Google user authentication options for sign-up and sign-in

This page enables you to rapidly test, compare, and contrast sign-in options offered by Google; directly using requests to Google OAuth API endpoints or indirectly through the use of JavaScript libraries.
Button images are available from Google's branding guidelines page.

User sign-in with OAuth/OIDC API endpoints

Developer docs
Features
Configure response_type:

Sign in using a button

Sign in using a URL

sign-in link

You will be redirected to OIDC debugger for decoding of the ID token reponse.

User sign-in with the Google Identity Services (GIS) JavaScript library

Developer docs
Features

Personalized button using popup with JS callback

Callback response


    


    

      

        User sign-in with the Google Sign-in JavaScript library (Deprecated)
      


      Developer docs

      Features
      

      
Sign in button showing session state

      

        

        

        Sign out of session
      

      
Callback response

      

    


    

      
User sign-in with Google as an IdP using the browser's FedCM APIs


      Developer docs

      Features
      

      

      In this example, Google is configured as the Identity Provider (IdP).

      The navigator.credentials.get and IdentityCredential.disconnect browser
      APIs trigger sign-in and revoke the session between the RP and IdP

      without a third-party JavaScript library.

      



      
      

      

      
Credential response

      

    


    

      
Working with sessions

      Session state affects account chooser and sign-in behavior, user flows
      differ when no sessions exist or existing session(s) are found.
      
   
To start from a known state with no user sessions:
      - Close ALL existing Chrome Incognito windows, terminating any active Google sessions.
      - Open a new Chrome Incognito window (Ctrl-Shift-N).

To establish a Google user session:
      - Open news.google.com
      - Click on 'Sign in' in the upper right hand banner to sign in to a Google Account, establishing a new session.
      

    


    

      
Selecting user accounts in advance


      The sign-in options below allow user accounts to be filtered.
      


      

        

          
            Using login_hint to suggest a Google account may skip the account
            chooser
          
          
          
          (may be the email address configured for: 1) a Google Account or 2) a
          Workspace Account) 

          
          
          

          
          
        

        

        

          
            Providing a hosted domain value filters the account chooser,
            displaying only matching accounts. For example, "*" limits sign-in
            to the Workspace primpary domain, while "ink-42.com" does so for the
            named Workspace domain
          
          
          
        


        
      

      
No user prompts are required when:
  - Only one active Google account session exists
  - login_hint is used when two or more active Google account sessions exist
  - User has previously granted consent
  
Optional additional gestures:
    1. Sign-in to a Google account is required when:
      - no active Google account session exists
      - Google requires reauthentication for security reasons or other factors
    2. Account chooser gesture is required when:
      - login_hint is not used when two or more active Google account sessions exist
      - login_hint is used but a corresponding Google account does not exist
    3. Consent is required:
      - once for each Google account and application (client id) tuple,
      - when site settings optionally call for it,
      - when requested scopes do not fully match previously approved scopes