User Sign Up, Sign In, and Authentication with Google
Overview
Authentication is the process by which your app’s users sign up or sign in to your app. The authentication process confirms the legitimacy of a user's identity before allowing them to interact with the application.
Sign in with Google makes it easy for your users to sign in and sign up to your app with the trusted security of their Google Account. It eliminates their dependency on passwords, which reduces the frustrations and security risks associated with them. Learn more here: Sign in with Google.
Video Tutorial
How to Build User Sign In, Sign Out, and Authentication with Google in Thunkable
In this tutorial, we’ll show you how to use Google to authenticate your users and allow them to sign in and sign out of your app.
Template app:
Click Copy Project or Edit Project in the upper right.
Sign in with Google
Select or Create a Project
Visit the Google Cloud console.
Sign in with your existing Google account credentials or create an account.
If this is your first visit, you may need to provide your location and accept the Google Cloud Platform Terms of Service.
Click the dropdown next to Google Cloud in the upper left.
Either:
Select an existing project.
Click NEW PROJECT.
Give your project a name.
Indicate if you'd like to create the project in a parent organization or folder.
Click Create.
In the notification that appears, click SELECT PROJECT.
The name of the selected project appears in the header at the top.
Configure Your OAuth Consent Screen
When you use OAuth for authorization, your app requests authorizations for one or more scopes of access from a Google Account. Google displays a consent screen to the user, including a summary of your project and its policies and the requested scopes of access.
To configure your Oauth consent screen:
Click APIs & Services.
In the left sidebar, select OAuth consent screen.
Indicate who your target users are, Internal or External.
Most Creators will need to select External. You should only select Internal if your app is exclusively for users in the same organization as your Google Cloud account.
Click Create.
Complete the App information screen to represent your brand best. The required fields are:
App name
User support email
Developer contact email address
Click SAVE AND CONTINUE.
On the Scopes screen, click ADD OR REMOVE SCOPES.
Select the following scopes:
.../auth/userinfo.email
.../auth/userinfo.profile
Click UPDATE.
Click SAVE AND CONTINUE.
On the Test users screen, click SAVE AND CONTINUE.
On the Summary screen, click BACK TO DASHBOARD.
Create OAuth Client ID
In the left sidebar, select Credentials.
Click + CREATE CREDENTIALS.
Select OAuth client ID.
A client ID is used to identify a single app to Google's OAuth servers. If your app runs on multiple platforms, each will need its own client ID.
Select the Application type you'd like to configure (e.g. web application, Android, or iOS). If your app runs on multiple platforms, you must configure separate OAuth client IDs for each.
See here for instructions for each of the application types Thunkable supports:
Create iOS OAuth Client ID
Follow these instructions above: Create OAuth Client ID.
Select iOS as the Application type.
Complete the following fields:
Name - The name of your OAuth 2.0 client. This name is only used to identify the client in the console and will not be shown to end users.
Click CREATE.
Click OK.
In the OAuth 2.0 Client IDs, click the iOS client ID you just created.
Copy the Client ID.
In your Thunkable tab, click the Settings gear icon in the sidebar.
Scroll to the OAuth Settings section and paste the iOS client ID into the Google IOS Client ID field.
Return to Google and copy the iOS URL scheme.
Back in Thunkable, paste the copied iOS URL scheme into the Google IOS URL Scheme field.
Create Web Application OAuth Client ID
Follow these instructions above: Create OAuth Client ID.
Select Web application as the Application type.
Give your client a Name. This name is only used to identify the client in the console and will not be shown to end users.
Under Authorized JavaScript origins, click + ADD URI.
To test your project on the web, use
https://x.thunkable.com
. To use Google Sign in with a published web app, usehttps://thunkable.site
.Click CREATE.
Click OK.
In the OAuth 2.0 Client IDs section, click the web application client ID you just created.
Copy the Client ID.
In your Thunkable tab, click the Settings gear icon in the sidebar.
Scroll to the OAuth Settings section and paste the web application client ID into the Google Web Client ID field.
Create Android OAuth Client ID
Follow these instructions above: Create OAuth Client ID.
Select Android as the Application type.
Complete the following fields:
Name - The name of your OAuth 2.0 client. This name is only used to identify the client in the console and will not be shown to end users.
SHA-1 certificate fingerprint - See here for instructions: Get the SHA-1 Certificate Fingerprint
Click CREATE.
Get the SHA-1 Certificate Fingerprint
If you haven't previously downloaded this Android app, you must download it to access its Keystore. Instructions are available here: Download Android App.
You do not need to download the resulting Android APK file.
Follow the instructions here to export your Keystore: Export Keystore from a Thunkable Project.
Click here to download the Java Development Kit (JDK) for your system: JDK Development Kit Download.
Run the following command from the Command Prompt on Windows or Terminal on Mac:
keytool -keystore path-to-debug-or-production-keystore -list -v
, where "path-to-debug-or-production-keystore" is the location of the Keystore file on your computer. Orkeytool -keystore path-to-debug-or-production-keystore -storepass keystore_password -v
where "path-to-debug-or-production-keystore" is the location of the Keystore file on your computer.The "keystore_password" needs to be replaced by your keystore password.
If prompted for a password, enter the password you saved when exporting your Keystore. Learn more here: Android Keystore Alias and Password.
Locate the Certificate fingerprints section.
Copy the SHA1 certificate fingerprint.
Alternatively, publish the app on the Google Play Store and get the SHA-1 Certificate Fingerprint from the App signing page:
Blocks
Block: get profile from Google
The mint green blocks represent the available outputs provided by the Google Sign-In process when sign-in is successful. You can save this information to personalize the user's experience within your app, display their profile picture, greet them by name, or pre-fill form fields with their email address, for example.
Output Name | Output Description |
---|---|
User ID | A unique identifier assigned to the authenticated user by Google. It is typically a long string of characters that is unique to each user. |
Display name | The user's full name, including their first name and last name, as it appears in their Google account profile. |
Given name | The user's first name. |
Family name | The user's last name. |
Email address | Email address of the Google account. |
Profile photo image URL | URL that points to the profile image associated with the Google account. |
error | If there is an error, provides the details about what went wrong. |
For web apps, no blocks, including errors, will be returned if the user rejects login (as opposed to fails login).
Block: sign out from Google
Have feedback on this doc? Please take a moment to share your feedback here: Thunkable Docs Feedback. Your valuable insights will help us improve and better serve you in the future.
Last updated