The newest version of Google Identity Toolkit has been released as Google Cloud's Identity Platform and Firebase Authentication. These products include upgraded client SDKs, open source UI libraries, session management and integrated email sending service for forgotten password flows.

Based on your needs, new projects should use either Identity Platform or Firebase Authentication. To migrate an existing project from Identity Toolkit, see the Identity Platform migration guide or Firebase Authentication migration guide.

Relyingparty: createAuthUri

Creates the URI used by the IdP to authenticate the user.


HTTP request


Request body

In the request body, supply data with the following structure:

  "identifier": string,
  "continueUri": string,
  "openidRealm": string,
  "providerId": string,
  "clientId": string,
  "context": string
Property name Value Description Notes
identifier string The email or federated ID of the user.
continueUri string The URI to which the IDP redirects the user after the federated login flow.
openidRealm string Optional realm for OpenID protocol. The sub string "scheme://domain:port" of the param "continueUri" is used if this is not set.
providerId string The IdP ID. For white listed IdPs it's a short domain name e.g.,, and For other OpenID IdPs it's the OP identifier.
clientId string The relying party OAuth client ID.
context string The opaque value used by the client to maintain context info between the authentication request and the IDP callback.


If successful, this method returns a response body with the following structure:

  "kind": "identitytoolkit#CreateAuthUriResponse",
  "authUri": string,
  "providerId": string,
  "registered": boolean,
  "forExistingProvider": boolean
Property name Value Description Notes
kind string The fixed string identitytoolkit#CreateAuthUriResponse".
authUri string The URI used by the IDP to authenticate the user.
registered boolean Whether the user is registered if the identifier is an email.
providerId string The provider ID of the auth URI.
forExistingProvider boolean True if the authUri is for user's existing provider.