if you can sign in with debug APK and not in release (or vice versa)

##### Step 1: Collect SHA-1 (not SHA-256) certificate fingerprints[​](#step-1-collect-sha-1-not-sha-256-certificate-fingerprints "Direct link to Step 1: Collect SHA-1 (not SHA-256) certificate fingerprints")

Your Android app probably uses multiple signing configurations. For example, an app might be signed differently when building `debug` and `release` APKs locally or when building on [Expo EAS](https://docs.expo.dev/app-signing/managed-credentials/#inspecting-credentials-configuration). Then there's the [Play App Signing](https://support.google.com/googleplay/android-developer/answer/9842756?hl=en) for store deployments — Google Play Store may *re-sign* your app using one of its own signing configurations.

important

If your app is not yet in the Play Store, focus only on the development APK and its SHA-1 certificate fingerprint. You can come back to this guide later when you upload your app to the Play Store.

However, be advised that in the end, you need to get the SHA-1 certificate fingerprints for *all* signing configurations and then use *all* of those SHA-1 fingerprints in [Step 2](#step-2) below.

###### Collect SHA-1 certificate fingerprints from:[​](#collect-sha-1-certificate-fingerprints-from "Direct link to Collect SHA-1 certificate fingerprints from:")

* ✅ Any APK or device
* Google Play Store (when downloading from it)
* EAS Build
* Local build

Use the [Configuration Doctor](/docs/config-doctor.md). This is the **only universal option** — it works regardless of how the APK was built or where it came from. The other tabs cover specific scenarios.

1. Get a device / emulator with the app installed, or get the APK (build it locally or in cloud, download from the Play Console / Play Store...)
2. Run the tool and follow its instructions:

```bash
npx @react-native-google-signin/config-doctor

```

Check if "Google Play App Signing" is enabled for your app [in the console](https://play.google.com/console/). If it is enabled, you need to take the following steps:

1. In Google Play Console, navigate to: \<Your App> -> Release section (in the left sidebar) -> Setup -> App Signing.
2. Under the "App signing key certificate", take note of `SHA-1 certificate fingerprint`(s). Play Store sometimes has more than one "App signing key certificate"!

If you use [Expo EAS](https://expo.dev/eas), run `eas credentials` to obtain the Keystore information, which includes the SHA-1 fingerprint. See [EAS credentials docs](https://docs.expo.dev/app-signing/managed-credentials/#inspecting-credentials-configuration) to learn more.

1. From your project root, `cd android && ./gradlew signingReport`.
2. Scroll to the top of output, see the fingerprints. Debug fingerprint is used for locally-built debug APK, release fingerprint is used for release APK.

<br />

<br />

##### Step 2: Add SHA-1 fingerprints to Firebase or Google Cloud Console[​](#step-2 "Direct link to Step 2: Add SHA-1 fingerprints to Firebase or Google Cloud Console")

For *each* of the SHA-1 fingerprints obtained in the previous step, follow the instructions below.

* When using Firebase
* When not using Firebase

1. Sign in to [Firebase Console](https://console.firebase.google.com/) and open your project.
2. Ensure that in the "Authentication" menu, "Google" is enabled as "Sign-in method".
3. Click the settings icon and go to "Project settings".
4. Scroll down to "Your apps" section, and select the app.
5. Click "Add fingerprint".
6. Check that "Package name" is correct.
7. Download the `google-services.json` file.

![Firebase, add Android keystore\&#39;s SHA-1 to your project](/assets/images/android-fingerprint-firebase-5381019c8870df86888cdc8bb082d603.png)

*For each* of the SHA-1 fingerprints you obtained, create an OAuth Client ID of type Android in [Google Cloud Console](https://console.cloud.google.com/apis/credentials?project=_) - see the screenshot below.

Alternatively, use [this wizard](https://console.developers.google.com/henhouse/?pb=%5B%22hh-0%22%2Cnull%2Cnull%2Cnull%2C%22https%3A%2F%2Fdevelopers.google.com%22%2Cnull%2Cnull%2Cnull%2C%22Configure%20a%20project%20for%20Google%20Sign-In%22%2C1%2Cnull%2Cnull%2C0%2C1%2Cnull%2Cnull%2Cnull%2Cnull%2C0%2Cnull%2Cnull%2C0%2Cnull%2Cnull%2Cnull%2Cnull%2Cnull%2Cnull%2C0%2Cnull%2Cnull%2Cnull%2C0%5D).

You will *NOT* need the created IDs later - the only goal here is for them to be created in the Google Cloud Console.

![Google Cloud Console - creating Android OAuth ID](/assets/images/android-client-id-2a2f8705a27c0cd9f2ed70529d8f29f4.png)

***

#### iOS[​](#ios "Direct link to iOS")

Read below on how to set up Google Sign In for your iOS app.

* When using Firebase
* When not using Firebase

1. Sign in to [Firebase Console](https://console.firebase.google.com/) and open your project.
2. Ensure that in the "Authentication" menu, "Google" is enabled as "Sign-in method".
3. Click the settings icon and go to "Project settings".
4. Scroll down to "Your apps" section, and select the app.
5. Check that "Bundle ID" is correct.
6. Download the `GoogleService-Info.plist` file.

Remember that *all* created client IDs can be found in the [Google Cloud Console](https://console.cloud.google.com/apis/credentials?project=_).

Obtain the "iOS OAuth Client ID" *and* "iOS URL scheme" (also known as `reversed client id`): Create an OAuth Client ID of type iOS in [Google Cloud Console](https://console.cloud.google.com/apis/credentials?project=_) as seen in the screenshot below. Alternatively, use [this wizard](https://console.developers.google.com/henhouse/?pb=%5B%22hh-0%22%2Cnull%2Cnull%2Cnull%2C%22https%3A%2F%2Fdevelopers.google.com%22%2Cnull%2Cnull%2Cnull%2C%22Configure%20a%20project%20for%20Google%20Sign-In%22%2C1%2Cnull%2Cnull%2C0%2C1%2Cnull%2Cnull%2Cnull%2Cnull%2C0%2Cnull%2Cnull%2C0%2Cnull%2Cnull%2Cnull%2Cnull%2Cnull%2Cnull%2C0%2Cnull%2Cnull%2Cnull%2C0%5D).

You will need the iOS Client ID and iOS URL scheme later.

![Google Cloud Console - creating iOS OAuth ID](/assets/images/ios-client-id-0235e70ba063cac062966a2ce5847ed0.png)

***

#### Web Client ID[​](#web-client-id "Direct link to Web Client ID")

To get a Web Client ID (for the `configure()` call), go to [Google Cloud Console](https://console.cloud.google.com/apis/credentials?project=_) and find an existing one (it may have been already created by Firebase) or create a new OAuth Client ID of type **Web**.

***

#### Summary[​](#summary "Direct link to Summary")

At the end of this guide, regardless of whether you use Firebase, when you visit [Google Cloud Console](https://console.cloud.google.com/apis/credentials?project=_), you should have in the "OAuth 2.0 Client IDs" section:

* Android OAuth Client ID(s) with SHA-1 fingerprints
* iOS OAuth Client ID(s) with iOS URL scheme
* Web Client ID

---

### iOS setup guide

warning

If you use Expo, follow [this guide](/docs/setting-up/expo.md) instead. This guide applies to vanilla React Native apps only.

##### Link the native module[​](#link-the-native-module "Direct link to Link the native module")

* run `pod install` in the `ios/` directory to install the module

##### Google project configuration[​](#google-project-configuration "Direct link to Google project configuration")

* Follow [this](/docs/setting-up/get-config-file.md) guide to get the configuration information which you need for the next steps.

##### Firebase Authentication[​](#firebase-authentication "Direct link to Firebase Authentication")

If you're using Firebase Authentication, download the `GoogleService-Info.plist` file and place it into your Xcode project.

##### Xcode configuration[​](#xcode-configuration "Direct link to Xcode configuration")

* Configure URL types in the `Info` panel (see screenshot)
    * add your "iOS URL scheme" (also known as `reversed client id`), which can be found in [Google Cloud Console](https://console.cloud.google.com/apis/credentials?project=_) under your iOS client ID.
* If you need to support Mac Catalyst, you need to enable the Keychain Sharing capability on each build target. No keychain groups need to be added.

![link config](/assets/images/urlTypes-2096dbcdf48dfe2cb07c1e98f33d423f.png)

#### Rebuild the native project[​](#rebuild-the-native-project "Direct link to Rebuild the native project")

Do not forget to rebuild the native app after the setup is done.

##### Optional: modify your app to respond to the URL scheme[​](#optional-modify-your-app-to-respond-to-the-url-scheme "Direct link to Optional: modify your app to respond to the URL scheme")

This is only required if you have multiple listeners for `openURL` - for instance if you have both Google and Facebook OAuth.

Because only one `openURL` method can be defined, if you have multiple listeners for `openURL`, you must combine them into a single function as shown below:

###### For AppDelegate written in Swift[​](#for-appdelegate-written-in-swift "Direct link to For AppDelegate written in Swift")

If your AppDelegate a Swift file (the default in React Native 0.77.0 or higher), you'll need to:

1. Add the following import to your project's [bridging header](https://developer.apple.com/documentation/swift/importing-objective-c-into-swift#Import-Code-Within-an-App-Target) file (usually `ios/YourProject-Bridging-Header.h`):

```objc
// …

// ⬇️ Add this import
#import <GoogleSignIn/GoogleSignIn.h>

```

2. Modify your `AppDelegate.swift` file:

```swift
// …

@main
class AppDelegate: RCTAppDelegate {
  // …

  // ⬇️ Add this method
  override func application(_ app: UIApplication, open url: URL, options: [UIApplication.OpenURLOptionsKey : Any] = [:]) -> Bool {
    // Add any other URL handlers you're using (e.g. Facebook SDK)
    return ApplicationDelegate.shared.application(app, open: url, options: options) ||
           GIDSignIn.sharedInstance.handle(url)
  }

}

```

###### For AppDelegate written in Objective-C[​](#for-appdelegate-written-in-objective-c "Direct link to For AppDelegate written in Objective-C")

For AppDelegate written in Objective-C (the default prior to React Native 0.77), modify your `AppDelegate.m` file:

```objc
#import "AppDelegate.h"
#import <GoogleSignIn/GoogleSignIn.h> // ⬅️ add the header import

// …

@implementation AppDelegate

// …

// ⬇️ Add this method before file @end
- (BOOL)application:(UIApplication *)application openURL:(nonnull NSURL *)url options:(nonnull NSDictionary<NSString *,id> *)options {
  // Add any other URL handlers you're using (e.g. Facebook SDK)
  return [[FBSDKApplicationDelegate sharedInstance] application:application openURL:url options:options] || [GIDSignIn.sharedInstance handleURL:url];
}

@end

```

---

### Web setup guide

The web implementation doesn't depend on React Native (or React Native Web). That means you can use it even with regular web apps created with NextJS, Vite and etc.

tip

The functionality covered in this page is available in the licensed version. [You can get a license here](https://universal-sign-in.com/#pricing) ⭐️.

On the web, you need to load the Google Client Library and make it available in the browser **before** calling any of the APIs exposed by this package.

There are different ways to load the client script. Some of them are:

* Next.js
* Simple html
* useEffect

```tsx
import Script from 'next/script';

<Script
  src="https://accounts.google.com/gsi/client"
  strategy="lazyOnload"
  onLoad={() => {
    // present the sign in popup
  }}
/>;

```

[See here](https://developers.google.com/identity/gsi/web/guides/client-library)

```tsx
useEffect(() => {
  const scriptTag = document.createElement('script');
  scriptTag.src = 'https://accounts.google.com/gsi/client';
  scriptTag.async = true;
  scriptTag.onload = () => {
    setLoaded(true);
  };
  scriptTag.onerror = () => {
    console.error('Failed to load Google script');
  };

  document.body.appendChild(scriptTag);
}, []);

```

After the script is loaded, you can call the functions for signing in and render the [`WebGoogleSigninButton`](/docs/buttons/web.md).

If you call any of the module functions before the client library is loaded, such calls trigger the [`onError` callback](/docs/api.md#webonetapsignincallbacks) with the [`PLAY_SERVICES_NOT_AVAILABLE` error code](/docs/errors.md#status-codes).

You can read the official docs for loading the Client Library [here](https://developers.google.com/identity/gsi/web/guides/client-library).

#### Usage[​](#usage "Direct link to Usage")

See [here](/docs/web-support.md#usage).

---

## Usage

### API reference

#### Universal sign in module[​](#universal-sign-in-module "Direct link to Universal sign in module")

##### AuthorizationResponse[​](#authorizationresponse "Direct link to AuthorizationResponse")

> **AuthorizationResponse** = [`CancelledResponse`](#cancelledresponse) | [`AuthorizationSuccessResponse`](#authorizationsuccessresponse)

The response object of `requestAuthorization`. Either the user cancelled the flow or they successfully gave authorization.

***

##### AuthorizationSuccessResponse[​](#authorizationsuccessresponse "Direct link to AuthorizationSuccessResponse")

> **AuthorizationSuccessResponse** = { `data`: { `accessToken`: `string`; `grantedScopes`: `string`\[]; `serverAuthCode`: `string` | `null`; }; `type`: `"success"`; }

An object that contains an access token that has access to the `grantedScopes`. It contains also the `serverAuthCode` if `offlineAccess` was requested.

On iOS, you can also obtain `serverAuthCode` by calling `createAccount()`.

