Skip to main content

Documentation Index

Fetch the complete documentation index at: https://mintlify.com/MomenSherif/react-oauth/llms.txt

Use this file to discover all available pages before exploring further.

useGoogleLogin returns a login function that you can attach to any button or UI element. It supports two OAuth 2.0 flows:
  • Implicit flow — returns an access token directly in the browser. Suitable for client-side-only apps.
  • Authorization code flow — returns a one-time authorization code that your backend exchanges for access and refresh tokens.

Usage

import { useGoogleLogin } from '@react-oauth/google';

function LoginButton() {
  const login = useGoogleLogin({
    onSuccess: tokenResponse => console.log(tokenResponse),
  });

  return <button onClick={() => login()}>Sign in with Google</button>;
}

Parameters

Common props

flow
'implicit' | 'auth-code'
default:"implicit"
Selects the OAuth 2.0 flow. implicit returns an access token directly; auth-code returns an authorization code for backend exchange.
onSuccess
(response: TokenResponse | CodeResponse) => void
Callback fired after a successful authorization. Receives a TokenResponse for the implicit flow or a CodeResponse for the auth-code flow.
onError
(errorResponse: { error: string; error_description?: string; error_uri?: string }) => void
Callback fired when the authorization request fails with an OAuth error.
onNonOAuthError
(nonOAuthError: NonOAuthError) => void
Callback fired for non-OAuth errors such as a popup failing to open or being closed before a response is returned.
scope
string
A space-delimited list of OAuth scopes to request. By default, openid profile email are always included.
enable_serial_consent
boolean
default:"true"
When false, disables more granular Google Account permissions for clients created before 2019. Has no effect for newer clients.
hint
string
An email address hint for the target user. Corresponds to the login_hint parameter in OpenID Connect.
hosted_domain
string
Hint for the Google Workspace domain the user belongs to. Corresponds to the hd parameter in OpenID Connect.
overrideScope
boolean
When true, uses only the scopes specified in scope without prepending the default openid profile email scopes.

Implicit flow props

These props apply only when flow is 'implicit' (the default).
prompt
'' | 'none' | 'consent' | 'select_account'
default:"select_account"
A space-delimited list of prompts to present the user.
state
string
Not recommended. An opaque string your application uses to maintain state between the authorization request and the server’s response.

Authorization code flow props

These props apply only when flow is 'auth-code'.
ux_mode
'popup' | 'redirect'
default:"popup"
The UX mode for the authorization flow. popup opens a consent popup; redirect navigates the user to the consent page.
redirect_uri
string
Required when ux_mode is redirect. Must exactly match one of the authorized redirect URIs configured in the Google API Console. Ignored by popup UX.
state
string
Recommended for redirect UX. An opaque string your application uses to maintain state between the authorization request and the server’s response.
select_account
boolean
default:"false"
When true, prompts the user to select a Google account even if they are already signed in.

Return value

useGoogleLogin returns a login function.
  • Implicit flow: (overrideConfig?: OverridableTokenClientConfig) => void
  • Auth-code flow: () => void
For the implicit flow, you can pass an optional overrideConfig object when calling login() to override prompt, enable_serial_consent, hint, or state for that specific invocation.

Response types

TokenResponse (implicit flow)

The object passed to onSuccess when using the implicit flow:
access_token
string
required
The OAuth 2.0 access token.
expires_in
number
required
The lifetime of the access token in seconds.
token_type
string
required
The token type. Always Bearer.
scope
string
required
A space-delimited list of scopes granted by the user.
prompt
string
required
The prompt value that was used from the configuration.
hd
string
The hosted Workspace domain the signed-in user belongs to.
state
string
The state string passed in the authorization request.

CodeResponse (auth-code flow)

The object passed to onSuccess when using the auth-code flow:
code
string
required
The one-time authorization code. Exchange this on your backend for access and refresh tokens.
scope
string
required
A space-delimited list of scopes granted by the user.
state
string
The state string passed in the authorization request.
The authorization code can only be used once. Exchange it server-side using your OAuth client secret.

Build docs developers (and LLMs) love

Get started for freeTalk to us