Authenticate with Google on Android

You can let your users authenticate with Firebase using their Google Accounts.

Before you begin

If you haven't already, add Firebase to your Android project .

In your module (app-level) Gradle file (usually <project>/<app-module>/build.gradle.kts or <project>/<app-module>/build.gradle ), add the dependency for the Firebase Authentication library for Android. We recommend using the Firebase Android BoM to control library versioning.

Also, as part of setting up Firebase Authentication , you need to add the Credential Manager SDK to your app.

 dependencies 
  
 { 
  
  // Import the BoM 
for the Firebase platform 
  
 implementation 
 ( 
 platform 
 ( 
 "com.google.firebase:firebase-bom:34.2.0" 
 )) 
  
  // Add the dependency for the Firebase Authentication 
library 
  
 // When using the BoM 
, you don't specify versions in Firebase library dependencies 
  
  implementation 
 ( 
 "com.google.firebase:firebase-auth" 
 ) 

  
 // Also add the dependencies for the Credential Manager libraries and specify their versions 
  
 implementation 
 ( 
 "androidx.credentials:credentials:1.3.0" 
 ) 
  
 implementation 
 ( 
 "androidx.credentials:credentials-play-services-auth:1.3.0" 
 ) 
  
 implementation 
 ( 
 "com.google.android.libraries.identity.googleid:googleid:1.1.1" 
 ) 
 }

By using the Firebase Android BoM , your app will always use compatible versions of Firebase Android libraries.

(Alternative) Add Firebase library dependencies without using the BoM

If you choose not to use the Firebase BoM , you must specify each Firebase library version in its dependency line.

Note that if you use multiple Firebase libraries in your app, we strongly recommend using the BoM to manage library versions, which ensures that all versions are compatible.

 dependencies 
  
 { 
  
  // Add the dependency for the Firebase Authentication 
library 
  
 // When NOT using the BoM 
, you must specify versions in Firebase library dependencies 
  
  implementation 
 ( 
 "com.google.firebase:firebase-auth:24.0.1" 
 ) 

  
 // Also add the dependencies for the Credential Manager libraries and specify their versions 
  
 implementation 
 ( 
 "androidx.credentials:credentials:1.3.0" 
 ) 
  
 implementation 
 ( 
 "androidx.credentials:credentials-play-services-auth:1.3.0" 
 ) 
  
 implementation 
 ( 
 "com.google.android.libraries.identity.googleid:googleid:1.1.1" 
 ) 
 }

If you haven't yet specified your app's SHA fingerprint, do so from the Settings page of the Firebase console. Refer to Authenticating Your Client for details on how to get your app's SHA fingerprint.
Enable Google as a sign-in method in the Firebase console:
1. In the Firebase console , open the Auth section.
2. On the Sign in method tab, enable the Google sign-in method and click Save .
When prompted in the console, download the updated Firebase config file ( google-services.json ), which now contains the OAuth client information required for Google sign-in.
Move this updated config file into your Android Studio project, replacing the now-outdated corresponding config file. (See Add Firebase to your Android project .)

Authenticate with Firebase

Integrate Sign in with Google into your app by following the steps in the Credential Manager documentation . Here are the high-level instructions:

Instantiate a Google sign in request using GetGoogleIdOption . Then, create the Credential Manager request using GetCredentialRequest :

Kotlin

 // Instantiate a Google sign-in request 
 val 
  
 googleIdOption 
  
 = 
  
 GetGoogleIdOption 
 . 
 Builder 
 () 
  
 // Your server's client ID, not your Android client ID. 
  
 . 
 setServerClientId 
 ( 
 getString 
 ( 
 R 
 . 
 string 
 . 
 default_web_client_id 
 )) 
  
 // Only show accounts previously used to sign in. 
  
 . 
 setFilterByAuthorizedAccounts 
 ( 
 true 
 ) 
  
 . 
 build 
 () 
 // Create the Credential Manager request 
 val 
  
 request 
  
 = 
  
 GetCredentialRequest 
 . 
 Builder 
 () 
  
 . 
 addCredentialOption 
 ( 
 googleIdOption 
 ) 
  
 . 
 build 
 () 
   GoogleSignInActivity 
 . 
 kt

Java

 // Instantiate a Google sign-in request 
 GetGoogleIdOption 
  
 googleIdOption 
  
 = 
  
 new 
  
 GetGoogleIdOption 
 . 
 Builder 
 () 
  
 . 
 setFilterByAuthorizedAccounts 
 ( 
 true 
 ) 
  
 . 
 setServerClientId 
 ( 
 getString 
 ( 
 R 
 . 
 string 
 . 
 default_web_client_id 
 )) 
  
 . 
 build 
 (); 
 // Create the Credential Manager request 
 GetCredentialRequest 
  
 request 
  
 = 
  
 new 
  
 GetCredentialRequest 
 . 
 Builder 
 () 
  
 . 
 addCredentialOption 
 ( 
 googleIdOption 
 ) 
  
 . 
 build 
 (); 
   GoogleSignInActivity 
 . 
 java

In the request above, you must pass your "server" client ID to the setServerClientId method. To find the OAuth 2.0 client ID:

Open the Credentials page in the Google Cloud console.
The Web application type client ID is your backend server's OAuth 2.0 client ID.