###### Properties[​](#properties "Direct link to Properties")

| Property              | Type                                                                                             |
| --------------------- | ------------------------------------------------------------------------------------------------ |
| []()`data`            | { `accessToken`: `string`; `grantedScopes`: `string`\[]; `serverAuthCode`: `string` | `null`; } |
| `data.accessToken`    | `string`                                                                                         |
| `data.grantedScopes`  | `string`\[]                                                                                      |
| `data.serverAuthCode` | `string` | `null`                                                                               |
| []()`type`            | `"success"`                                                                                      |

***

##### EnableAppCheckParams[​](#enableappcheckparams "Direct link to EnableAppCheckParams")

> **EnableAppCheckParams** = { `debugProviderAPIKey?`: `string`; }

Parameters for enabling [App Check](/docs/security.md#appcheck). Provide `debugProviderAPIKey` to enable App Check with [debug provider](https://developers.google.com/identity/sign-in/ios/appcheck/debug-provider).

###### Properties[​](#properties-1 "Direct link to Properties")

| Property                   | Type     |
| -------------------------- | -------- |
| []()`debugProviderAPIKey?` | `string` |

***

##### OneTapConfigureParams[​](#onetapconfigureparams "Direct link to OneTapConfigureParams")

> **OneTapConfigureParams** = [`ClientIdOrPlistPath`](#clientidorplistpath) & { `hostedDomain?`: `string`; `logLevel?`: `"debug"` | `"info"` | `"warn"`; `openIdRealm?`: `string`; `profileImageSize?`: `number`; `scopes?`: `string`\[]; `webClientId`: `WebClientId`; }

`webClientId` is the most important parameter in the configuration. It is required.

###### Type Declaration[​](#type-declaration "Direct link to Type Declaration")

| Name                | Type                              | Description                                                                                                                                                                  |
| ------------------- | --------------------------------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
| `hostedDomain?`     | `string`                          | iOS only. Specifies a hosted domain restriction. By setting this, authorization will be restricted to accounts of the user in the specified domain.                          |
| `logLevel?`         | `"debug"` | `"info"` | `"warn"` | Web only. Controls debug logging in browser console. This is implemented in Google's web SDK and is not part of their public API so it may change or be removed at any time. |
| `openIdRealm?`      | `string`                          | iOS only. The OpenID2 realm of the home web server. This allows Google to include the user's OpenID Identifier in the OpenID Connect ID token.                               |
| `profileImageSize?` | `number`                          | iOS only. The desired height and width of the profile image. **Default** `120px`                                                                                             |
| `scopes?`           | `string`\[]                       | iOS only. The Google API scopes to request access to. Use `requestAuthorization` to request additional scopes on Android. **Default** `["email", "profile"]`                 |
| `webClientId`       | `WebClientId`                     | The web client ID obtained from Google Cloud console. In the Universal module only, pass `autoDetect` to automatically determine the value from Firebase config file.        |

***

##### OneTapCreateAccountParams[​](#onetapcreateaccountparams "Direct link to OneTapCreateAccountParams")

> **OneTapCreateAccountParams** = [`OneTapSignInParams`](#onetapsigninparams) & { `accountName?`: `string`; `requestVerifiedPhoneNumber?`: `boolean`; }

###### Type Declaration[​](#type-declaration-1 "Direct link to Type Declaration")

| Name                          | Type      | Description                                                                                                                                                                 |
| ----------------------------- | --------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
| `accountName?`                | `string`  | iOS only. An account name present on the device that should be used. **Example** `your_email@gmail.com`                                                                     |
| `requestVerifiedPhoneNumber?` | `boolean` | Android only. Whether to request for a verified phone number during sign-ups. Requesting it doesn't guarantee that it will be provided in the response. **Default** `false` |

***

##### OneTapExplicitSignInParams[​](#onetapexplicitsigninparams "Direct link to OneTapExplicitSignInParams")

> **OneTapExplicitSignInParams** = [`OneTapSignInParams`](#onetapsigninparams) & { `accountName?`: `string`; }

###### Type Declaration[​](#type-declaration-2 "Direct link to Type Declaration")

| Name           | Type     | Description                                                                                             |
| -------------- | -------- | ------------------------------------------------------------------------------------------------------- |
| `accountName?` | `string` | iOS only. An account name present on the device that should be used. **Example** `your_email@gmail.com` |

***

##### OneTapExplicitSignInResponse[​](#onetapexplicitsigninresponse "Direct link to OneTapExplicitSignInResponse")

> **OneTapExplicitSignInResponse** = [`OneTapSuccessResponse`](#onetapsuccessresponse) | [`CancelledResponse`](#cancelledresponse)

***

##### OneTapResponse[​](#onetapresponse "Direct link to OneTapResponse")

> **OneTapResponse** = [`OneTapSuccessResponse`](#onetapsuccessresponse) | [`CancelledResponse`](#cancelledresponse) | [`NoSavedCredentialFound`](#nosavedcredentialfound)

The response object for OneTap's `signIn` and `createAccount`.

***

##### OneTapSignInParams[​](#onetapsigninparams "Direct link to OneTapSignInParams")

> **OneTapSignInParams** = { `nonce?`: `string`; `skipPrompt?`: `boolean`; } & `ReducedWebSignInOptions`

Learn more about additional web-only parameters at [Google's reference documentation](https://developers.google.com/identity/gsi/web/reference/js-reference#IdConfiguration).

###### Type Declaration[​](#type-declaration-3 "Direct link to Type Declaration")

| Name          | Type      | Description                                                                                                                                                                                                          |
| ------------- | --------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
| `nonce?`      | `string`  | A cryptographically random value used to mitigate replay attacks. Supported on all platforms.                                                                                                                        |
| `skipPrompt?` | `boolean` | Web only. When calling any of the sign-in methods, a prompt is displayed by default on the top-right of the web page. Set this to true to only allow signing in via the `WebGoogleSigninButton`. **Default** `false` |

***

##### OneTapSuccessResponse[​](#onetapsuccessresponse "Direct link to OneTapSuccessResponse")

> **OneTapSuccessResponse** = { `data`: [`OneTapUser`](#onetapuser); `type`: `"success"`; }

The response object when the user successfully signs in.

###### Properties[​](#properties-2 "Direct link to Properties")

| Property   | Type                        |
| ---------- | --------------------------- |
| []()`data` | [`OneTapUser`](#onetapuser) |
| []()`type` | `"success"`                 |

***

##### OneTapUser[​](#onetapuser "Direct link to OneTapUser")

> **OneTapUser** = { `credentialOrigin`: `CredentialResponse`\[`"select_by"`]; `idToken`: `string`; `serverAuthCode`: `string` | `null`; `user`: { `email`: `string` | `null`; `familyName`: `string` | `null`; `givenName`: `string` | `null`; `id`: `string`; `name`: `string` | `null`; `phoneNumber`: `string` | `null`; `photo`: `string` | `null`; }; }

###### Properties[​](#properties-3 "Direct link to Properties")

| Property               | Type                                                                                                                                                                                                            | Description                                                                                                                                                         |
| ---------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
| []()`credentialOrigin` | `CredentialResponse`\[`"select_by"`]                                                                                                                                                                            | The credential origin. This is the method that was used to sign in the user. On native platforms, this is always "user". On the web it's a value from a union type. |
| []()`idToken`          | `string`                                                                                                                                                                                                        | -                                                                                                                                                                   |
| []()`serverAuthCode`   | `string` | `null`                                                                                                                                                                                              | iOS only. Not null only if a valid `webClientId` and `offlineAccess: true` was specified in `configure()`. Call `requestAuthorization()` to obtain it on Android.   |
| []()`user`             | { `email`: `string` | `null`; `familyName`: `string` | `null`; `givenName`: `string` | `null`; `id`: `string`; `name`: `string` | `null`; `phoneNumber`: `string` | `null`; `photo`: `string` | `null`; } | -                                                                                                                                                                   |
| `user.email`           | `string` | `null`                                                                                                                                                                                              | -                                                                                                                                                                   |
| `user.familyName`      | `string` | `null`                                                                                                                                                                                              | -                                                                                                                                                                   |
| `user.givenName`       | `string` | `null`                                                                                                                                                                                              | -                                                                                                                                                                   |
| `user.id`              | `string`                                                                                                                                                                                                        | An immutable identifier for the user. Unique among all Google accounts and never reused (user's email can change, this value cannot).                               |
| `user.name`            | `string` | `null`                                                                                                                                                                                              | -                                                                                                                                                                   |
| `user.phoneNumber`     | `string` | `null`                                                                                                                                                                                              | Android only, and only for `createAccount`. Requires setting `requestVerifiedPhoneNumber` to `true`.                                                                |
| `user.photo`           | `string` | `null`                                                                                                                                                                                              | -                                                                                                                                                                   |

***

##### PlayServicesInfo[​](#playservicesinfo "Direct link to PlayServicesInfo")

> **PlayServicesInfo** = { `installedVersion`: `number`; `minRequiredVersion`: `number`; }

The response object for successful `checkPlayServices` call. It denotes that the necessary prerequisites for calling the module in methods are met.

###### Properties[​](#properties-4 "Direct link to Properties")

| Property                 | Type     |
| ------------------------ | -------- |
| []()`installedVersion`   | `number` |
| []()`minRequiredVersion` | `number` |

***

##### RequestAuthorizationParams[​](#requestauthorizationparams "Direct link to RequestAuthorizationParams")

> **RequestAuthorizationParams** = { `accountName?`: `string`; `hostedDomain?`: `string`; `offlineAccess?`: { `enabled`: `boolean`; `forceCodeForRefreshToken?`: `boolean`; }; `prompt?`: [`AuthorizationPrompt`](#authorizationprompt) | [`AuthorizationPrompt`](#authorizationprompt)\[]; `scopes`: `string`\[]; }

Learn more in the [guide](/docs/one-tap.md#requestauthorization).

###### Properties[​](#properties-5 "Direct link to Properties")

| Property                                  | Type                                                              | Description                                                                                                                                                                                 |
| ----------------------------------------- | ----------------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
| []()`accountName?`                        | `string`                                                          | Android only. Specifies an account on the device that should be used.                                                                                                                       |
| []()`hostedDomain?`                       | `string`                                                          | Android only. Specifies a hosted domain restriction. By setting this, authorization will be restricted to accounts of the user in the specified domain.                                     |
| []()`offlineAccess?`                      | { `enabled`: `boolean`; `forceCodeForRefreshToken?`: `boolean`; } | -                                                                                                                                                                                           |
| `offlineAccess.enabled`                   | `boolean`                                                         | Whether to enable offline access. If enabled, `serverAuthCode` will be returned in the response.                                                                                            |
| `offlineAccess.forceCodeForRefreshToken?` | `boolean`                                                         | Android only. If true, the granted code can be exchanged for an access token and a refresh token. Only use true if your server has suffered some failure and lost the user's refresh token. |
| []()`scopes`                              | `string`\[]                                                       | The Google API scopes to request access to. See [scopes docs](/docs/integration-notes#additional-scopes).                                                                                   |

***

##### GoogleOneTapSignIn[​](#googleonetapsignin "Direct link to GoogleOneTapSignIn")

> `const` **GoogleOneTapSignIn**: { `checkPlayServices`: (`showErrorResolutionDialog?`: `boolean`) => `Promise`<[`PlayServicesInfo`](#playservicesinfo)>; `clearCachedAccessToken`: (`tokenString`: `string`) => `Promise`<`null`>; `configure`: (`options`: [`OneTapConfigureParams`](#onetapconfigureparams)) => `void`; `createAccount`: `CreateAccountInterface`; `enableAppCheck`: (`params?`: [`EnableAppCheckParams`](#enableappcheckparams)) => `Promise`<`null`>; `presentExplicitSignIn`: `ExplicitSignInInterface`; `requestAuthorization`: (`options`: [`RequestAuthorizationParams`](#requestauthorizationparams)) => `Promise`<[`AuthorizationResponse`](#authorizationresponse)>; `revokeAccess`: (`emailOrUniqueId`: `string`) => `Promise`<`null`>; `signIn`: `SignInInterface`; `signOut`: () => `Promise`<`null`>; }

The entry point of the Universal Sign In API, exposed as `GoogleOneTapSignIn`.

On the web, the signatures of `signIn`, `presentExplicitSignIn`, and `createAccount` are callback-based and on native they are Promise-based. Read more in the [guide](/docs/one-tap.md#web-support).

