This page describes the setup required by a client to enable sign-in and sign-up using Google One Tap.
- Once the prompt is shown to the user, and the user clicks on his account, the JS library will make a call to Google's backend to verify the user preliminarily.
- The One-tap JS expects you to pass a custom callback that will be invoked on successful verification of the user in the above step. On successful verification, the callback will be invoked with CredentialResponse as the argument.
CredentialResponsehas a key named
credential. The value of this
credentialis required to verify the user with Bridgekeeper and handle the subsequent session management flows that Bridgekeeper provides.
- So inside the
- Firstly, a
POSTcall should be made to
/api/auth/v1/login/google-one-tapwith the body as,The
"token": "<value of CredentialResponse.credential>",
tokenis required while the
- On successful authentication of the user, Bridgeekeeper will send a response, with
200as status code and a JSON body having the user's details. And if there is a valid
redirect-urlpassed in the body, it will respond with a
Locationheader as the
- Importantly, Bridgekeeper will set the
qt-authcookie which will be used for subsequent session management flows.
- At this point, the client can start using the
Userobject from the response and perform any custom actions like storing the
Userobject in the Redux store, disabling the One-tap prompt and so on.
- Firstly, a
- If the user does not already exist in Bridgekeeper, then a new user and a session is created. Otherwise, a new session is created for the existing user.
- Since the
qt-authcookie is now set. Bridgekeeper APIs can be used for, say, session validation using
/api/auth/v1/users/me, logging out using
/api/auth/v1/logoutand so on.