Privy offers the ability to sign up and log users in using OAuth providers. Users can sign in with familiar flows on Google, Apple, Twitter, Github, Discord, LinkedIn, TikTok, Spotify, Instagram, and LINE.
Google OAuth login may not work in in-app browsers (IABs), such as those embedded in social apps,
due to Google’s restrictions in these environments. Other OAuth providers are generally
unaffected.
Enable your desired OAuth login method in the Privy
Dashboard before implementing
this feature. React
React Native
Swift
Android
Unity
Flutter
To authenticate your users with Privy’s out of the box UIs, check out UI components here. initOAuth from the useLoginWithOAuth hook to trigger the OAuth login flow.initOAuth: ({ provider: OAuthProviderType, disableSignup?: boolean }) => Promise<void>
provider
OAuthProviderType
required
The OAuth provider to use for authentication. Valid values are: 'google', 'apple', 'twitter',
'github', 'discord', 'linkedin', 'spotify', 'tiktok', 'instagram', 'line'.
If set to true, the OAuth flow will only allow users to log in with existing accounts and prevent new account creation.
Usage
import { useLoginWithOAuth } from '@privy-io/react-auth';
export default function LoginWithOAuth() {
const { state, loading, initOAuth } = useLoginWithOAuth();
const handleLogin = async () => {
try {
// The user will be redirected to OAuth provider's login page
await initOAuth({ provider: 'google' });
} catch (err) {
// Handle errors (network issues, validation errors, etc.)
console.error(err);
}
};
return (
<div>
<button onClick={handleLogin} disabled={loading}>
{loading ? 'Logging in...' : 'Log in with Google'}
</button>
</div>
);
}
Tracking Flow State
Track the state of the OAuth flow via the state variable returned by the useLoginWithOAuth hook.state:
| {status: 'initial'}
| {status: 'loading'}
| {status: 'done'}
| {status: 'error'; error: Error | null};
status
'initial' | 'loading' | 'done' | 'error'
The current state of the OAuth flow.
The error that occurred during the OAuth flow (only present when status is ‘error’).
Callbacks
You can optionally pass callbacks to the useLoginWithOAuth hook to run custom logic after a successful login or to handle errors.onComplete
onComplete: ({user, isNewUser, wasAlreadyAuthenticated, loginMethod, linkedAccount}) => void
Parameters
The user object returned after successful login.
Whether the user is a new user or an existing user.
Whether the user was already authenticated before the OAuth flow.
The login method used (‘google’, ‘apple’, etc.).
The linked account if the user was already authenticated.
onError
onError: (error: Error) => void
Parameters
The error that occurred during the OAuth flow.
Example with Callbacks
import { useLoginWithOAuth } from '@privy-io/react-auth';
export default function LoginWithOAuth() {
const { initOAuth } = useLoginWithOAuth({
onComplete: ({ user, isNewUser }) => {
console.log('User logged in successfully', user);
if (isNewUser) {
// Perform actions for new users
}
},
onError: (error) => {
console.error('Login failed', error);
}
});
return (
<button onClick={() => initOAuth({ provider: 'google' })}>
Log in with Google
</button>
);
}
Security
We recommend configuring allowed OAuth redirect URLs to restrict where users can be redirected after they log in with an external OAuth provider. Learn more here!Accessing OAuth tokens
For any OAuth login method for which you configure your own credentials, you are able to have the user’s OAuth and Refresh access tokens accessible to your app by toggling Return OAuth tokens and making use of the useOAuthTokens hook.Resources
To authenticate your users with Privy’s out of the box UIs, check out UI components here. Login with OAuth will not work if you have not completed this step.
Initializing the login flow
Privy supports native Apple login when running
on iOS. To configure native Apple login, follow this
guide. login from the useLoginWithOAuth hook to authenticate users using an OAuth provider.login: ({
provider: OAuthProviderType,
disableSignup?: boolean
}) => Promise<PrivyUser>
Parameters
provider
OAuthProviderType
required
The OAuth provider to use for authentication. Valid values are: 'google', 'apple', 'twitter',
'github', 'discord', 'linkedin', 'spotify', 'tiktok', 'instagram'.
If true, the OAuth flow will only allow existing users to log in, preventing new account creation.
Response
The user object returned after successful login.