###### Type Declaration[​](#type-declaration-4 "Direct link to Type Declaration")

| Name                           | Type                                                                                                                                                                           |
| ------------------------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ |
| []()`checkPlayServices()`      | (`showErrorResolutionDialog?`: `boolean`) => `Promise`<[`PlayServicesInfo`](#playservicesinfo)>                                                                                |
| []()`clearCachedAccessToken()` | (`tokenString`: `string`) => `Promise`<`null`>                                                                                                                                 |
| []()`configure()`              | (`options`: [`OneTapConfigureParams`](#onetapconfigureparams)) => `void`                                                                                                       |
| `createAccount`                | (`params?`: [`OneTapCreateAccountParams`](/docs/api.md#onetapcreateaccountparams)) => `Promise`<[`OneTapResponse`](/docs/api.md#onetapresponse)>                               |
| []()`enableAppCheck()`         | (`params?`: [`EnableAppCheckParams`](#enableappcheckparams)) => `Promise`<`null`>                                                                                              |
| `presentExplicitSignIn`        | (`params?`: [`OneTapExplicitSignInParams`](/docs/api.md#onetapexplicitsigninparams)) => `Promise`<[`OneTapExplicitSignInResponse`](/docs/api.md#onetapexplicitsigninresponse)> |
| []()`requestAuthorization()`   | (`options`: [`RequestAuthorizationParams`](#requestauthorizationparams)) => `Promise`<[`AuthorizationResponse`](#authorizationresponse)>                                       |
| []()`revokeAccess()`           | (`emailOrUniqueId`: `string`) => `Promise`<`null`>                                                                                                                             |
| `signIn`                       | (`params?`: [`OneTapSignInParams`](/docs/api.md#onetapsigninparams)) => `Promise`<[`OneTapResponse`](/docs/api.md#onetapresponse)>                                             |
| []()`signOut()`                | () => `Promise`<`null`>                                                                                                                                                        |

#### Original Google sign in[​](#original-google-sign-in "Direct link to Original Google sign in")

##### AddScopesParams[​](#addscopesparams "Direct link to AddScopesParams")

> **AddScopesParams** = { `scopes`: `string`\[]; }

###### Properties[​](#properties-6 "Direct link to Properties")

| Property     | Type        | Description                                                                    |
| ------------ | ----------- | ------------------------------------------------------------------------------ |
| []()`scopes` | `string`\[] | The Google API scopes to request access to. **Default** `["email", "profile"]` |

***

##### ConfigureParams[​](#configureparams "Direct link to ConfigureParams")

> **ConfigureParams** = [`ClientIdOrPlistPath`](#clientidorplistpath) & { `accountName?`: `string`; `forceCodeForRefreshToken?`: `boolean`; `hostedDomain?`: `string`; `offlineAccess?`: `boolean`; `openIdRealm?`: `string`; `profileImageSize?`: `number`; `scopes?`: `string`\[]; `webClientId?`: `WebClientId`; }

###### Type Declaration[​](#type-declaration-5 "Direct link to Type Declaration")

| Name                        | Type          | Description                                                                                                                                                                                                                                                                                                                                 |
| --------------------------- | ------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
| `accountName?`              | `string`      | Android only. An account name that should be prioritized.                                                                                                                                                                                                                                                                                   |
| `forceCodeForRefreshToken?` | `boolean`     | Android only. Only set to `true` if your server has suffered some failure and lost the user's refresh token.                                                                                                                                                                                                                                |
| `hostedDomain?`             | `string`      | Specifies a hosted domain restriction. By setting this, authorization will be restricted to accounts of the user in the specified domain.                                                                                                                                                                                                   |
| `offlineAccess?`            | `boolean`     | Must be `true` if you wish to access user APIs on behalf of the user from your own server. When offline access is requested, an authorization code is returned so the server can use the authorization code to exchange for access token and refresh token. The access token allows the server to access Google data on behalf of the user. |
| `openIdRealm?`              | `string`      | iOS only. The OpenID2 realm of the home web server. This allows Google to include the user's OpenID Identifier in the OpenID Connect ID token.                                                                                                                                                                                              |
| `profileImageSize?`         | `number`      | iOS only. The desired height and width of the profile image. **Default** `120px`                                                                                                                                                                                                                                                            |
| `scopes?`                   | `string`\[]   | The Google API scopes to request access to. **Default** `["email", "profile"]`                                                                                                                                                                                                                                                              |
| `webClientId?`              | `WebClientId` | The web client ID obtained from Google Cloud console. Required for offline access.                                                                                                                                                                                                                                                          |

***

##### GetTokensResponse[​](#gettokensresponse "Direct link to GetTokensResponse")

> **GetTokensResponse** = { `accessToken`: `string`; `idToken`: `string`; }

###### Properties[​](#properties-7 "Direct link to Properties")

| Property          | Type     |
| ----------------- | -------- |
| []()`accessToken` | `string` |
| []()`idToken`     | `string` |

***

##### HasPlayServicesParams[​](#hasplayservicesparams "Direct link to HasPlayServicesParams")

> **HasPlayServicesParams** = { `showPlayServicesUpdateDialog?`: `boolean`; }

###### Properties[​](#properties-8 "Direct link to Properties")

| Property                            | Type      | Description                                                                                                                           |
| ----------------------------------- | --------- | ------------------------------------------------------------------------------------------------------------------------------------- |
| []()`showPlayServicesUpdateDialog?` | `boolean` | Whether to show a dialog that prompts the user to install Google Play Services, if they don't have them installed. **Default** `true` |

***

##### SignInParams[​](#signinparams "Direct link to SignInParams")

> **SignInParams** = { `loginHint?`: `string`; `nonce?`: `string`; }

###### Properties[​](#properties-9 "Direct link to Properties")

| Property         | Type     | Description                                                                                                                                                                                                                                            |
| ---------------- | -------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ |
| []()`loginHint?` | `string` | iOS only. The user's ID, or email address, to be prefilled in the authentication UI if possible. [See docs here](https://developers.google.com/identity/sign-in/ios/reference/Classes/GIDSignIn#-signinwithpresentingviewcontroller:hint:completion:). |
| []()`nonce?`     | `string` | iOS only. A cryptographically random value used to mitigate replay attacks. Only available in the paid version. For support across all platforms, use the Universal sign in module.                                                                    |

***

##### SignInResponse[​](#signinresponse "Direct link to SignInResponse")

> **SignInResponse** = [`SignInSuccessResponse`](#signinsuccessresponse) | [`CancelledResponse`](#cancelledresponse)

***

##### SignInSilentlyResponse[​](#signinsilentlyresponse "Direct link to SignInSilentlyResponse")

> **SignInSilentlyResponse** = [`SignInSuccessResponse`](#signinsuccessresponse) | [`NoSavedCredentialFound`](#nosavedcredentialfound)

The response object for calling `signInSilently`. Either the user details are available (without user interaction) or there was no saved credential found.

***

##### SignInSuccessResponse[​](#signinsuccessresponse "Direct link to SignInSuccessResponse")

> **SignInSuccessResponse** = { `data`: [`User`](#user); `type`: `"success"`; }

The response object when the user signs in successfully.

###### Properties[​](#properties-10 "Direct link to Properties")

| Property   | Type            | Description       |
| ---------- | --------------- | ----------------- |
| []()`data` | [`User`](#user) | The user details. |
| []()`type` | `"success"`     | -                 |

***

##### User[​](#user "Direct link to User")

> **User** = { `idToken`: `string` | `null`; `scopes`: `string`\[]; `serverAuthCode`: `string` | `null`; `user`: { `email`: `string`; `familyName`: `string` | `null`; `givenName`: `string` | `null`; `id`: `string`; `name`: `string` | `null`; `photo`: `string` | `null`; }; }

###### Properties[​](#properties-11 "Direct link to Properties")

| Property             | Type                                                                                                                                                               | Description                                                                                                                                                                                                                                                                                                                                               |
| -------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------ | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
| []()`idToken`        | `string` | `null`                                                                                                                                                 | JWT (JSON Web Token) that serves as a secure credential for your user's identity.                                                                                                                                                                                                                                                                         |
| []()`scopes`         | `string`\[]                                                                                                                                                        | The Google API scopes that the user granted access to.                                                                                                                                                                                                                                                                                                    |
| []()`serverAuthCode` | `string` | `null`                                                                                                                                                 | Code that you can securely send to your server to exchange for an access and refresh token. Use the access token to call Google APIs on behalf of the user and, optionally, store the refresh token to acquire a new access token when the access token expires. Not null only if a valid `webClientId` and `offlineAccess` was enabled in `configure()`. |
| []()`user`           | { `email`: `string`; `familyName`: `string` | `null`; `givenName`: `string` | `null`; `id`: `string`; `name`: `string` | `null`; `photo`: `string` | `null`; } | -                                                                                                                                                                                                                                                                                                                                                         |
| `user.email`         | `string`                                                                                                                                                           | -                                                                                                                                                                                                                                                                                                                                                         |
| `user.familyName`    | `string` | `null`                                                                                                                                                 | -                                                                                                                                                                                                                                                                                                                                                         |
| `user.givenName`     | `string` | `null`                                                                                                                                                 | -                                                                                                                                                                                                                                                                                                                                                         |
| `user.id`            | `string`                                                                                                                                                           | -                                                                                                                                                                                                                                                                                                                                                         |
| `user.name`          | `string` | `null`                                                                                                                                                 | -                                                                                                                                                                                                                                                                                                                                                         |
| `user.photo`         | `string` | `null`                                                                                                                                                 | -                                                                                                                                                                                                                                                                                                                                                         |

***

##### GoogleSignin[​](#googlesignin "Direct link to GoogleSignin")

> `const` **GoogleSignin**: { `addScopes`: (`options`: [`AddScopesParams`](#addscopesparams)) => `Promise`<[`SignInResponse`](#signinresponse) | `null`>; `clearCachedAccessToken`: (`tokenString`: `string`) => `Promise`<`null`>; `configure`: (`options?`: [`ConfigureParams`](#configureparams)) => `void`; `enableAppCheck`: (`params?`: [`EnableAppCheckParams`](#enableappcheckparams)) => `Promise`<`null`>; `getCurrentUser`: () => [`User`](#user) | `null`; `getTokens`: () => `Promise`<[`GetTokensResponse`](#gettokensresponse)>; `hasPlayServices`: (`options?`: [`HasPlayServicesParams`](#hasplayservicesparams)) => `Promise`<`boolean`>; `hasPreviousSignIn`: () => `boolean`; `revokeAccess`: () => `Promise`<`null`>; `signIn`: (`options`: [`SignInParams`](#signinparams)) => `Promise`<[`SignInResponse`](#signinresponse)>; `signInSilently`: () => `Promise`<[`SignInSilentlyResponse`](#signinsilentlyresponse)>; `signOut`: () => `Promise`<`null`>; }

The entry point of the Google Sign In API, exposed as `GoogleSignin`.

###### Type Declaration[​](#type-declaration-6 "Direct link to Type Declaration")

| Name                           | Type                                                                                                           |
| ------------------------------ | -------------------------------------------------------------------------------------------------------------- |
| []()`addScopes()`              | (`options`: [`AddScopesParams`](#addscopesparams)) => `Promise`<[`SignInResponse`](#signinresponse) | `null`> |
| []()`clearCachedAccessToken()` | (`tokenString`: `string`) => `Promise`<`null`>                                                                 |
| []()`configure()`              | (`options?`: [`ConfigureParams`](#configureparams)) => `void`                                                  |
| []()`enableAppCheck()`         | (`params?`: [`EnableAppCheckParams`](#enableappcheckparams)) => `Promise`<`null`>                              |
| []()`getCurrentUser()`         | () => [`User`](#user) | `null`                                                                                |
| []()`getTokens()`              | () => `Promise`<[`GetTokensResponse`](#gettokensresponse)>                                                     |
| []()`hasPlayServices()`        | (`options?`: [`HasPlayServicesParams`](#hasplayservicesparams)) => `Promise`<`boolean`>                        |
| []()`hasPreviousSignIn()`      | () => `boolean`                                                                                                |
| []()`revokeAccess()`           | () => `Promise`<`null`>                                                                                        |
| []()`signIn()`                 | (`options`: [`SignInParams`](#signinparams)) => `Promise`<[`SignInResponse`](#signinresponse)>                 |
| []()`signInSilently()`         | () => `Promise`<[`SignInSilentlyResponse`](#signinsilentlyresponse)>                                           |
| []()`signOut()`                | () => `Promise`<`null`>                                                                                        |

#### Constants[​](#constants "Direct link to Constants")

##### statusCodes[​](#statuscodes "Direct link to statusCodes")

> `const` **statusCodes**: `Readonly`<{ `IN_PROGRESS`: `string`; `NULL_PRESENTER`: `"NULL_PRESENTER"`; `ONE_TAP_START_FAILED`: `"ONE_TAP_START_FAILED"`; `PLAY_SERVICES_NOT_AVAILABLE`: `string`; }>

Read more about the meaning of the error codes in the [guide](/docs/errors.md).

#### Functions[​](#functions "Direct link to Functions")

##### isCancelledResponse()[​](#iscancelledresponse "Direct link to isCancelledResponse()")

> **isCancelledResponse**(`response`: [`OneTapResponse`](#onetapresponse)): `response is CancelledResponse`

TypeScript helper to check if a response is a `cancelled` response. This is the same as checking if the `response.type === "cancelled"`.

Use this if you prefer to use a function instead of comparing with a raw string.

It supports both One Tap and Original Google Sign In responses.

###### Parameters[​](#parameters "Direct link to Parameters")

| Parameter  | Type                                |
| ---------- | ----------------------------------- |
| `response` | [`OneTapResponse`](#onetapresponse) |

###### Returns[​](#returns "Direct link to Returns")

`response is CancelledResponse`

###### Example[​](#example "Direct link to Example")

```ts
const response = await GoogleOneTapSignIn.createAccount();

if (isCancelledResponse(response)) {
  // handle cancelled response
}

```

***

##### isErrorWithCode()[​](#iserrorwithcode "Direct link to isErrorWithCode()")

> **isErrorWithCode**(`error`: `unknown`): `error is NativeModuleError`

TypeScript helper to check if an object has the `code` property. This is used to avoid `as` casting when you access the `code` property on errors returned by the module.

