Authentication

Sign users into your app using their Google accounts.

Users signed into Google on their device or browser get expedited authentication on your app or site.

Returning users sign in automatically or with one tap or click.

You even have the option to let users create new accounts with a single tap or click.

Open-source and industry-standard authentication.

Passkeys are a safer and easier replacement for passwords.

Google's OAuth 2.0 APIs conform to the OpenID Connect specification, are OpenID Certified, and can be used for both authentication and authorization.

These APIs are listed here for historical reference.

Authorization

Authorize your app to use Google APIs and data.

Use OAuth 2.0 and our Client libraries to quickly and securely call Google APIs.

Google supports common OAuth 2.0 scenarios such as those for web server, client-side, installed, and limited-input device applications.

Get your app verified and ready for production.

Integrate your services and APIs with Google, share media and data with Google Assistant, Smart Home, YouTube and more. After obtaining user consent securely link an individual Google account with an account on your platform with OAuth 2.0 standard flows.

Improve user privacy with custom scopes, sharing only the data necessary for a specific use case. Increase user trust by clearly communicating how Google uses this data.

Credential management

Securely store and retrieve credentials.
Boost your app's user experience by seamlessly integrating passwordless authentication with passkeys using Credential Manager. Credential Manager is an Android Jetpack library that supports passkeys, passwords, and federated sign-in solutions (such as Sign-in with Google).
The Blockstore API for Android lets apps save user credentials without the complexity or security risk associated with saving user passwords.
Enable forms on apps to use the device's autofill utilities.
Enable forms on web pages to use the browser's autofill utilities.

Credential verification

Enable multi-factor authentication with verified credentials.
Use the SMS Retriever API to verify users by SMS, without the need for manual input of a verification code.
Verify phone numbers on the Web with the WebOTP API, and help users with one-time passwords received through SMS.

Latest news

Federated Credential Management (FedCM) Migration for Google Identity Services.

GIS currently uses third-party cookies to enable users to easily sign up and sign in to websites, making sign-in more secure for users by reducing reliance on passwords. However, as part of the Privacy Sandbox initiative, Chrome is phasing out support for third-party cookies in 2024 to protect user privacy online.

Google Identity Services (GIS) is making authentication safer and easier for developers with new features recently added across our libraries:

  • Verified Phone Number and Phone Number Hint on Android
  • One Tap for Web on Intelligent Tracking Prevention (ITP) browsers
  • Google Sign-In for iOS now supports macOS, as well

We've made our OAuth implementation more safe and secure, deprecating support for out-of-band (OOB) flows and Loopback IP address flows to reduce the risk of phishing and app impersonation attacks during OAuth interactions.

Firebase Authentication makes building secure authentication easy, providing sign-in and on-boarding for your users on all their devices. It provides backend services to securely authenticate users, paired with easy-to-use client SDKs. It can authenticate users using passwords and federated identity provider credentials. Firebase Authentication also provides UI libraries to implement a full authentication experience in your app.
Identity Platform is a customer identity and access management (CIAM) platform that helps organizations add identity and access management functionality to their applications, protect user accounts, and scale with confidence on Google Cloud.