Google Sign-In JavaScript client reference

This reference describes the JavaScript client methods and attributes you will use to implement Google Sign-In in your web applications.

Auth setup

gapi.auth2.init(params)

Initializes the GoogleAuth object. You must call this method before calling gapi.auth2.GoogleAuth's methods.

When you initialize the GoogleAuth object, you configure the object with your OAuth 2.0 client ID and any additional options you want to specify. Then, if the user has already signed in, the GoogleAuth object restores the user's sign-in state from the previous session.

Arguments
params An object containing key-value pairs of client configuration data. For example:
{
client_id: 'CLIENT_ID.apps.googleusercontent.com'
// Additional optional params
}
You can specify the following parameters:
Parameters
client_id The app's client ID, found and created in the Google Developers Console.
cookie_policy The domains for which to create sign-in cookies. Either a URI, single_host_origin, or none. Defaults to single_host_origin if unspecified.
scope The scopes to request, as a space-delimited string. Optional if fetch_basic_profile is not set to false.
fetch_basic_profile Fetch users' basic profile information when they sign in. Adds 'profile' and 'email' to the requested scopes. True if unspecified.
hosted_domain The G Suite domain to which users must belong to sign in. This is susceptible to modification by clients, so be sure to verify the hosted domain property of the returned user. Use GoogleUser.getHostedDomain() on the client, and the hd claim in the ID Token on the server to verify the domain is what you expected. Optional.
openid_realm Used only for OpenID 2.0 client migration. Set to the value of the realm that you are currently using for OpenID 2.0, as described in OpenID 2.0 (Migration).
Returns
gapi.auth2.GoogleAuth The gapi.auth2.GoogleAuth object. Use the then() method to get a Promise that is resolved when the gapi.auth2.GoogleAuth object finishes initializing.

GoogleAuth.then(onInit)

Calls the onInit function when the GoogleAuth object is fully initialized.

Arguments
onInit() The function to call when the GoogleAuth object is fully initialized.
Returns
Promise A Promise that is fulfilled when the onInit function has completed.

Authentication

GoogleAuth is a singleton class that provides methods to allow the user to sign in with a Google account, get the user's current sign-in status, get specific data from the user's Google profile, request additional scopes, and sign out from the current account.

gapi.auth2.getAuthInstance()

Returns the GoogleAuth object. You must initialize the GoogleAuth object with gapi.auth2.init() before calling this method.

Returns
gapi.auth2.GoogleAuth The gapi.auth2.GoogleAuth object. Use this object to call gapi.auth2.GoogleAuth's methods.

GoogleAuth.isSignedIn.get()

Returns whether the current user is currently signed in.

Returns
Boolean true if the user is signed in, or false if the user is signed out or the GoogleAuth object isn't initialized.

GoogleAuth.isSignedIn.listen(listener)

Listen for changes in the current user's sign-in state.

Arguments
listener A function that takes a boolean value. listen() passes true to this function when the user signs in, and false when the user signs out.

GoogleAuth.signIn()

Signs in the user with the options specified to gapi.auth2.init().

Returns
Promise A Promise that is fulfilled when the user successfully authenticates and grants the requested scopes.

GoogleAuth.signIn(options)

Signs in the user using the specified options.

Arguments
options Either:
  • An object containing key-value pairs of sign-in parameters. For example:
    {
      'scope': 'profile email'
    }
    You can specify the following parameters:
    Parameters
    app_package_name The package name of the Android app to install over the air. See Android app installs from your web site. Optional.
    fetch_basic_profile Fetch users' basic profile information when they sign in. Adds 'profile' and 'email' to the requested scopes. Optional. True if unspecified.
    prompt Specifies whether to prompt the user for re-authentication. See OpenID Connect Request Parameters. Optional.
    scope The scopes to request, as a space-delimited string. Optional if fetch_basic_profile is not set to false.
  • An instance of gapi.auth2.SigninOptionsBuilder. For example:
    options = new gapi.auth2.SigninOptionsBuilder();
    options.setAppPackageName('com.example.app');
    options.setFetchBasicProfile(True);
    options.setPrompt('select_account');
    options.setScope('profile').setScope('email');
Returns
Promise A Promise that is fulfilled when the user successfully authenticates and grants the requested scopes.

GoogleAuth.signOut()

Signs out the current account from the application.

Returns
Promise A Promise that is fulfilled when the user has been signed out.

GoogleAuth.disconnect()

Revokes all of the scopes that the user granted.

GoogleAuth.grantOfflineAccess(options)

Get permission from the user to access the specified scopes offline.

