Back4App

Sign In with Google Tutorial

Introduction

Sign In with Google enables users to sign in to Apps using their Google accounts.

Prerequisites

To begin with this tutorial, you will need:

Step 1 - Create a New Back4App App

First of all, it’s necessary to make sure that you have an existing app created at Back4App. However, if you are a new user, you can check this tutorial to learn how to create one.

Step 2 - Create a new Client Identifier

Log into your Google Developer account and go to Google API Console. Click Credentials and choose OAuth 2.0 Client IDs

ID

If you do not have a Consent Screen, Google will ask you to create one. Click on Configure consent Screen, you will be redirected to the following page:

ID

Complete the screen consent configuration and hit Save

Pick the platform you will need. For this example I am using Javascript (Web Application), but you should pick the one you will be using.

In Authorized JavaScript Origins, replace the URL with your own subdomain.
In Authorized redirect URIs, insert your subdomain followed by /redirect. As shown in the image below:

Note: If you do not have your subdomain enabled yet, please check the following guide to know how can you do this: Create your Subdomain

ID

After that you should have your Client ID and Secret:

ID

Step 3 - Retrieve your Code

Visit the following URL, changing the values for REDIRECT_URI and CLIENT_ID for the ones you created:

1
https://accounts.google.com/o/oauth2/v2/auth?scope=https%3A//www.googleapis.com/auth/drive.metadata.readonly&access_type=offline&include_granted_scopes=true&response_type=code&state=state_parameter_passthrough_value&redirect_uri=REDIRECT-URL&client_id=CLIENT_ID

The scopes necessary to retrieve the auth_token and later on the user_id are:

https://www.googleapis.com/auth/userinfo.email
https://www.googleapis.com/auth/plus.me
https://www.googleapis.com/auth/userinfo.profile

Log in with your Google account and the redirected website will have your code in the URL:

ID

Copy the Code part of the URL only and run the following CURL command replacing the values YOUR_CODE, CLIENT_ID, CLIENT_SECRET and REDIRECT_URI for the values of your application

1
2
3
4
5
6
7
curl -X POST \
  https://oauth2.googleapis.com/token \
  -F 'grant_type=authorization_code' \
  -F 'code=YOUR_CODE' \
  -F 'client_id=CLIENT_ID' \
  -F 'client_secret=CLIENT_SECRET' \
  -F 'redirect_uri=REDIRECT_URI'

Run it and you should retrieve your access token:

ID

REMEMBER: the code can be used only once. If you get an error or don’t use your token, you must re-generate your Code to be able to run it again.

Now it is time to retrieve your Google's User ID. It is a numeric string that you will pass along as the id in the step 4.
To do so, run the following command replacing the YOUR TOKEN string for the token you received in the previous command.

1
curl -X GET https://www.googleapis.com/userinfo/v2/me?access_token=YOUR_TOKEN

Step 4 - Start the development

Now that the Sign In with Google is configured, you can start the development process.
The format for AUTHDATA is:

1
2
3
4
5
6
7
{
  "google": {
    "id": "user's Google id (string)",
    "id_token": "an authorized Google id_token for the user (use when not using access_token)",
    "access_token": "an authorized Google access_token for the user (use when not using id_token)"
  }
}

Here is the method for the iOS SDK:

1
2
3
PFUser.logInWithAuthType(inBackground: "google", authData: ["access_token":tokenString, "id": user]).continueWith { task -> Any? in
    
}

And here for the Android SDK:

1
2
3
4
5
6
Map<string, string> authData = new HashMap<string, string>(); 
authData.put("access_token", tokenString);
authData.put("id", user);
ParseUser.logInWithInBackground("google", authData){

}

Remember, this must be done at every login for every user.