OAuth
Privy offers the ability to sign up and log users in using OAuth providers. Users can sign in with familiar flows on Google, Apple, Twitter, Github, Discord, LinkedIn, TikTok, Spotify, and Instagram.
Login with OAuth is the onboarding flow your users are used to, integrated into your application in just a few lines of code.
The React SDK supports OAuth login with Google, Apple, Twitter, GitHub, Discord, LinkedIn, Spotify, TikTok, and Instagram. For all other OAuth providers, you can use JWT-based authentication.
Use initOAuth
from the useLoginWithOAuth
hook to trigger the OAuth login flow.
The OAuth provider to use for authentication. Valid values are: 'google'
, 'apple'
, 'twitter'
,
'github'
, 'discord'
, 'linkedin'
, 'spotify'
, 'tiktok'
, 'instagram'
.
If set to true, the OAuth flow will only allow users to log in with existing accounts and prevent new account creation.
Usage
Tracking Flow State
Track the state of the OAuth flow via the state
variable returned by the useLoginWithOAuth
hook.
The current state of the OAuth flow.
The error that occurred during the OAuth flow (only present when status is ‘error’).
Callbacks
You can optionally pass callbacks to the useLoginWithOAuth
hook to run custom logic after a successful login or to handle errors.
onSuccess
Parameters
The user object returned after successful login.
Whether the user is a new user or an existing user.
Whether the user was already authenticated before the OAuth flow.
The login method used (‘google’, ‘apple’, etc.).
The linked account if the user was already authenticated.
onError
Parameters
The error that occurred during the OAuth flow.
Example with Callbacks
Security
We recommend configuring allowed OAuth redirect URLs to restrict where users can be redirected after they log in with an external OAuth provider. Learn more here!
The React SDK supports OAuth login with Google, Apple, Twitter, GitHub, Discord, LinkedIn, Spotify, TikTok, and Instagram. For all other OAuth providers, you can use JWT-based authentication.
Use initOAuth
from the useLoginWithOAuth
hook to trigger the OAuth login flow.
The OAuth provider to use for authentication. Valid values are: 'google'
, 'apple'
, 'twitter'
,
'github'
, 'discord'
, 'linkedin'
, 'spotify'
, 'tiktok'
, 'instagram'
.
If set to true, the OAuth flow will only allow users to log in with existing accounts and prevent new account creation.
Usage
Tracking Flow State
Track the state of the OAuth flow via the state
variable returned by the useLoginWithOAuth
hook.
The current state of the OAuth flow.
The error that occurred during the OAuth flow (only present when status is ‘error’).
Callbacks
You can optionally pass callbacks to the useLoginWithOAuth
hook to run custom logic after a successful login or to handle errors.
onSuccess
Parameters
The user object returned after successful login.
Whether the user is a new user or an existing user.
Whether the user was already authenticated before the OAuth flow.
The login method used (‘google’, ‘apple’, etc.).
The linked account if the user was already authenticated.
onError
Parameters
The error that occurred during the OAuth flow.
Example with Callbacks
Security
We recommend configuring allowed OAuth redirect URLs to restrict where users can be redirected after they log in with an external OAuth provider. Learn more here!
The React Native (Expo) SDK supports OAuth login with Google, Apple, Twitter, GitHub, Discord, LinkedIn, Spotify, TikTok, and Instagram. For all other OAuth providers, you can use JWT-based authentication.
Privy supports native Apple login when running on iOS. To configure native Apple login, follow this guide.
Use login
from the useLoginWithOAuth
hook to authenticate users using an OAuth provider.
Parameters
The OAuth provider to use for authentication. Valid values are: 'google'
, 'apple'
, 'twitter'
,
'github'
, 'discord'
, 'linkedin'
, 'spotify'
, 'tiktok'
, 'instagram'
.
If true, the OAuth flow will only allow existing users to log in, preventing new account creation.
Response
The user object returned after successful login.
Usage
Tracking Flow State
Track the state of the OAuth flow via the state
variable returned by the useLoginWithOAuth
hook.
The current state of the OAuth flow.
The error that occurred during the OAuth flow (only present when status is ‘error’).
Usage: Conditional Rendering
Callbacks
You can optionally pass callbacks to the useLoginWithOAuth
hook to run custom logic after a successful login or to handle errors.
onSuccess
Parameters
The user object returned after successful login.
Whether the user is a new user or an existing user.
onError
Parameters
The error that occurred during the OAuth flow.
Usage with Callbacks
To authenticate a user via an OAuth account (e.g. Google), use the Privy client’s oAuth
handler.
The Swift SDK supports OAuth login with Google, Apple, and Twitter. For all other OAuth providers, you can use JWT-based authentication.
Privy supports native Apple login when running on iOS. To configure native Apple login, follow this guide.
Prior to integrating OAuth login, make sure you have properly configured your app’s allowed URL schemes in the Privy dashboard. Login with OAuth will not work if you have not completed this step.
Initializing the login flow
To launch the oAuth flow, simply call privy.oAuth.login
. As parameters to this method, pass the following fields:
A member of the OAuthProvider
enum specifying which OAuth provider the user should login with. Currently, .google
, .apple
and .twitter
are supported.
(Optional). Your app’s URL scheme as a string. If you do not pass this value, Privy will use the first valid app URL scheme from your app’s info.plist
.
Returns
The authenticated Privy user
Throws
An error if logging the user in is unsuccessful.
Usage
That’s it! If your user was successfully authenticated, the login
method will return the new AuthSession.
Handling errors
An error could be thrown if:
- Your app url scheme is not explicitly provided or set in your info.plist
- Your app url scheme is not registered in the Privy dashboard.
- There was an issue generating the OAuth provider login URL
- The user declined or cancelled the login attempt, or there was another error during authentication
If an error is thrown, you can get a description of the error as a string
from the error
thrown by privy.oAuth.login
.
Native Apple login
To configure native apple login, follow this guide.
To authenticate a user via an OAuth account (e.g. Google, Discord, Apple), use the Privy client’s OAuth
handler.
This is a two step process, though Privy’s Unity SDK wraps it into a single method call:
- Generate an OAuth login URL corresponding to your desired OAuth provider
- Redirect the user to the login URL to have them authenticate with the chosen OAuth provider
Supported OAuth Providers
Privy’s Unity SDK currently supports OAuth login with Google, Apple and Discord. For all other OAuth providers, you can use JWT-based authentication.
Configure allowed URL schemes
Prior to integrating OAuth login, make sure you have properly configured your app’s allowed URL schemes in the Privy dashboard.
For non-web platforms, be sure to setup deeplinking with your allowed URL scheme.
Login with OAuth will not work if you have not completed this step.
Initializing the login flow
To launch the OAuth flow, simply call PrivyManager.Instance.OAuth.LoginWithProvider
. As parameters to this method, pass the following fields:
A member of the OAuthProvider
enum specifying which OAuth provider the user should login with.
For WebGL builds, this will be your redirect URL. For applications, this will be your app’s URL scheme.
Usage
That’s it! If your user was successfully authenticated, the LoginWithProvider
method will return the new AuthState
for a user.
This method will throw an error if:
- a
redirectUri
is not provided - the network call to authenticate the user fails