###### Parameters[​](#parameters-1 "Direct link to Parameters")

| Parameter | Type      |
| --------- | --------- |
| `error`   | `unknown` |

###### Returns[​](#returns-1 "Direct link to Returns")

`error is NativeModuleError`

***

##### isNoSavedCredentialFoundResponse()[​](#isnosavedcredentialfoundresponse "Direct link to isNoSavedCredentialFoundResponse()")

> **isNoSavedCredentialFoundResponse**(`response`: [`OneTapResponse`](#onetapresponse)): `response is NoSavedCredentialFound`

TypeScript helper to check if a response is a `noSavedCredentialFound` response. This is the same as checking if the `response.type === "noSavedCredentialFound"`.

Use this if you prefer to use a function instead of comparing with a raw string.

It supports both One Tap and Original Google Sign In responses.

###### Parameters[​](#parameters-2 "Direct link to Parameters")

| Parameter  | Type                                |
| ---------- | ----------------------------------- |
| `response` | [`OneTapResponse`](#onetapresponse) |

###### Returns[​](#returns-2 "Direct link to Returns")

`response is NoSavedCredentialFound`

###### Example[​](#example-1 "Direct link to Example")

```ts
const response = await GoogleOneTapSignIn.signIn();

if (isNoSavedCredentialFoundResponse(response)) {
  // the case when no user was previously signed in
}

```

***

##### isSuccessResponse()[​](#issuccessresponse "Direct link to isSuccessResponse()")

> **isSuccessResponse**(`response`: [`OneTapResponse`](#onetapresponse)): `response is OneTapSuccessResponse`

TypeScript helper to check if a response is a `cancelled` response. This is the same as checking if the `response.type === "cancelled"`.

Use this if you prefer to use a function instead of comparing with a raw string.

It supports both One Tap and Original Google Sign In responses.

###### Parameters[​](#parameters-3 "Direct link to Parameters")

| Parameter  | Type                                |
| ---------- | ----------------------------------- |
| `response` | [`OneTapResponse`](#onetapresponse) |

###### Returns[​](#returns-3 "Direct link to Returns")

`response is OneTapSuccessResponse`

###### Example[​](#example-2 "Direct link to Example")

```ts
const response = await GoogleOneTapSignIn.createAccount();

if (isSuccessResponse(response)) {
  // handle user signed in
}

```

#### React Components[​](#react-components "Direct link to React Components")

##### GoogleLogoButtonProps[​](#googlelogobuttonprops "Direct link to GoogleLogoButtonProps")

> **GoogleLogoButtonProps** = { `label?`: `string`; `shape?`: `"rectangular"` | `"circular"`; `textStyle?`: `StyleProp`<`TextStyle`>; `theme?`: `"light"` | `"dark"` | `"neutral"`; `variant?`: `"standard"` | `"icon"`; }

###### Properties[​](#properties-12 "Direct link to Properties")

| Property         | Type                                 | Description                                                                     |
| ---------------- | ------------------------------------ | ------------------------------------------------------------------------------- |
| []()`label?`     | `string`                             | -                                                                               |
| []()`shape?`     | `"rectangular"` | `"circular"`      | -                                                                               |
| []()`textStyle?` | `StyleProp`<`TextStyle`>             | Style for the button text. Provide the Roboto font family with a weight of 500. |
| []()`theme?`     | `"light"` | `"dark"` | `"neutral"` | -                                                                               |
| []()`variant?`   | `"standard"` | `"icon"`             | -                                                                               |

***

##### GoogleSigninButtonProps[​](#googlesigninbuttonprops "Direct link to GoogleSigninButtonProps")

> **GoogleSigninButtonProps** = `ViewProps` & { `color?`: `"dark"` | `"light"`; `disabled?`: `boolean`; `onPress?`: () => `void`; `size?`: `number`; }

###### Type Declaration[​](#type-declaration-7 "Direct link to Type Declaration")

| Name         | Type                  |
| ------------ | --------------------- |
| `color?`     | `"dark"` | `"light"` |
| `disabled?`  | `boolean`             |
| `onPress()?` | () => `void`          |
| `size?`      | `number`              |

***

##### WebGoogleSignInButtonProps[​](#webgooglesigninbuttonprops "Direct link to WebGoogleSignInButtonProps")

> **WebGoogleSignInButtonProps** = `Omit`<`GsiButtonConfiguration`, `"logo_alignment"`> & { `logoAlignment?`: `GsiButtonConfiguration`\[`"logo_alignment"`]; `onError?`: (`error`: `Error`) => `void`; }

###### Type Declaration[​](#type-declaration-8 "Direct link to Type Declaration")

| Name             | Type                                          |
| ---------------- | --------------------------------------------- |
| `logoAlignment?` | `GsiButtonConfiguration`\[`"logo_alignment"`] |
| `onError()?`     | (`error`: `Error`) => `void`                  |

***

##### GoogleLogoButton[​](#googlelogobutton "Direct link to GoogleLogoButton")

> `const` **GoogleLogoButton**: `React.FC`<`PressableProps` & [`GoogleLogoButtonProps`](#googlelogobuttonprops)>

Sign in button that follows the [Google branding guidelines](https://developers.google.com/identity/branding-guidelines).

***

##### WebGoogleSigninButton[​](#webgooglesigninbutton "Direct link to WebGoogleSigninButton")

> `const` **WebGoogleSigninButton**: `React.FC`<[`WebGoogleSignInButtonProps`](#webgooglesigninbuttonprops)>

***

##### GoogleSigninButton()[​](#googlesigninbutton "Direct link to GoogleSigninButton()")

> **GoogleSigninButton**(`props`: [`GoogleSigninButtonProps`](#googlesigninbuttonprops)): `Element`

Native Google Sign-In button component. Prefer using the [`GoogleLogoButton`](#googlelogobutton) for a more customizable button.

###### Parameters[​](#parameters-4 "Direct link to Parameters")

| Parameter | Type                                                  |
| --------- | ----------------------------------------------------- |
| `props`   | [`GoogleSigninButtonProps`](#googlesigninbuttonprops) |

###### Returns[​](#returns-4 "Direct link to Returns")

`Element`

#### Type Aliases[​](#type-aliases "Direct link to Type Aliases")

##### AuthorizationPrompt[​](#authorizationprompt "Direct link to AuthorizationPrompt")

> **AuthorizationPrompt** = `"consent"` | `"select_account"`

***

##### CancelledResponse[​](#cancelledresponse "Direct link to CancelledResponse")

> **CancelledResponse** = { `data`: `null`; `type`: `"cancelled"`; }

The response object when the user cancels the flow for any operation that requires user interaction.

On the web, this is also returned while [cooldown period](https://developers.google.com/identity/gsi/web/guides/features#exponential_cooldown) is active. Detecting the cooldown period itself is not possible on the web for user privacy reasons.

###### Properties[​](#properties-13 "Direct link to Properties")

| Property   | Type          |
| ---------- | ------------- |
| []()`data` | `null`        |
| []()`type` | `"cancelled"` |

***

##### ClientIdOrPlistPath[​](#clientidorplistpath "Direct link to ClientIdOrPlistPath")

> **ClientIdOrPlistPath** = { `iosClientId?`: `string`; } | { `googleServicePlistPath?`: `string`; }

iOS only. Configures the iOS client ID. By default, the iOS client ID is taken from the `GoogleService-Info.plist` Firebase config file (if present).

You can specify a different bundle path for the config file, e.g. "GoogleService-Info-Staging".

Alternatively, set the client ID explicitly by providing `iosClientId`.

###### Type Declaration[​](#type-declaration-9 "Direct link to Type Declaration")

{ `iosClientId?`: `string`; }

| Name           | Type     | Description                                                                                                        |
| -------------- | -------- | ------------------------------------------------------------------------------------------------------------------ |
| `iosClientId?` | `string` | If you want to specify the client ID of type iOS. It is taken from the `GoogleService-Info.plist` file by default. |

{ `googleServicePlistPath?`: `string`; }

| Name                      | Type     | Description                                                                                                                                              |
| ------------------------- | -------- | -------------------------------------------------------------------------------------------------------------------------------------------------------- |
| `googleServicePlistPath?` | `string` | iOS only. Use this to specify a different bundle path name for the `GoogleService-Info` Firebase config file. **Example** `"GoogleService-Info-Staging"` |

***

##### NoSavedCredentialFound[​](#nosavedcredentialfound "Direct link to NoSavedCredentialFound")

> **NoSavedCredentialFound** = { `data`: `null`; `type`: `"noSavedCredentialFound"`; }

The response to calling One Tap's `signIn` and Original Google Sign In's `signInSilently` when no user was previously signed in, or they have since signed out or revoked access.

###### Properties[​](#properties-14 "Direct link to Properties")

| Property   | Type                       |
| ---------- | -------------------------- |
| []()`data` | `null`                     |
| []()`type` | `"noSavedCredentialFound"` |

#### Web Universal sign in module[​](#web-universal-sign-in-module "Direct link to Web Universal sign in module")

##### WebOneTapSignInCallbacks[​](#webonetapsignincallbacks "Direct link to WebOneTapSignInCallbacks")

> **WebOneTapSignInCallbacks** = { `momentListener?`: `MomentListener`; `onError`: (`error`: `NativeModuleError`) => `void` | `Promise`<`void`>; `onResponse`: (`userInfo`: [`OneTapExplicitSignInResponse`](#onetapexplicitsigninresponse)) => `void` | `Promise`<`void`>; }

When using Universal sign in on the web, the sign in result is delivered via a callback, not via a promise. The shape of data delivered to the callback is the same as the shape of the data in the promise, enabling code reuse. Read more in the [guide](/docs/one-tap.md#web-support).

###### Properties[​](#properties-15 "Direct link to Properties")

| Property              | Type                                                                                                         | Description                                                                                                                                                                                                                                                       |
| --------------------- | ------------------------------------------------------------------------------------------------------------ | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
| []()`momentListener?` | `MomentListener`                                                                                             | A callback function that is called when important events take place. See [reference](https://developers.google.com/identity/gsi/web/reference/js-reference#PromptMomentNotification).                                                                             |
| []()`onError`         | (`error`: `NativeModuleError`) => `void` | `Promise`<`void`>                                                | Called when an error occurs. You can use the `code` property of the error to determine the reason for the error. The reported errors on the web are in the same format as the errors reported on the native platforms, so you can reuse your error handling code. |
| []()`onResponse`      | (`userInfo`: [`OneTapExplicitSignInResponse`](#onetapexplicitsigninresponse)) => `void` | `Promise`<`void`> | Called when the user successfully signs in, or cancels the sign in, either using the web One-tap flow or the button flow.                                                                                                                                         |

---

### GoogleLogoButton

A Google Sign-In button that follows Google's official branding guidelines. Intended for native apps. It renders null when used on the web.

tip

The functionality covered in this page is available in the licensed version. [You can get a license here](https://universal-sign-in.com/#pricing) ⭐️.

#### Features[​](#features "Direct link to Features")

* Available in standard and icon-only variants
* Customizable shape (rectangular or circular)
* Supports light, dark, and neutral themes
* Full customization possible via [Pressable props](https://reactnative.dev/docs/pressable#props)

![screenshot of buttons](/img/google-logo-buttons.jpg)

#### Usage[​](#usage "Direct link to Usage")

See [API reference](/docs/api.md#googlelogobuttonprops) for props.

```tsx
import { GoogleLogoButton } from '@react-native-google-signin/google-signin';

function SignInScreen() {
  return (
    <GoogleLogoButton
      onPress={() => {
        // Handle sign in
      }}
      label="Sign in with Google"
      textStyle={{ fontFamily: 'Roboto' }}
    />
  );
}

```

#### Font Requirements[​](#font-requirements "Direct link to Font Requirements")

The button should render its label using the [Roboto font](https://fonts.google.com/specimen/Roboto) with weight of 500 to match Google's branding guidelines. Make sure to:

1. Include the Roboto font in your app (see [example for Expo](https://docs.expo.dev/versions/latest/sdk/font/#example-appjson-with-config-plugin)).
2. Provide the font family in the `textStyle` prop:

```tsx
<GoogleLogoButton textStyle={{ fontFamily: 'Roboto' }} />

```

---

### WebGoogleSigninButton

This is the sign-in button that you can use in web apps. It renders `null` when used in native apps. It has a slightly different API than the native `GoogleSigninButton` component which is why it exists as a separate component.

tip

The functionality covered in this page is available in the licensed version. [You can get a license here](https://universal-sign-in.com/#pricing) ⭐️.

The button will *not render* before the [Google Client API has been loaded](/docs/setting-up/web.md). You can use the `onError` prop to detect this case.

##### Usage[​](#usage "Direct link to Usage")

As the Universal sign in Guide explains, there are two ways to sign in on the web: using the One-tap UI or using the Google Sign-In button.

One-tap UI may not always be available: This happens if user has [opted out](https://developers.google.com/identity/gsi/web/guides/features#globally_opt_out) or when they close the dialog several times in a row, entering the [cooldown period](https://developers.google.com/identity/gsi/web/guides/features#exponential_cooldown).