Usage
import { useLoginWithOAuth } from '@privy-io/expo';
export function LoginButton() {
const { login, state } = useLoginWithOAuth();
return (
<Button
onPress={() => login({ provider: 'google' })}
disabled={state.status === 'loading'}
>
{state.status === 'loading' ? 'Logging in...' : 'Login with Google'}
</Button>
);
}
Handling errors
The promise returned by the login method will reject with an error if the OAuth flow fails.import { useLoginWithOAuth } from '@privy-io/expo';
export function LoginScreen() {
const [isLoading, setIsLoading] = useState(false);
const { login } = useLoginWithOAuth();
const onPress = async () => {
try {
setIsLoading(true);
const user = await login({ provider: 'google' });
console.log('Login successful', user.id);
} catch (error) {
console.error('Login failed', error);
} finally {
setIsLoading(false);
}
};
return (
<Button
disabled={isLoading}
onPress={onPress}
title="Login with Google"
/>
);
}
Tracking Flow State
Track the state of the OAuth flow via the state variable returned by the useLoginWithOAuth hook.state:
| {status: 'initial'}
| {status: 'loading'}
| {status: 'done'}
| {status: 'error'; error: Error | null};
status
'initial' | 'loading' | 'done' | 'error'
The current state of the OAuth flow.
The error that occurred during the OAuth flow (only present when status is ‘error’).
Usage: Conditional Rendering
import { View, Text, Button } from 'react-native';
import { usePrivy, useLoginWithOAuth, hasError } from '@privy-io/expo';
export function LoginScreen() {
const { user } = usePrivy();
const { state, login } = useLoginWithOAuth();
return state.status === 'done' ? (
<View>
<Text>You logged in successfully</Text>
</View>
) : (
<View>
<Button
disabled={state.status === 'loading'}
onPress={() => login({ provider: 'google' })}
title={state.status === 'loading' ? 'Logging in...' : 'Login with Google'}
/>
{hasError(state) && (
<Text>Error: {state.error.message}</Text>
)}
</View>
);
}
Resources
Prior to integrating OAuth login, make sure you have properly configured your app’s allowed URL schemes in the Privy dashboard.Login with OAuth will not work if you have not completed this step.
Initializing the login flow
Privy supports native Apple login when running
on iOS. To configure native Apple login, follow this guide. privy.oAuth.login. As parameters to this method, pass the following fields:A member of the OAuthProvider enum specifying which OAuth provider the user should login with. Currently, .google, .apple, .discord, and .twitter are supported.
(Optional). Your app’s URL scheme as a string. If you do not pass this value, Privy will use the first valid app URL scheme from your app’s info.plist.
Returns
The authenticated Privy user
Throws
An error if logging the user in is unsuccessful.Usage
do {
let privyUser = try await privy.oAuth.login(with: OAuthProvider.google, appUrlScheme: "privyiosdemo")
} catch {
print("OAuth login error: \(error)")
}
login method will return the new AuthSession.Handling errors
An error could be thrown if:
- Your app url scheme is not explicitly provided or set in your info.plist
- Your app url scheme is not registered in the Privy dashboard.
- There was an issue generating the OAuth provider login URL
- The user declined or cancelled the login attempt, or there was another error during authentication
If an error is thrown, you can get a description of the error as a string from the error thrown by privy.oAuth.login.Native Apple login
To configure native apple login, follow this guide. Prior to integrating OAuth login, make sure you have properly configured your app’s allowed URL schemes in the Privy dashboard.Login with OAuth will not work if you have not completed this step.
AndroidManifest.xml file to handle OAuth redirects:<activity
android:name="io.privy.sdk.oAuth.PrivyRedirectActivity"
android:exported="true"
android:launchMode="singleTask">
<intent-filter android:autoVerify="true">
<action android:name="android.intent.action.VIEW" />
<category android:name="android.intent.category.DEFAULT" />
<category android:name="android.intent.category.BROWSABLE" />
<data android:scheme="YOUR_CUSTOM_PRIVY_OAUTH_SCHEME" />
</intent-filter>
</activity>
YOUR_CUSTOM_PRIVY_OAUTH_SCHEME with your app’s custom URL scheme.This scheme must be unique for this activity as it can cause issues if they clash with other activities or apps.
Initializing the login flow
To launch the oAuth flow, simply call privy.oAuth.login. As parameters to this method, pass the following fields:A member of the OAuthProvider enum specifying which OAuth provider the user should login with. Currently, Google, Discord, and Twitter are supported.
Your app’s URL scheme as a string. This must match the scheme configured in your AndroidManifest.xml.
Returns
A Result containing the authenticated PrivyUser. Returns Result.success with the PrivyUser if authentication was successful, or Result.failure if there was an error.
Usage
val scheme = "privytestapp://"
viewModelScope.launch {
val result = privy.oAuth.login(OAuthProvider.Google, scheme)
result
.onSuccess { user ->
// Handle successful authentication
println("OAuth login successful: ${user.id}")
}
.onFailure { error ->
// Handle authentication error
println("OAuth login error: ${error.message}")
}
}
login method will return the authenticated PrivyUser.Handling errors
The login method returns a Result that will contain a failure if:
- Your app URL scheme is not provided in the method call
- Your app URL scheme is not registered in the Privy dashboard
- Your app URL scheme doesn’t match the one configured in your AndroidManifest.xml
- There was an issue generating the OAuth provider login URL
- The user declined or cancelled the login attempt, or there was another error during authentication
You can handle these errors using the onFailure method as shown in the usage example above. Prior to integrating OAuth login, make sure you have properly configured your app’s allowed URL schemes in the Privy dashboard.Login with OAuth will not work if you have not completed this step.