Arguments
options An object containing key-value pairs of parameters. For example:
{
  'scope': 'profile email',
  'redirect_uri': 'http://myownpersonaldomain.com/code'
}
The scopes that you specify here are requested in addition to the scopes specified to gapi.auth2.init(). In the redirect_uri field, you can either specify the URI of your server's authorization code handler or the string postmessage, in which case the authorization code is encapsulated in the Promise that is returned.
Returns
Promise A Promise that is fulfilled when the user grants the requested scopes. If you specified postmessage, the Promise passes an object containing the authorization code to the Promise's fulfillment handler. For example:
auth2.grantOfflineAccess({'redirect_uri': 'postmessage'}).then(function(resp) {
  var auth_code = resp.code;
});

GoogleAuth.attachClickHandler(container, options, onsuccess, onfailure)

Attaches the sign-in flow to the specified container's click handler.

Arguments
container The ID of, or a reference to, the div element to which to attach the click handler.
options An object containing key-value pairs of parameters. See GoogleAuth.signIn().
onsuccess The function to call after sign-in completes.
onfailure The function to call if sign-in fails.

Users

A GoogleUser object represents one user account. GoogleUser objects are typically obtained by calling GoogleAuth.currentUser.get().

GoogleAuth.currentUser.get()

Returns a GoogleUser object that represents the current user. Note that in a newly-initialized GoogleAuth instance, the current user has not been set. Use the currentUser.listen() method or the GoogleAuth.then() to get an initialized GoogleAuth instance.

Returns
GoogleUser The current user

GoogleAuth.currentUser.listen(listener)

Listen for changes in currentUser.
Arguments
listener A function that takes a GoogleUser parameter. listen passes this function a GoogleUser instance on every change that modifies currentUser.

GoogleUser.getId()

Get the user's unique ID string.

Returns
String The user's unique ID

GoogleUser.isSignedIn()

Returns true if the user is signed in.

Returns
Boolean True if the user is signed in

GoogleUser.getHostedDomain()

Get the user's G Suite domain if the user signed in with a G Suite account.

Returns
String The user's G Suite domain

GoogleUser.getGrantedScopes()

Get the scopes that the user granted as a space-delimited string.

Returns
String The scopes granted by the user

GoogleUser.getBasicProfile()

Get the user's basic profile information.

Returns
gapi.auth2.BasicProfile You can retrieve the properties of gapi.auth2.BasicProfile with the following methods:
  • BasicProfile.getId()
  • BasicProfile.getName()
  • BasicProfile.getGivenName()
  • BasicProfile.getFamilyName()
  • BasicProfile.getImageUrl()
  • BasicProfile.getEmail()

GoogleUser.getAuthResponse()

Get the response object from the user's auth session.

Returns
gapi.auth2.AuthResponse An AuthResponse object has the following properties:
  • access_token (string)
  • id_token (string)
  • login_hint (string)
  • scope (string)
  • expires_in (string)
  • first_issued_at (string)
  • expires_at (string)

GoogleUser.reloadAuthResponse()

Forces a refresh of the access token, and then returns a Promise for the new AuthResponse.

Returns
Promise A Promise that is fulfilled with the reloaded AuthResponse when reloading the OAuth token is done.

GoogleUser.hasGrantedScopes(scopes)

Returns true if the user granted the specified scopes.

Arguments
scopes A space-delimited string of scopes.
Returns
Boolean True if the scopes were granted

GoogleUser.grant(options)

See GoogleUser.signIn().

GoogleUser.grantOfflineAccess(scopes)

Get permission from the user to access the specified scopes offline. When you use GoogleUser.grantOfflineAccess(), the sign-in flow skips the account chooser step.

See GoogleUser.grantOfflineAccess().

GoogleUser.disconnect()

Revokes all of the scopes that the user granted.

UI elements

gapi.signin2.render(id, options)

Renders a sign-in button in the element with the given ID, using the settings specified by the options object.

Arguments
id The ID of the element in which to render the sign-in button.
options An object containing the settings to use to render the button. For example:
{
'scope': 'email',
'width': 200,
'height': 50,
'longtitle': true,
'theme': 'dark',
'onsuccess': handleSuccess,
'onfailure': handleFailure
}
You can specify the following options:
Parameters
scope The scopes to request when the user signs in (default: profile).
width The width of the button in pixels (default: 120).
height The height of the button in pixels (default: 36).
longtitle Display long labels such as "Sign in with Google" rather than "Sign in" (default: false).
theme The color theme of the button: either light or dark (default: light).
onsuccess The callback function to call when a user successfully signs in. This function must take one argument: an instance of gapi.auth2.GoogleUser (default: none).
onfailure The callback function to call when sign-in fails. This function takes no arguments (default: none).
app_package_name The package name of the Android app to install over the air. See Android app installs from your web site. Optional. (default: none)