The Google Sign-In button serves as a fallback. Tapping it opens the regular Google Sign-In dialog.

```tsx
import { WebGoogleSigninButton } from '@react-native-google-signin/google-signin';

<WebGoogleSigninButton />;

```

#### Props[​](#props "Direct link to Props")

All props are optional.

| Name             | Type                                                                  | Description                                                               |
| ---------------- | --------------------------------------------------------------------- | ------------------------------------------------------------------------- |
| `type?`          | `"standard"` | `"icon"`                                              | The type of the sign-in button.                                           |
| `theme?`         | `"outline"` | `"filled_blue"` | `"filled_black"`                    | The theme of the sign-in button.                                          |
| `size?`          | `"large"` | `"medium"` | `"small"`                                  | The size of the sign-in button.                                           |
| `text?`          | `"signin_with"` | `"signup_with"` | `"continue_with"` | `"signin"` | The text to display on the sign-in button.                                |
| `shape?`         | `"rectangular"` | `"pill"` | `"circle"` | `"square"`               | The shape of the sign-in button.                                          |
| `width?`         | `number`                                                              | The width of the sign-in button.                                          |
| `locale?`        | `string`                                                              | The locale for the sign-in button.                                        |
| `logoAlignment?` | `"left"` | `"center"`                                                | The alignment of the logo on the button.                                  |
| `onError?`       | `(error: Error) => void`                                              | Called when you try to render the button before the Client SDK is loaded. |

---

### Universal sign in

This is Google's recommended way to implement Google Sign In. This API is available on Android, iOS, macOS and web (with a little extra work [described below](#web-support)). It is a replacement for the [Original Google sign in](/docs/original.md). The module APIs are named `GoogleOneTapSignIn` for historical reasons.

tip

The functionality covered in this page is available in the licensed version. [You can get a license here](https://universal-sign-in.com/#pricing) ⭐️.

* On Android, it is built on top of the new [Credential Manager](https://developers.google.com/identity/android-credential-manager) APIs.

* On Apple (iOS and macOS), it is built on top of the [Google Sign In SDK for iOS and macOS](https://developers.google.com/identity/sign-in/ios/start-integrating).

* On the web, it covers both the [One-tap](https://developers.google.com/identity/gsi/web/guides/offerings#one_tap) flow and the [Google Sign-In button](https://developers.google.com/identity/gsi/web/guides/offerings#sign_in_with_google_button). [Learn more](/docs/web-support.md).

#### Usage[​](#usage "Direct link to Usage")

You can copy-paste this snippet to get a complete sign-in flow quickly. Read more about the methods below.

example of going through the sign in flow

```tsx
import {
  GoogleOneTapSignIn,
  GoogleLogoButton,
} from '@react-native-google-signin/google-signin';

<GoogleLogoButton onPress={startSignInFlow} label="Sign in with Google" />;

const startSignInFlow = async () => {
  try {
    GoogleOneTapSignIn.configure(); // move this to after your app starts
    await GoogleOneTapSignIn.checkPlayServices();
    const signInResponse = await GoogleOneTapSignIn.signIn();
    if (signInResponse.type === 'success') {
      // use signInResponse.data
    } else if (signInResponse.type === 'noSavedCredentialFound') {
      // the user wasn't previously signed into this app
      const createResponse = await GoogleOneTapSignIn.createAccount();
      if (createResponse.type === 'success') {
        // use createResponse.data
      } else if (createResponse.type === 'noSavedCredentialFound') {
        // no Google user account was present on the device yet (unlikely but possible)
        const explicitResponse =
          await GoogleOneTapSignIn.presentExplicitSignIn();

        if (explicitResponse.type === 'success') {
          // use explicitResponse.data
        }
      }
    }
    // the else branches correspond to the user canceling the sign in
  } catch (error) {
    // handle error
  }
};

```

Note that on Apple and Android, you can combine the Universal sign in methods with those one from the [Original Google Sign In](/docs/original.md). To do that, use the Universal sign in to sign in the user. Then call `signInSilently()` and then (for example) `getCurrentUser()` to get the current user's information. However, this shouldn't be necessary because this module should cover all your needs. Please open an issue if that's not the case.

***

#### Methods[​](#methods "Direct link to Methods")

##### `configure`[​](#configure "Direct link to configure")

signature: (`params`: [`OneTapConfigureParams`](/docs/api.md#onetapconfigureparams)) => `void`

It is mandatory to call `configure` before attempting to call any of the sign-in methods. This method is synchronous, meaning you can call e.g. `signIn` right after it. Typically, you would call `configure` only once, soon after your app starts.

`webClientId` is a required parameter. Use `"autoDetect"` for [automatic webClientId detection](#automatic-config).

If you're using neither Expo nor Firebase, you also need to provide the `iosClientId` parameter. All other parameters are optional.

Example of calling the configure() method

```ts
GoogleOneTapSignIn.configure({
  webClientId: 'autoDetect',
});

```

***

##### `signIn`[​](#signin "Direct link to signin")

signature: (`params`?: [`OneTapSignInParams`](/docs/api.md#onetapsigninparams)) => `Promise`<[`OneTapResponse`](/docs/api.md#onetapresponse)>

| Platform | Behavior                                                                                                                                                                                                                                                                         |
| -------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
| Android  | Attempts to sign in user automatically, without interaction. [Docs](https://developers.google.com/identity/android-credential-manager/android/reference/kotlin/com/google/android/libraries/identity/googleid/GetGoogleIdOption.Builder#setAutoSelectEnabled\(kotlin.Boolean\)). |
| Apple    | Attempts to restore a previous user sign-in without interaction. [Docs](https://developers.google.com/identity/sign-in/ios/reference/Classes/GIDSignIn#-restoreprevioussigninwithcompletion:).                                                                                   |
| Web      | Attempts to sign in user automatically, without interaction. [Docs](https://developers.google.com/identity/gsi/web/reference/js-reference#auto_select). If none is found, presents a sign-in UI. [Read below](#web-support) for web support.                                     |

If there is no user that was previously signed in, the returned promise resolves with [`NoSavedCredentialFound`](/docs/api.md#nosavedcredentialfound) object. In that case, you can call [`createAccount`](/docs/one-tap.md#createaccount) to start a flow to create a new account. You don't need to call `signIn` as a response to a user action - you can call it when your app starts or when suitable.

UI screenshots

| Android                                                                                                                                       | iOS                          | Web                                                                                                                                                                  |
| --------------------------------------------------------------------------------------------------------------------------------------------- | ---------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
| No UI, no user interaction the first time. If user has signed up previously, they will see this:<br />![](/img/onetap/signing-in-android.png) | (no UI, no user interaction) | The prompt presented the first time: ![](/img/onetap/sign-in-web.png)<br />If user has signed in previously, they will see this: ![](/img/onetap/signing-in-web.png) |

###### Example code snippet[​](#example-code-snippet "Direct link to Example code snippet")

Example of calling the signIn() method

```ts
import {
  GoogleOneTapSignIn,
  statusCodes,
  isErrorWithCode,
  isSuccessResponse,
  isNoSavedCredentialFoundResponse,
} from '@react-native-google-signin/google-signin';

// Somewhere in your code
const signIn = async () => {
  try {
    await GoogleOneTapSignIn.checkPlayServices();
    const response = await GoogleOneTapSignIn.signIn();

    if (isSuccessResponse(response)) {
      // read user's info
      console.log(response.data);
    } else if (isNoSavedCredentialFoundResponse(response)) {
      // Android and Apple only.
      // No saved credential found (user has not signed in yet, or they revoked access)
      // call `createAccount()`
    }
  } catch (error) {
    console.error(error);
    if (isErrorWithCode(error)) {
      switch (error.code) {
        case statusCodes.ONE_TAP_START_FAILED:
          // Android-only, you probably have hit rate limiting.
          // You can still call `presentExplicitSignIn` in this case.
          break;
        case statusCodes.PLAY_SERVICES_NOT_AVAILABLE:
          // Android: play services not available or outdated.
          // Get more details from `error.userInfo`.
          // Web: when calling an unimplemented api (requestAuthorization)
          // or when the Google Client Library is not loaded yet.
          break;
        default:
        // something else happened
      }
    } else {
      // an error that's not related to google sign in occurred
    }
  }
};

```

***

##### Utility Functions[​](#utility-functions "Direct link to Utility Functions")

tip

There are 4 helper functions available:

* [`isErrorWithCode`](/docs/errors.md#iserrorwithcodevalue) for processing errors
* [`isSuccessResponse`](/docs/api.md#issuccessresponse) for checking if a response represents a successful operation. Same as checking `response.type === 'success'`.
* [`isNoSavedCredentialFoundResponse`](/docs/api.md#isnosavedcredentialfoundresponse) for checking if a response represents no saved credentials case. Same as checking `response.type === 'noSavedCredentialFound'`.
* [`isCancelledResponse`](/docs/api.md#iscancelledresponse) for checking if a response represents user cancellation case. Same as checking `response.type === 'cancelled'`.

***

##### `createAccount`[​](#createaccount "Direct link to createaccount")

signature: (`params`?: [`OneTapCreateAccountParams`](/docs/api.md#onetapcreateaccountparams)) => `Promise`<[`OneTapResponse`](/docs/api.md#onetapresponse)>

| Platform | Behavior                                                                                                                                                                                                                                                                                     |
| -------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
| Android  | Starts a flow to sign in with your app for the first time (to create a user account). It offers a list of user accounts to choose from (multiple Google accounts can be logged in on the device).                                                                                            |
| Apple    | Starts an interactive sign-in flow. [Docs](https://developers.google.com/identity/sign-in/ios/reference/Classes/GIDSignIn#-signinwithpresentingviewcontroller:hint:completion:). It offers a list of user accounts to choose from (multiple Google accounts can be logged in on the device). |
| Web      | Presents a one-tap prompt and waits for user interaction (it will not sign in automatically). The prompt has a slightly different styling than with `signIn` (configrable via the `context` param). [Read below](#web-support) for web support.                                              |

You don't need to call `createAccount` as a response to a user action - you can call it some time after your app starts (Though keep in mind the way the dialog is presented on iOS might be inconvenient to users if they didn't ask for it) or when suitable.

Use `createAccount` if `signIn` resolved with [`NoSavedCredentialFound` result](/docs/api.md#nosavedcredentialfound), as indicated in the code snippet above.

UI screenshots

| Android                                 | iOS                                 | Web                                 |
| --------------------------------------- | ----------------------------------- | ----------------------------------- |
| ![](/img/onetap/signing-up-android.png) | ![](/img/onetap/signing-up-ios.png) | ![](/img/onetap/signing-up-web.png) |

```ts
await GoogleOneTapSignIn.createAccount();

```

***

##### `presentExplicitSignIn`[​](#presentexplicitsignin "Direct link to presentexplicitsignin")

signature: (`params`?: [`OneTapExplicitSignInParams`](/docs/api.md#onetapexplicitsigninparams)) => `Promise`<[`OneTapExplicitSignInResponse`](/docs/api.md#onetapexplicitsigninresponse)>

| Platform | Behavior                                                                                                                                                                                                                                                                                                               |
| -------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
| Android  | Presents the sign in dialog explicitly. This is useful if both `signIn` and `createAccount` resolve with [`NoSavedCredentialFound`](/docs/api.md#nosavedcredentialfound) object - which happens (in the unlikely case) when no Google account is present on the device. This prompts the user to add a Google account. |
| Apple    | Starts an interactive sign-in flow. Same as `createAccount`.                                                                                                                                                                                                                                                           |
| Web      | Presents a one-tap prompt. Same as `createAccount`.                                                                                                                                                                                                                                                                    |

Preferably, call this method only as a reaction to when user taps a [sign in button](/docs/buttons/google-logo-button.md).

UI screenshots

| Android                               | iOS                                 | Web                                 |
| ------------------------------------- | ----------------------------------- | ----------------------------------- |
| ![](/img/onetap/explicit-android.png) | ![](/img/onetap/signing-up-ios.png) | ![](/img/onetap/signing-up-web.png) |

```ts
await GoogleOneTapSignIn.presentExplicitSignIn();

```

***

##### `checkPlayServices`[​](#checkplayservices "Direct link to checkplayservices")

signature: (`showErrorResolutionDialog`?: `boolean`): `Promise`<[`PlayServicesInfo`](/docs/api.md#playservicesinfo)>

The behavior of `checkPlayServices` varies across platforms:

* Android: The function resolves if the device has Play Services installed and their version is >= the minimum required version. Otherwise, it rejects with `statusCodes.PLAY_SERVICES_NOT_AVAILABLE` error code, and more information in `userInfo` field (see [below](#example-code-snippet)).

The `showErrorResolutionDialog` parameter (default `true`) controls whether a dialog that helps to resolve an error is shown (only in case the error is user-resolvable).

On Android, the presence of up-to-date Google Play Services is required to call any of the provided authentication and authorization methods. It is therefore necessary to call `checkPlayServices` any time prior to calling the authentication / authorization methods and only call those if `checkPlayServices` is successful.

Some errors are user-resolvable (e.g. when Play Services are outdated or disabled) while other errors cannot be resolved (e.g. when the phone doesn't ship Play Services at all - which is the case with some device vendors).

Dialog screenshots

![prompt install](/assets/images/prompt-install-b928a962a8d2c0a416628bffd0c95448.png) ![prompt enable](/assets/images/prompt-enable-812fb1d8cb868511c8b8baccb13306e0.png)

* Apple: Play Services are an Android-only concept and are not needed on Apple. Hence, the method always resolves.
* Web: resolves when the Google Client Library [is loaded](/docs/setting-up/web.md), rejects otherwise.

Example of checkPlayServices() method

```ts
await GoogleOneTapSignIn.checkPlayServices();

```

***

##### `signOut`[​](#signout "Direct link to signout")

signature: () => `Promise`<`null`>

Signs out the current user. This disables the automatic sign-in.