Initializing the login flow
To authenticate a user via an OAuth account (e.g. Google, Discord, Apple), use the Privy client’s OAuth handler.This is a two step process, though Privy’s Unity SDK wraps it into a single method call:
- Generate an OAuth login URL corresponding to your desired OAuth provider
- Redirect the user to the login URL to have them authenticate with the chosen OAuth provider
Supported OAuth Providers
Privy’s Unity SDK currently supports OAuth login with Google, Apple, Twitter, and Discord.We’re actively working to expand our support for other OAuth providers.
Interested in a specific provider that isn’t currently supported? Contact us at [email protected].Initializing the login flow
To launch the OAuth flow, simply call PrivyManager.Instance.OAuth.LoginWithProvider. As parameters to this method, pass the following fields:A member of the OAuthProvider enum specifying which OAuth provider the user should login with.
For WebGL builds, this will be your redirect URL. For applications, this will be your app’s URL scheme.
Usage
try
{
// Log the user in with Google OAuth
await PrivyManager.Instance.OAuth.LoginWithProvider(OAuthProvider.Google, "myappscheme");
}
catch
{
// Login with OAuth was unsuccessful
Debug.Log("Error logging user in.");
}
LoginWithProvider method will return the new AuthState for a user.This method will throw an error if:
- a
redirectUri is not provided
- the network call to authenticate the user fails
Prior to integrating OAuth login, make sure you have properly configured your app’s allowed URL schemes in the Privy dashboard.Login with OAuth will not work if you have not completed this step.
Android Configuration
Add the following activity to your android/app/src/main/AndroidManifest.xml file to handle OAuth redirects:<activity
android:name="io.privy.sdk.oAuth.PrivyRedirectActivity"
android:exported="true"
android:launchMode="singleTask"
android:theme="@android:style/Theme.Translucent.NoTitleBar">
<intent-filter>
<action android:name="android.intent.action.VIEW" />
<category android:name="android.intent.category.DEFAULT" />
<category android:name="android.intent.category.BROWSABLE" />
<data android:scheme="YOUR_CUSTOM_PRIVY_OAUTH_SCHEME" />
</intent-filter>
</activity>
YOUR_CUSTOM_PRIVY_OAUTH_SCHEME with your app’s custom URL scheme.This scheme must be unique for this activity as it can cause issues if they clash with other activities or apps.
iOS Configuration
Add your custom URL scheme to your ios/Runner/Info.plist file:<key>CFBundleURLTypes</key>
<array>
<dict>
<key>CFBundleURLName</key>
<string>privy.oauth</string>
<key>CFBundleURLSchemes</key>
<array>
<string>YOUR_CUSTOM_PRIVY_OAUTH_SCHEME</string>
</array>
</dict>
</array>
YOUR_CUSTOM_PRIVY_OAUTH_SCHEME with your app’s custom URL scheme.Privy supports native Apple login when running
on iOS. Apple Sign In requires iOS 13.0+ and is only available on iOS devices. To configure native Apple login, follow this guide. Initializing the login flow
Use the login method from your Privy instance’s OAuth module to authenticate users using an OAuth provider.Future<Result<PrivyUser>> login({
required OAuthProvider provider,
required String appUrlScheme,
})
Parameters
The OAuth provider to use for authentication. Valid values are: OAuthProvider.google, OAuthProvider.apple (iOS only), OAuthProvider.twitter,
OAuthProvider.discord.
Your app’s custom URL scheme for redirecting back to the app after OAuth authentication.
Response
A Result containing the authenticated PrivyUser on success, or a Failure with error details.
Usage
final result = await privy.oAuth.login(
provider: OAuthProvider.google,
appUrlScheme: 'your-app-scheme',
);
result.fold(
onSuccess: (user) {
print('Login successful: ${user.id}');
},
onFailure: (error) {
print('Login failed: $error');
},
);
Handling errors
An error could be thrown if:
- Your app URL scheme is not provided in the method call
- Your app URL scheme is not registered in the Privy dashboard
- There was an issue generating the OAuth provider login URL
- The user declined or cancelled the login attempt, or there was another error during authentication
- Apple Sign In is attempted on Android (Apple Sign In is only supported on iOS)
You can handle these errors using the Result.fold() method as shown in the usage example above.Resources
