Skip to main content

Social Authentication

Social authentication is a multi-step authentication flow, allowing you to sign a user into an account or link them with an existing one.

Both native platforms and web support creating a credential which can then be passed to the signInWithCredential or linkWithCredential methods. Alternatively on web platforms, you can trigger the authentication process via a popup or redirect.

Google#

Most configuration is already setup when using Google Sign-In with Firebase, however you need to ensure your machine's SHA1 key has been configured for use with Android. You can see how to generate the key on the Installation documentation.

Ensure the "Google" sign-in provider is enabled on the Firebase Console.

If your user signs in with Google, after having already manually registered an account, their authentication provider will automatically change to Google, due to Firebase Authentications concept of trusted providers. You can find out more about this here.

On native platforms, a 3rd party library is required to trigger the authentication flow.

Install the official google_sign_in plugin:

pubspec.yaml
dependencies:
google_sign_in: "^4.5.1"

Once installed, trigger the sign-in flow and create a new credential:

import 'package:google_sign_in/google_sign_in.dart';
Future<UserCredential> signInWithGoogle() async {
// Trigger the authentication flow
final GoogleSignInAccount? googleUser = await GoogleSignIn().signIn();
// Obtain the auth details from the request
final GoogleSignInAuthentication? googleAuth = await googleUser?.authentication;
// Create a new credential
final credential = GoogleAuthProvider.credential(
accessToken: googleAuth?.accessToken,
idToken: googleAuth?.idToken,
);
// Once signed in, return the UserCredential
return await FirebaseAuth.instance.signInWithCredential(credential);
}

Facebook#

Before getting started setup your Facebook Developer App and follow the setup process to enable Facebook Login.

Ensure the "Facebook" sign-in provider is enabled on the Firebase Console. with the Facebook App ID and Secret set.

On native platforms, a 3rd party library is required to both install the Facebook SDK and trigger the authentication flow.

Install the flutter_facebook_auth plugin:

pubspec.yaml
dependencies:
flutter_facebook_auth: "^3.5.0"

You will need to follow the steps in the plugin documentation to ensure that both the Android & iOS Facebook SDKs have been initialized correctly. Once complete, trigger the sign-in flow, create a Facebook credential and sign the user in:

import 'package:flutter_facebook_auth/flutter_facebook_auth.dart';
Future<UserCredential> signInWithFacebook() async {
// Trigger the sign-in flow
final LoginResult loginResult = await FacebookAuth.instance.login();
// Create a credential from the access token
final OAuthCredential facebookAuthCredential = FacebookAuthProvider.credential(loginResult.accessToken.token);
// Once signed in, return the UserCredential
return FirebaseAuth.instance.signInWithCredential(facebookAuthCredential);
}
caution

Firebase will not set the User.emailVerified property to true if your user logs in with Facebook. Should your user login using a provider that verifies email (e.g. Google sign-in) then this will be set to true. For further information, see this issue.

Apple#

Apple announced that any applications using 3rd party login services (such as Facebook, Twitter, Google etc) must also have an Apple Sign-In method. Apple Sign-In is not required for Android devices.

Before you begin configure Sign In with Apple and enable Apple as a sign-in provider.

Next, make sure that your Runner apps have the "Sign in with Apple" capability.

Install the sign_in_with_apple plugin, as well as the crypto package:

pubspec.yaml
dependencies:
sign_in_with_apple: ^3.0.0
crypto: ^3.0.1
import 'dart:convert';
import 'dart:math';
import 'package:crypto/crypto.dart';
import 'package:firebase_auth/firebase_auth.dart';
import 'package:sign_in_with_apple/sign_in_with_apple.dart';
/// Generates a cryptographically secure random nonce, to be included in a
/// credential request.
String generateNonce([int length = 32]) {
final charset =
'0123456789ABCDEFGHIJKLMNOPQRSTUVXYZabcdefghijklmnopqrstuvwxyz-._';
final random = Random.secure();
return List.generate(length, (_) => charset[random.nextInt(charset.length)])
.join();
}
/// Returns the sha256 hash of [input] in hex notation.
String sha256ofString(String input) {
final bytes = utf8.encode(input);
final digest = sha256.convert(bytes);
return digest.toString();
}
Future<UserCredential> signInWithApple() async {
// To prevent replay attacks with the credential returned from Apple, we
// include a nonce in the credential request. When signing in with
// Firebase, the nonce in the id token returned by Apple, is expected to
// match the sha256 hash of `rawNonce`.
final rawNonce = generateNonce();
final nonce = sha256ofString(rawNonce);
// Request credential for the currently signed in Apple account.
final appleCredential = await SignInWithApple.getAppleIDCredential(
scopes: [
AppleIDAuthorizationScopes.email,
AppleIDAuthorizationScopes.fullName,
],
nonce: nonce,
);
// Create an `OAuthCredential` from the credential returned by Apple.
final oauthCredential = OAuthProvider("apple.com").credential(
idToken: appleCredential.identityToken,
rawNonce: rawNonce,
);
// Sign in the user with Firebase. If the nonce we generated earlier does
// not match the nonce in `appleCredential.identityToken`, sign in will fail.
return await FirebaseAuth.instance.signInWithCredential(oauthCredential);
}

Twitter#

Ensure the "Twitter" sign-in provider is enabled on the Firebase Console with an API Key and API Secret set.

On native platforms, a 3rd party library is required to both install the Twitter SDK and trigger the authentication flow.

Install the twitter_login plugin:

pubspec.yaml
dependencies:
twitter_login: ^4.0.1

Make sure to carefully go through the configuration steps of twitter_login and register a callback URL at the Twitter Developer Portal with a matching URL scheme

import 'package:twitter_login/twitter_login.dart';
Future<UserCredential> signInWithTwitter() async {
// Create a TwitterLogin instance
final twitterLogin = new TwitterLogin(
apiKey: '<your consumer key>',
apiSecretKey:' <your consumer secret>',
redirectURI: '<your_scheme>://'
);
// Trigger the sign-in flow
final authResult = twitterLogin.login();
// Create a credential from the access token
final twitterAuthCredential = TwitterAuthProvider.credential(
accessToken: authResult.authToken!,
secret: authResult.authTokenSecret!,
);
// Once signed in, return the UserCredential
return await FirebaseAuth.instance.signInWithCredential(twitterAuthCredential);
}

GitHub#

Ensure that you have setup an OAuth App from your GitHub Developer Settings and that the "GitHub" sign-in provider is enabled on the Firebase Console with the Client ID and Secret are set, with the callback URL set in the GitHub app.

On native platforms, a 3rd party library is required to both install the GitHub SDK and trigger the authentication flow.

Install the github_sign_in plugin:

pubspec.yaml
dependencies:
github_sign_in: ^0.0.1

You will need to populate the GitHubSignIn instance with your GitHub Client ID, GitHub Client Secret and also a Redirect URL (Firebase callback url). Once complete trigger the sign-in flow, create a GitHub credential and sign the user in:

import 'package:github_sign_in/github_sign_in.dart';
Future<UserCredential> signInWithGitHub() async {
// Create a GitHubSignIn instance
final GitHubSignIn gitHubSignIn = GitHubSignIn(
clientId: clientId,
clientSecret: clientSecret,
redirectUrl: 'https://my-project.firebaseapp.com/__/auth/handler');
// Trigger the sign-in flow
final result = await gitHubSignIn.signIn(context);
// Create a credential from the access token
final githubAuthCredential = GithubAuthProvider.credential(result.token);
// Once signed in, return the UserCredential
return await FirebaseAuth.instance.signInWithCredential(githubAuthCredential);
}