Returns a `Promise` that resolves with `null` or rejects in case of error.

```ts
await GoogleOneTapSignIn.signOut();

```

***

##### `revokeAccess`[​](#revokeaccess "Direct link to revokeaccess")

signature: (`emailOrUniqueId`: `string`) => `Promise`<`null`>

Revokes access given to the current application and signs the user out. Use when a user deletes their account in your app. On the web, you need to provide the `id` or email of the user. On Android and Apple, the `emailOrUniqueId` parameter does not have any effect.

Returns a `Promise` that resolves with `null` or rejects in case of error.

```ts
await GoogleOneTapSignIn.revokeAccess(user.id);

```

***

##### `requestAuthorization`[​](#requestauthorization "Direct link to requestauthorization")

signature: (`params`: [`RequestAuthorizationParams`](/docs/api.md#requestauthorizationparams)) => `Promise`<[`AuthorizationResponse`](/docs/api.md#authorizationresponse)>

The underlying Android SDK separates authentication and authorization - that means that on Android you can request an access token and call Google APIs on behalf of the user without previously signing the user in.

This method is used to request extra authorization from the user. Use this on Android to obtain server-side access (offline access) to the user's data or for requesting an access token that has access to additional scopes.

| Platform | Behavior                                                                                                                                                                                                                                   |
| -------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ |
| Android  | Presents a modal that asks user for additional access to their Google account. Uses [AuthorizationRequest.Builder](https://developers.google.com/android/reference/com/google/android/gms/auth/api/identity/AuthorizationRequest.Builder). |
| Apple    | Calls [`addScopes`](/docs/original.md#addscopes). The resulting `accessToken` has access to the requested scopes. Use this if you want to read more user metadata than just the basic info.                                                |
| Web      | Not implemented at the moment.                                                                                                                                                                                                             |

UI screenshots

| Android                                | iOS                                 |
| -------------------------------------- | ----------------------------------- |
| ![](/img/onetap/authorize-android.jpg) | ![](/img/onetap/add-scopes-ios.png) |

***

##### `clearCachedAccessToken`[​](#clearcachedaccesstoken "Direct link to clearcachedaccesstoken")

signature: (`accessTokenString`: `string`) => `Promise`<`null`>

This method is only needed on Android. You may run into a `401 Unauthorized` error when an access token is invalid. Call this method to remove the token from local cache and then call `requestAuthorization()` to get a fresh access token. Calling this method on Apple does nothing and always resolves. This is because on Apple, `requestAuthorization()` always returns valid tokens, refreshing them first if they have expired or are about to expire (see [docs](https://developers.google.com/identity/sign-in/ios/reference/Classes/GIDGoogleUser#-refreshtokensifneededwithcompletion:)).

#### Automatic `webClientId` & `iosClientId` detection[​](#automatic-config "Direct link to automatic-config")

If you use Expo (with the config plugin and prebuild), or if you're using Firebase, you don't need to provide the `iosClientId` parameter to the `configure` method.

Additionally, this module can automatically detect the `webClientId` from Firebase's configuration file (does not work on web where you need to provide it explicitly).

This is useful if you're using Firebase and want to avoid manually setting the `webClientId` in your code, especially if you have multiple environments (e.g. staging, production).

To use this feature:

1. Add `WEB_CLIENT_ID` entry to the `GoogleService-Info.plist` file.

On Android, the `google-services.json` file already contains the web client ID information. Unfortunately, it's not the case on iOS, so we need to add it ourselves.

Open the `GoogleService-Info.plist` in your favorite text editor and add the following:

```xml
<key>WEB_CLIENT_ID</key>
<string>your-web-client-id.apps.googleusercontent.com</string>

```

2. pass `"autoDetect"` as the `webClientId` parameter.

tip

As explained above, `iosClientId` can also be detected automatically - simply do not pass any `iosClientId` value. The reason `webClientId` is a required parameter is API uniformity across all platforms.

***

#### Web support[​](#web-support "Direct link to Web support")

[Learn more](/docs/web-support.md).

---

### Original Google sign in

tip

To migrate to Universal sign in, follow [this guide](/docs/migrating.md#migrating-from-original-to-universal-sign-in).

This module exposes

* [Legacy Google Sign-In for Android](https://web.archive.org/web/20240308064911/https://developers.google.com/identity/sign-in/android/start-integrating). The underlying SDK is deprecated but remains functional.
* [Google Sign-In SDK](https://developers.google.com/identity/sign-in/ios/start) for iOS and macOS (macOS support is only available to [in the paid version](/docs/install.md#premium)).

imports example

```ts
import {
  GoogleSignin,
  GoogleSigninButton,
  statusCodes,
} from '@react-native-google-signin/google-signin';

```

##### `configure`[​](#configure "Direct link to configure")

signature: (`options`: [`ConfigureParams`](/docs/api.md#configureparams)) => `void`

It is mandatory to call this method before attempting to call `signIn()` and `signInSilently()`. This method is synchronous, meaning you can call `signIn` / `signInSilently` right after it. Typically, you would call `configure` only once, soon after your app starts. All parameters are optional.

Example usage with default options: you'll get user email and basic profile info.

```js
import { GoogleSignin } from '@react-native-google-signin/google-signin';

GoogleSignin.configure();

```

An *example* with all options enumerated:

```ts
GoogleSignin.configure({
  webClientId: '<FROM DEVELOPER CONSOLE>', // client ID of type WEB for your server. Required to get the `idToken` on the user object, and for offline access.
  scopes: [
    /* what APIs you want to access on behalf of the user, default is email and profile
    this is just an example, most likely you don't need this option at all! */
    'https://www.googleapis.com/auth/drive.readonly',
  ],
  offlineAccess: false, // if you want to access Google API on behalf of the user FROM YOUR SERVER
  hostedDomain: '', // specifies a hosted domain restriction
  forceCodeForRefreshToken: false, // [Android] related to `serverAuthCode`, read the docs link below *.
  accountName: '', // [Android] specifies an account name on the device that should be used
  iosClientId: '<FROM DEVELOPER CONSOLE>', // [iOS] if you want to specify the client ID of type iOS (otherwise, it is taken from GoogleService-Info.plist)
  googleServicePlistPath: '', // [iOS] if you renamed your GoogleService-Info file, new name here, e.g. "GoogleService-Info-Staging"
  openIdRealm: '', // [iOS] The OpenID2 realm of the home web server. This allows Google to include the user's OpenID Identifier in the OpenID Connect ID token.
  profileImageSize: 120, // [iOS] The desired height (and width) of the profile image. Defaults to 120px
});

```

\* [forceCodeForRefreshToken docs](https://developers.google.com/android/reference/com/google/android/gms/auth/api/signin/GoogleSignInOptions.Builder#public-googlesigninoptions.builder-requestserverauthcode-string-serverclientid,-boolean-forcecodeforrefreshtoken)

***

##### `signIn`[​](#signin "Direct link to signin")

signature: (`options`: [`SignInParams`](/docs/api.md#signinparams)) => `Promise`<[`SignInResponse`](/docs/api.md#signinresponse)>

Prompts a modal to let the user sign in into your application. Resolved promise returns an [`SignInResponse` object](/docs/api.md#signinresponse). Rejects with an error otherwise.

signIn example

```ts
// import statusCodes along with GoogleSignin
import {
  GoogleSignin,
  statusCodes,
} from '@react-native-google-signin/google-signin';

// Somewhere in your code
const signIn = async () => {
  try {
    await GoogleSignin.hasPlayServices();
    const response = await GoogleSignin.signIn();
    if (isSuccessResponse(response)) {
      setState({ userInfo: response.data });
    } else {
      // sign in was cancelled by user
    }
  } catch (error) {
    if (isErrorWithCode(error)) {
      switch (error.code) {
        case statusCodes.IN_PROGRESS:
          // operation (eg. sign in) already in progress
          break;
        case statusCodes.PLAY_SERVICES_NOT_AVAILABLE:
          // Android only, play services not available or outdated
          break;
        default:
        // some other error happened
      }
    } else {
      // an error that's not related to google sign in occurred
    }
  }
};

```

***

##### Utility Functions[​](#utility-functions "Direct link to Utility Functions")

tip

There are 4 helper functions available:

* [`isErrorWithCode`](/docs/errors.md#iserrorwithcodevalue) for processing errors
* [`isSuccessResponse`](/docs/api.md#issuccessresponse) for checking if a response represents a successful operation. Same as checking `response.type === 'success'`.
* [`isNoSavedCredentialFoundResponse`](/docs/api.md#isnosavedcredentialfoundresponse) for checking if a response represents no saved credentials case. Same as checking `response.type === 'noSavedCredentialFound'`.
* [`isCancelledResponse`](/docs/api.md#iscancelledresponse) for checking if a response represents user cancellation case. Same as checking `response.type === 'cancelled'`.

***

##### `addScopes`[​](#addscopes "Direct link to addscopes")

signature: (`options`: [`AddScopesParams`](/docs/api.md#addscopesparams)) => `Promise`<[`SignInResponse`](/docs/api.md#signinresponse) | `null`>

This method resolves with `SignInResponse` object or with `null` if no user is currently logged in.

You may not need this call: you can supply required scopes to the `configure` call. However, if you want to gain access to more scopes later, use this call.

Example:

```js
const response = await GoogleSignin.addScopes({
  scopes: ['https://www.googleapis.com/auth/user.gender.read'],
});

```

***

##### `signInSilently`[​](#signinsilently "Direct link to signinsilently")

signature: () => `Promise`<[`SignInSilentlyResponse`](/docs/api.md#signinsilentlyresponse)>

May be called e.g. after of your main component mounts. This method returns a `Promise` that resolves with the `SignInSilentlyResponse` object and rejects with an error otherwise.

To see how to handle errors read [`signIn()` method](#signin)

```ts
const getCurrentUser = async () => {
  try {
    const response = await GoogleSignin.signInSilently();
    if (isSuccessResponse(response)) {
      setState({ userInfo: response.data });
    } else if (isNoSavedCredentialFoundResponse(response)) {
      // user has not signed in yet, or they have revoked access
    }
  } catch (error) {
    // handle errror
  }
};

```

***

##### `hasPreviousSignIn`[​](#hasprevioussignin "Direct link to hasprevioussignin")

signature: () => `boolean`

This synchronous method may be used to find out whether some user previously signed in.

Note that `hasPreviousSignIn()` can return `true` but `getCurrentUser()` can return `null`, in which case you can call `signInSilently()` to recover the user. However, it may happen that calling `signInSilently()` rejects with an error (e.g. due to a network issue).

```js
const hasPreviousSignIn = async () => {
  const hasPreviousSignIn = GoogleSignin.hasPreviousSignIn();
  setState({ hasPreviousSignIn });
};

```

***

##### `getCurrentUser`[​](#getcurrentuser "Direct link to getcurrentuser")

signature: () => [`User`](/docs/api.md#user) | `null`

This is a synchronous method that returns `null` or `User` object of the currently signed-in user.

```js
const getCurrentUser = async () => {
  const currentUser = GoogleSignin.getCurrentUser();
  setState({ currentUser });
};

```

***

##### `clearCachedAccessToken`[​](#clearcachedaccesstoken "Direct link to clearcachedaccesstoken")

signature: (`accessTokenString`: `string`) => `Promise`<`null`>

This method only has an effect on Android. You may run into a `401 Unauthorized` error when a token is invalid. Call this method to remove the token from local cache and then call `getTokens()` to get fresh tokens. Calling this method on iOS does nothing and always resolves. This is because on iOS, `getTokens()` always returns valid tokens, refreshing them first if they have expired or are about to expire (see [docs](https://developers.google.com/identity/sign-in/ios/reference/Classes/GIDGoogleUser#-refreshtokensifneededwithcompletion:)).

***

##### `getTokens`[​](#gettokens "Direct link to gettokens")

signature: () => `Promise`<[`GetTokensResponse`](/docs/api.md#gettokensresponse)>

Resolves with an object containing `{ idToken: string, accessToken: string, }` or rejects with an error. Note that using `accessToken` for identity assertion on your backend server is [discouraged](https://developers.google.com/identity/sign-in/android/migration-guide).

***

##### `signOut`[​](#signout "Direct link to signout")

signature: () => `Promise`<`null`>

Signs out the current user.

```js
const signOut = async () => {
  try {
    await GoogleSignin.signOut();
    setState({ user: null }); // Remember to remove the user from your app's state as well
  } catch (error) {
    console.error(error);
  }
};

```

***

##### `revokeAccess`[​](#revokeaccess "Direct link to revokeaccess")

signature: () => `Promise`<`null`>

Removes your application from the user authorized applications. Read more about it [here](https://developers.google.com/identity/sign-in/ios/disconnect#objective-c) and [here](https://developers.google.com/android/reference/com/google/android/gms/auth/api/signin/GoogleSignInClient#revokeAccess\(\)).

```js
const revokeAccess = async () => {
  try {
    await GoogleSignin.revokeAccess();
    // Google Account disconnected from your app.
    // Perform clean-up actions, such as deleting data associated with the disconnected account.
  } catch (error) {
    console.error(error);
  }
};

```

***

##### `hasPlayServices`[​](#hasplayservices "Direct link to hasplayservices")

signature: (`options`: [`HasPlayServicesParams`](/docs/api.md#hasplayservicesparams)) => `Promise`<`boolean`>

Checks if device has Google Play Services installed. Always resolves to true on iOS.

Presence of up-to-date Google Play Services is required to show the sign in modal, but it is *not* required to perform calls to `configure` and `signInSilently`. Therefore, we recommend to call `hasPlayServices` directly before `signIn`.

```js
try {
  await GoogleSignin.hasPlayServices({ showPlayServicesUpdateDialog: true });
  // google services are available
} catch (err) {
  console.error('play services are not available');
}

```

`hasPlayServices` accepts one parameter, an object which contains a single key: `showPlayServicesUpdateDialog` (defaults to `true`). When `showPlayServicesUpdateDialog` is set to true the library prompts the user to take action to solve the issue, as seen in the figure below.

You may also use this call at any time to find out if Google Play Services are available and react to the result as necessary.

![prompt install](/assets/images/prompt-install-b928a962a8d2c0a416628bffd0c95448.png)

---

## Guides

### Error handling

When catching and handling errors thrown by the library, it's strongly recommended not to immediately present them using the [`Alert` module](https://reactnative.dev/docs/alert). This is because on Android, when transitioning from the Google Sign-In flow to your app, the current [Activity](https://developer.android.com/reference/android/app/Activity) may be `null` which would cause the alert call to be a noop. You can work around this by presenting the alert after a delay, or handling the error differently.

##### `isErrorWithCode(value)`[​](#iserrorwithcodevalue "Direct link to iserrorwithcodevalue")

TypeScript helper to check if the passed parameter is an instance of `Error` which has the `code` property. All errors thrown by this library have the `code` property, which contains a value from [`statusCodes`](#status-codes) or some other string for the less-usual errors.

`isErrorWithCode` can be used to avoid `as` casting when you want to access the `code` property on errors returned by the module.

```ts
import {
  isErrorWithCode,
  GoogleSignin,
} from '@react-native-google-signin/google-signin';

try {
  const userInfo = await GoogleSignin.signIn();
  // do something with userInfo
} catch (error) {
  if (isErrorWithCode(error)) {
    // here you can safely read `error.code` and TypeScript will know that it has a value
  } else {
    // this error does not have a `code`, and does not come from the Google Sign in module
  }
}

```

##### Status Codes[​](#status-codes "Direct link to Status Codes")

```ts
import { statusCodes } from '@react-native-google-signin/google-signin';

```

Status codes are useful when determining which kind of error has occurred during the sign-in process. Under the hood, these constants are derived from native error codes and are platform-specific. Always compare `error.code` to `statusCodes.*` and do not rely on the raw value of `error.code`.

See [example usage](/docs/one-tap.md#signin).

| Name                          | Description                                                                                                                                                                                                                                                                                                                                                             |
| ----------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
| `IN_PROGRESS`                 | Trying to invoke another operation (e.g. `signInSilently`) when previous one has not yet finished. If you call e.g. `signInSilently` twice, two calls to `signInSilently` in the native module are done. The promise from the first call to `signInSilently` will be rejected with this error, and the second will resolve / reject with the result of the native call. |
| `PLAY_SERVICES_NOT_AVAILABLE` | Play services are not available or outdated. This happens on Android, or on the web when you're calling the exposed APIs [before the Client library is loaded](/docs/setting-up/web.md).                                                                                                                                                                                |
| `NULL_PRESENTER`              | Happens in the unlikely situation when the `Activity` (on Android) or `UIViewController` (on iOS) for presenting the sign in UI isn't available.                                                                                                                                                                                                                        |

See [example usage](/docs/one-tap.md#signin).

---

### Migration guides

There are 2 migrations described here: from Original to Universal Sign In and from the old JS API to the new JS API.

#### Migrating from Original to Universal Sign In[​](#migrating-from-original-to-universal-sign-in "Direct link to Migrating from Original to Universal Sign In")

Migrating from Original to Universal module is mostly about changing the method names: the table summarizes the mapping from Original module's calls to the Universal (OneTap) module's calls:

| Original Method          | Universal (OneTap) Method              | Notes                                                                                                                                                                                                                                            |
| ------------------------ | -------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ |
| `configure`              | `configure`                            | Same functionality.                                                                                                                                                                                                                              |
| `signInSilently`         | `signIn`                               | Universal's `signIn` attempts sign in without user interaction.                                                                                                                                                                                  |
| `signIn`                 | `createAccount`                        | Universal's `createAccount` is for first-time sign in (but can be used for existing users too).                                                                                                                                                  |
| `addScopes`              | `requestAuthorization`                 | Similar functionality, different parameters. On Android, you can call `requestAuthorization` without being signed in!                                                                                                                            |
| `hasPlayServices`        | `checkPlayServices`                    | Same functionality, different name.                                                                                                                                                                                                              |
| `getCurrentUser`         | Use `signIn` response                  | Manage the current user state yourself, or through libraries like [Firebase Auth](https://rnfirebase.io/auth/usage#listening-to-authentication-state) or [Supabase Auth](https://supabase.com/docs/reference/javascript/auth-onauthstatechange). |
| `getTokens`              | Use `signIn` or `requestAuthorization` | Tokens are included in the response object.                                                                                                                                                                                                      |
| `signOut`                | `signOut`                              |                                                                                                                                                                                                                                                  |
| `revokeAccess`           | `revokeAccess`                         | Universal requires email/id parameter on web.                                                                                                                                                                                                    |
| `hasPreviousSignIn`      | Use `signIn` response                  | Check for `noSavedCredentialFound` response type.                                                                                                                                                                                                |
| `clearCachedAccessToken` | `clearCachedAccessToken`               | Same functionality.                                                                                                                                                                                                                              |

***

#### Migrating to the new JS API[​](#migrating-to-the-new-js-api "Direct link to Migrating to the new JS API")

Version 13 introduced a new JS API, which changes some method response signatures and makes minor changes to error handling (details [here](https://github.com/react-native-google-signin/google-signin/pull/1326)). If you're upgrading from version 12 or earlier, you'll need to make some minor adjustments.

##### Universal Sign In[​](#universal-sign-in "Direct link to Universal Sign In")

1. Add the [`configure`](/docs/one-tap.md#configure) method to your code. This method is required to be called to configure the module.

2. Change the `signIn`, `createAccount`, `presentExplicitSignIn`, and `requestAuthorization` methods to use the new apis: That means that the data you previously accessed directly on `userInfo` (see below - for example `userInfo.name`) will now be nested in `userInfo.data` (e.g. `userInfo.data.name`). See [`OneTapResponse` type](/docs/api.md#onetapresponse):

```diff
const signIn = async () => {
  try {
-    const userInfo = await GoogleOneTapSignIn.signIn({
-      webClientId: `autoDetect`, // works only if you use Firebase
-      iosClientId: config.iosClientId, // only needed if you're not using Firebase
-    });
-    setState({ userInfo }); // use e.g. `userInfo.name`
+    const response = await GoogleOneTapSignIn.signIn();
+
+    if (response.type === 'success') {
+      setState({ userInfo: response.data });
+    } else if (response.type === 'noSavedCredentialFound') {
+      // Android and Apple only. No saved credential found, call `createAccount`
+    }

  } catch (error) {
    if (isErrorWithCode(error)) {
      switch (error.code) {
-        case statusCodes.NO_SAVED_CREDENTIAL_FOUND:
-          // Android and Apple only. No saved credential found, call `createAccount`
-          break;
-        case statusCodes.SIGN_IN_CANCELLED:
-          // sign in was cancelled
-          break;
        case statusCodes.ONE_TAP_START_FAILED:
          // Android-only, you probably have hit rate limiting.
          // On Android, you can still call `presentExplicitSignIn` in this case.
          break;
        case statusCodes.PLAY_SERVICES_NOT_AVAILABLE:
          // Android-only: play services not available or outdated
          // Web: when calling an unimplemented api (requestAuthorization)
          break;
        default:
        // something else happened
      }
    } else {
      // an error that's not related to google sign in occurred
    }
  }
};

```

3. If requesting offline access in `requestAuthorization` on Android, add `enabled: true`:

```diff
await GoogleOneTapSignIn.requestAuthorization({
  offlineAccess: {
+      enabled: true,
  },
});

```

##### Original Sign In[​](#original-sign-in "Direct link to Original Sign In")

1. Follow step 2. from above for `signIn`, `addScopes` and `signInSilently` methods.
2. remove `SIGN_IN_REQUIRED` mentions. This case is now handled with [`NoSavedCredentialFound`](/docs/api.md#nosavedcredentialfound) object:

```diff
const getCurrentUserInfo = async () => {
  try {
    const response = await GoogleSignin.signInSilently();
+    if (isSuccessResponse(response)) {
+        setState({ userInfo: response.data })
+    } else if (isNoSavedCredentialFoundResponse(response)) {
+        // user has not signed in yet
+    }
-    setState({ userInfo: response });
  } catch (error) {
-    if (error.code === statusCodes.SIGN_IN_REQUIRED) {
-      // user has not signed in yet
-    } else {
-      // some other error
-    }
  }
};

```

---

### Advanced security

tip

The functionality covered in this page is available in the licensed version. [You can get a license here](https://universal-sign-in.com/#pricing) ⭐️.

There are 2 security-related features available:

1. [Custom nonce (on all platforms)](#custom-nonce)
2. [App Check for iOS](#appcheck)

#### Custom nonce[​](#custom-nonce "Direct link to Custom nonce")

[Nonce](https://en.wikipedia.org/wiki/Cryptographic_nonce) (number used once) is a security measure used to mitigate replay attacks and to associate a Client session with an ID Token.

The authentication APIs in [Universal Sign-In](/docs/one-tap.md) for Apple, Android and web allow you to specify nonce. On native platforms, if it's not specified, a cryptographically random value is generated internally.

Example usage:

```ts
const response = await GoogleOneTapSignIn.createAccount({
  nonce: getUrlSafeNonce(),
});

```

`getUrlSafeNonce()` generates a URL-safe nonce. It can be implemented using `expo-crypto` or `react-native-get-random-values`:

* expo-crypto
* react-native-get-random-values

```ts
import * as Crypto from 'expo-crypto';

export function getUrlSafeNonce(byteLength = 32) {
  if (byteLength < 1) {
    throw new Error('Byte length must be positive');
  }

  const randomBytes = Crypto.getRandomValues(new Uint8Array(byteLength));
  return btoa(String.fromCharCode(...randomBytes))
    .replace(/\+/g, '-')
    .replace(/\//g, '_')
    .replace(/[=]/g, '');
}

```

```ts
import 'react-native-get-random-values';

export function getUrlSafeNonce(byteLength = 32) {
  if (byteLength < 1) {
    throw new Error('Byte length must be positive');
  }

  const randomBytes = crypto.getRandomValues(new Uint8Array(byteLength));
  return btoa(String.fromCharCode(...randomBytes))
    .replace(/\+/g, '-')
    .replace(/\//g, '_')
    .replace(/[=]/g, '');
}

```

##### Usage with Supabase[​](#usage-with-supabase "Direct link to Usage with Supabase")

Auth providers such as [Supabase](https://supabase.com/docs/reference/javascript/auth-signinwithidtoken) require passing SHA-256 hash (digest) of the nonce ([source](https://github.com/supabase/auth-js/blob/dfb40d24188f7e8b0d34e51ded15582086250c51/src/lib/types.ts#L612)). This can be done as follows:

* expo-crypto
* react-native-quick-crypto

```ts
import { digestStringAsync, CryptoDigestAlgorithm } from 'expo-crypto';

export const getNonce = async () => {
  // `rawNonce` goes to Supabase's signInWithIdToken().
  // Supabase makes a hash of `rawNonce` and compares it with the `nonceDigest`
  // which is included in the ID token from RN-google-signin.
  const rawNonce = getUrlSafeNonce();
  // `nonceDigest` (SHA-256 hash, hex-encoded) goes to the `nonce` parameter in RN-google-signin APIs
  const nonceDigest = await digestStringAsync(
    CryptoDigestAlgorithm.SHA256,
    rawNonce,
  );
  return { rawNonce, nonceDigest };
};

```

```ts
import QuickCrypto from 'react-native-quick-crypto';

const getNonce = () => {
  // `rawNonce` goes to Supabase's signInWithIdToken().
  // Supabase makes a hash of `rawNonce` and compares it with the `nonceDigest`
  // which is included in the ID token from RN-google-signin.
  const rawNonce = getUrlSafeNonce();
  // `nonceDigest` (SHA-256 hash, hex-encoded) goes to the `nonce` parameter in RN-google-signin APIs
  const nonceDigest = QuickCrypto.createHash('sha256')
    .update(rawNonce)
    .digest('hex');
  return { rawNonce, nonceDigest };
};

```

#### App Check for iOS (advanced)[​](#appcheck "Direct link to App Check for iOS (advanced)")

App Check helps protect your apps from abuse by preventing unauthorized clients from authenticating using Google Sign-in: only the apps you've authorized can acquire access tokens and ID tokens from Google's OAuth 2.0 and OpenID Connect endpoint.

[Read more about App Check](https://developers.google.com/identity/sign-in/ios/appcheck) to understand it.

##### Setup[​](#setup "Direct link to Setup")

To set up App Check:

1. Set up Google API Console / Firebase console by following ["1. Set up your project"](https://developers.google.com/identity/sign-in/ios/appcheck/get-started#project-setup). Do not follow step 2.

2. Add **App Attest** capability to your app (as in [here](https://developers.google.com/identity/sign-in/ios/appcheck/get-started#install-sdk)). If you're using Expo, the capability can be added according to the [iOS capabilities documentation](https://docs.expo.dev/build-reference/ios-capabilities/).

3. (skip if you use Expo): Ensure that `GIDClientID` (the iOS client ID) is set in your `Info.plist`. Expo config plugin does this for you.

##### Usage[​](#usage "Direct link to Usage")

Call `GoogleOneTapSignIn.enableAppCheck()` as shown below. Do this early, before invoking any authentication apis. The call either resolves when it succeeds or rejects with an error. On platforms other than iOS, the method is a no-op and resolves.

* Production environment
* Debug provider (recommended)
* Debug provider (alternative)

```ts
await GoogleOneTapSignIn.enableAppCheck();

```

Use `APP_CHECK_API_KEY` [env variable in Xcode](https://stackoverflow.com/a/76212610/2070942) to configure the [debug provider](https://developers.google.com/identity/sign-in/ios/appcheck/debug-provider) with the API key. Then call:

```ts
await GoogleOneTapSignIn.enableAppCheck();

```

danger

API keys and debug tokens are sensitive data. Keep them private.

Configure the [debug provider](https://developers.google.com/identity/sign-in/ios/appcheck/debug-provider) with the API key:

```ts
await GoogleOneTapSignIn.enableAppCheck({
  debugProviderAPIKey: config.apiKey,
});

```

danger

API keys and debug tokens are sensitive data. Keep them private.

##### Enable App Check enforcement[​](#enable-app-check-enforcement "Direct link to Enable App Check enforcement")

Read the [official documentation](https://developers.google.com/identity/sign-in/ios/appcheck/enable-enforcement) to understand how to enforce App Check.

---

### Testing

#### Setting up the mock[​](#setting-up-the-mock "Direct link to Setting up the mock")

If you want to write JS-level tests that depend on Google Sign In, you need to mock the functionality of the native module - this is because the native code cannot run in Node.js environment.

This library ships with a Jest mock that you can add to the `setupFiles` array in your Jest config.

By default, the mock behaves as if the calls were successful and returns mock user data.

jest.config.js|ts|mjs|cjs|json

```json
{
  "setupFiles": [
    "./node_modules/@react-native-google-signin/google-signin/jest/build/jest/setup.js"
  ]
}

```

#### Writing tests[​](#writing-tests "Direct link to Writing tests")

You can use [`@testing-library/react-native`](https://callstack.github.io/react-native-testing-library/) to write tests for React components that use React Native Google Sign In. Minimal example (make sure to [set up the mock](#setting-up-the-mock) first):

App.test.js

```jsx
import {
  GoogleOneTapSignIn,
  OneTapResponse,
} from '@react-native-google-signin/google-signin';
import * as React from 'react';
import { render, screen, fireEvent } from '@testing-library/react-native';
import { Button, Text } from 'react-native';
import { useState } from 'react';

function GoogleSignInComponent() {
  const [userInfo, setUserInfo] = useState<OneTapResponse | undefined>();

  return (
    <>
      <Button
        title="Sign in with Google"
        onPress={async () => {
          GoogleOneTapSignIn.configure({
            webClientId: 'autoDetect',
          });
          const userInfo = await GoogleOneTapSignIn.signIn();
          setUserInfo(userInfo);
        }}
      />
      {userInfo && <Text>{userInfo.data?.user.name}</Text>}
    </>
  );
}

it('GoogleSignInComponent should display user name after signing in', async () => {
  // Render the component
  render(<GoogleSignInComponent />);

  const expectedUserName = 'mockFullName';
  // Verify user name is not displayed initially
  expect(screen.queryByText(expectedUserName)).toBeNull();

  // Find and press the sign-in button
  const signInButton = screen.getByText('Sign in with Google');
  fireEvent.press(signInButton);

  // verify the user name is displayed
  const userName = await screen.findByText(expectedUserName);
  expect(userName).toBeTruthy();
});

```

---

### Web support

The web implementation doesn't depend on React Native (or React Native Web). That means you can use it even with regular web apps created with NextJS, Vite and etc.

tip

The functionality covered in this page is available in the licensed version. [You can get a license here](https://universal-sign-in.com/#pricing) ⭐️.

Providing a unified API across all platforms is a bit more tricky than it may seem. The web experience is different from the mobile one, and so are the underlying Google's APIs.

On the web, the `signIn` and `createAccount` functions are not `Promise`-based but callback-based as seen below. That means they return `void` and you need to provide callbacks for success and error handling. Even so, the argument and result types are the same as for native, allowing to reuse the logic for both success and error handling across all platforms.

info

The reason for callback-based apis rather than promise-based is that it's possible to get into an "error" state (when one-tap is not available) and later get a successful sign in from the button flow. Because of how the Google Sign In for web SDK is done, modeling this with a promise-based api is not possible.

#### Setup[​](#setup "Direct link to Setup")

See [here](/docs/setting-up/web.md).

#### Usage[​](#usage "Direct link to Usage")

To implement web support, follow these two steps:

1. Call `GoogleOneTapSignIn.signIn` upon page load. This attempts to present the One-tap UI. It also sets up a listener for authentication events and calls the `onSuccess` callback when the user signs in (either with the One-tap flow or the Sign-In button).

If you do not want to present the one-tap UI, pass `skipPrompt: true` in the [`OneTapSignInParams`](/docs/api.md#onetapsigninparams) object. This only sets up the listener for authentication events, and then relies on the user signing in via the `WebGoogleSigninButton`.

warning

You should display the One Tap UI on page load or other window events, instead of it being displayed by a user action (e.g. a button press). Otherwise, you may get a broken UX. Users may not see any UI after a user action, due to [globally opt-out](https://developers.google.com/identity/gsi/web/guides/features#globally_opt_out), [cool-down](https://developers.google.com/identity/gsi/web/guides/features#exponential_cooldown), or no Google session.

```ts
useEffect(() => {
  GoogleOneTapSignIn.configure({
    webClientId,
    iosClientId: config.iosClientId,
  });
  if (Platform.OS === 'web') {
    GoogleOneTapSignIn.signIn(
      {
        ux_mode: 'popup',
      },
      {
        onResponse: (response) => {
          if (response.type === 'success') {
            console.log(response.data);
          }
        },
        onError: (error) => {
          // handle error
        },
        momentListener: (moment) => {
          console.log('moment', moment);
        },
      },
    );
  }
}, []);

```

Optionally, you can provide a `momentListener` callback function. The callback is called when important events take place. [See reference.](https://developers.google.com/identity/gsi/web/reference/js-reference#PromptMomentNotification)

2. Render the [`WebGoogleSigninButton`](/docs/buttons/web.md) component

One-tap UI may not always be available: This happens if you disable it ([`skipPrompt`](/docs/api.md#onetapsigninparams)), when user has [opted out](https://developers.google.com/identity/gsi/web/guides/features#globally_opt_out) or when they cancel the prompt several times in a row, entering the [cooldown period](https://developers.google.com/identity/gsi/web/guides/features#exponential_cooldown).

`WebGoogleSigninButton` serves as a fallback. Tapping it opens the regular Google Sign-In dialog (or redirect, based on `ux_mode` param). When user signs in, the `onResponse` callback is called.

#### Methods[​](#methods "Direct link to Methods")

The methods on the web are the same as on native — see [here](/docs/one-tap.md#methods) for their docs.

---

## Help

### Configuration Doctor

tip

The functionality covered in this page is available in the licensed version. [You can get a license here](https://universal-sign-in.com/#pricing) ⭐️.

A command-line tool designed to help with Android signing configuration issues and quickly resolve the infamous `DEVELOPER_ERROR`, or potentially [other errors](#when-to-use) too.

#### Why[​](#why "Direct link to Why")

To save time. Developers sometimes waste hours or even days tracking down the [errors](#when-to-use).

This tool gives you the SHA-1 fingerprints that need to be added to your Google project configuration to resolve the error.

#### Usage[​](#usage "Direct link to Usage")

The tool can extract SHA-1 fingerprints directly from a device/emulator with your app installed, or from an APK file.

Run the command as shown below and follow the instructions.

```bash
# Usage with device/emulator
npx @react-native-google-signin/config-doctor --package-name com.yourapp.name

# Usage with an APK file
npx @react-native-google-signin/config-doctor --apk-path ./app-release.apk

```

##### Arguments[​](#arguments "Direct link to Arguments")

* `--package-name` (optional): Your Android app's package name. If provided, the tool extracts the APK from a connected device/emulator.
* `--apk-path` (optional): Path to an APK file.

#### When to use[​](#when-to-use "Direct link to When to use")

When getting `DEVELOPER_ERROR`, unexpected [`cancelled`](https://issuetracker.google.com/issues/424210681) or even `GetCredentialProviderConfigurationException` during Sign-In. You can run into these errors:

* When setting up Google Sign-In for the first time
* After downloading your app from Play Store
* When switching between debug and release builds

##### Example Output[​](#example-output "Direct link to Example Output")

```text
✔ Application package name: com.some.app.android

🔍 Found the following SHA-1 certificate fingerprints:

A1:B2:C3:D4:E5:F6:G7:H8:I9:J0:K1:L2:M3:N4:O5:P6:Q7:R8:S9:T0

Next steps:
...

```

#### Requirements[​](#requirements "Direct link to Requirements")

* Active license (get access at [universal-sign-in.com](https://universal-sign-in.com))
* Android device/emulator with your app installed, OR a built APK file

#### Related Documentation[​](#related-documentation "Direct link to Related Documentation")

* [Collecting configuration information](/docs/setting-up/get-config-file.md)

---

### FAQ / Troubleshooting

#### Android[​](#android "Direct link to Android")

##### Sign in result is `cancelled` even though the user did not cancel the flow[​](#unexpected_cancelled "Direct link to unexpected_cancelled")

You may be hitting an [error in the Android SDK](https://issuetracker.google.com/issues/424210681). This error is usually observed with `presentExplicitSignIn`. Follow the [`DEVELOPER_ERROR paragraph`](#developer_error) to resolve it.

##### Login does not work when downloading from the Play Store.[​](#login-does-not-work-when-downloading-from-the-play-store "Direct link to Login does not work when downloading from the Play Store.")

See [`DEVELOPER_ERROR` paragraph](#developer_error).

##### `DEVELOPER_ERROR` or `code: 10` or `Developer console is not set up correctly` error message[​](#developer_error "Direct link to developer_error")

This is always (! *absolutely always* !) a configuration mismatch between your app and the server-side setup (in Firebase or Google Cloud console).

Firstly, if you are using Firebase Auth, verify Google is enabled as a Sign-in method in Firebase Console (Build -> Authentication -> Sign-in method).

Then: if you have the APK (on your phone, or computer) that gives this error, we recommend to run the [Configuration Doctor](/docs/config-doctor.md) and follow its instructions:

```bash
npx @react-native-google-signin/config-doctor

```

Otherwise:

* Follow the [setup guide](/docs/setting-up/get-config-file.md) and perform its steps once again.
* If you're passing `webClientId` in the configuration object to `GoogleSignin.configure()`, make sure it's correct and that it is of type web (NOT Android!). You can get your `webClientId` from [Google Developer Console](https://console.developers.google.com/apis/credentials). It is listed under "OAuth 2.0 client IDs".
* [Search the issue tracker](https://github.com/react-native-google-signin/google-signin/issues?q=is%3Aissue+DEVELOPER+ERROR+is%3Aclosed) for old reports of the error.

##### Login does not work when using Internal App Sharing.[​](#login-does-not-work-when-using-internal-app-sharing "Direct link to Login does not work when using Internal App Sharing.")

If you get a `DEVELOPER_ERROR` when using Internal App Sharing, it is because Google resigns your application with its own key.

See [`DEVELOPER_ERROR` paragraph](#developer_error).

##### "A non-recoverable sign in failure occurred"[​](#a-non-recoverable-sign-in-failure-occurred "Direct link to \"A non-recoverable sign in failure occurred\"")

See [this comment](https://github.com/react-native-community/google-signin/issues/659#issuecomment-513555464). Or [this SO question](https://stackoverflow.com/questions/53816227/google-signin-sdk-is-failing-by-throwing-error-a-non-recoverable-sign-in-failur).

##### Package name !== application id[​](#package-name--application-id "Direct link to Package name !== application id")

When adding a new oauth client, google asks you to add your package name. In some cases your package name is not equal to your application id. Check if your package name in the `AndroidManifest.xml` is the same as your application/bundle id. Find your application id in the play console or `android/app/build.gradle`. The format looks like `com.yourapp.id`.

#### iOS[​](#ios "Direct link to iOS")

##### Sign in result is `cancelled` even though the user did not cancel the flow[​](#sign-in-result-is-cancelled-even-though-the-user-did-not-cancel-the-flow "Direct link to sign-in-result-is-cancelled-even-though-the-user-did-not-cancel-the-flow")

Make sure you're not presenting the sign-in flow while a modal (e.g. with a loading indicator) is already presented.

##### The app crashes when tapping the Sign In button[​](#the-app-crashes-when-tapping-the-sign-in-button "Direct link to The app crashes when tapping the Sign In button")

Along with "Your app is missing support for the following URL schemes" error in Xcode console.

Your `Url Schemes` configuration is incorrect.

If you use Expo, verify that the [config plugin](/docs/setting-up/expo.md#add-config-plugin) is configured correctly.

In vanilla React Native projects, add URL type [like this](https://react-native-google-signin.github.io/docs/setting-up/ios#xcode-configuration).

---