Check that after you integrate Sign in with Google, your sign-in activity has code similar to the following:

Kotlin

 private 
  
 fun 
  
 handleSignIn 
 ( 
 credential 
 : 
  
 Credential 
 ) 
  
 { 
  
 // Check if credential is of type Google ID 
  
 if 
  
 ( 
 credential 
  
 is 
  
 CustomCredential 
 && 
 credential 
 . 
 type 
  
 == 
  
 TYPE_GOOGLE_ID_TOKEN_CREDENTIAL 
 ) 
  
 { 
  
 // Create Google ID Token 
  
 val 
  
 googleIdTokenCredential 
  
 = 
  
 GoogleIdTokenCredential 
 . 
 createFrom 
 ( 
 credential 
 . 
 data 
 ) 
  
 // Sign in to Firebase with using the token 
  
 firebaseAuthWithGoogle 
 ( 
 googleIdTokenCredential 
 . 
 idToken 
 ) 
  
 } 
  
 else 
  
 { 
  
 Log 
 . 
 w 
 ( 
 TAG 
 , 
  
 "Credential is not of type Google ID!" 
 ) 
  
 } 
 } 
   GoogleSignInActivity 
 . 
 kt

Java

 private 
  
 void 
  
 handleSignIn 
 ( 
 Credential 
  
 credential 
 ) 
  
 { 
  
 // Check if credential is of type Google ID 
  
 if 
  
 ( 
 credential 
  
 instanceof 
  
 CustomCredential 
  
 customCredential 
 && 
 credential 
 . 
 getType 
 (). 
 equals 
 ( 
 TYPE_GOOGLE_ID_TOKEN_CREDENTIAL 
 )) 
  
 { 
  
 // Create Google ID Token 
  
 Bundle 
  
 credentialData 
  
 = 
  
 customCredential 
 . 
 getData 
 (); 
  
 GoogleIdTokenCredential 
  
 googleIdTokenCredential 
  
 = 
  
 GoogleIdTokenCredential 
 . 
 createFrom 
 ( 
 credentialData 
 ); 
  
 // Sign in to Firebase with using the token 
  
 firebaseAuthWithGoogle 
 ( 
 googleIdTokenCredential 
 . 
 getIdToken 
 ()); 
  
 } 
  
 else 
  
 { 
  
 Log 
 . 
 w 
 ( 
 TAG 
 , 
  
 "Credential is not of type Google ID!" 
 ); 
  
 } 
 } 
   GoogleSignInActivity 
 . 
 java

In your sign-in activity's onCreate method, get the shared instance of the FirebaseAuth object:

Kotlin

 private 
  
 lateinit 
  
 var 
  
 auth 
 : 
  
 FirebaseAuth 
 // ... 
 // Initialize Firebase Auth 
 auth 
  
 = 
  
 Firebase 
 . 
 auth  GoogleSignInActivity 
 
 
 . 
 kt

override fun onStart () { super . onStart () // Check if user is signed in (non-null) and update UI accordingly. val currentUser = auth . currentUser updateUI ( currentUser ) }

GoogleSignInActivity . kt

@Override public void onStart () { super . onStart (); // Check if user is signed in (non-null) and update UI accordingly. FirebaseUser currentUser = mAuth . getCurrentUser (); updateUI ( currentUser ); }

GoogleSignInActivity . java

private fun firebaseAuthWithGoogle ( idToken : String ) { val credential = GoogleAuthProvider . getCredential ( idToken , null ) auth . signInWithCredential ( credential ) . addOnCompleteListener ( this ) { task - > if ( task . isSuccessful ) { // Sign in success, update UI with the signed-in user's information Log . d ( TAG , "signInWithCredential:success" ) val user = auth . currentUser updateUI ( user ) } else { // If sign in fails, display a message to the user Log . w ( TAG , "signInWithCredential:failure" , task . exception ) updateUI ( null ) } } }

GoogleSignInActivity . kt

private void firebaseAuthWithGoogle ( String idToken ) { AuthCredential credential = GoogleAuthProvider . getCredential ( idToken , null ); mAuth . signInWithCredential ( credential ) . addOnCompleteListener ( this , task - > { if ( task . isSuccessful ()) { // Sign in success, update UI with the signed-in user's information Log . d ( TAG , "signInWithCredential:success" ); FirebaseUser user = mAuth . getCurrentUser (); updateUI ( user ); } else { // If sign in fails, display a message to the user Log . w ( TAG , "signInWithCredential:failure" , task . getException ()); updateUI ( null ); } }); }

GoogleSignInActivity . java

Next steps

After a user signs in for the first time, a new user account is created and linked to the credentials—that is, the user name and password, phone number, or auth provider information—the user signed in with. This new account is stored as part of your Firebase project, and can be used to identify a user across every app in your project, regardless of how the user signs in.

In your apps, you can get the user's basic profile information from the FirebaseUser object. See Manage Users .

In your Firebase Realtime Database and Cloud Storage Security Rules , you can get the signed-in user's unique user ID from the auth variable, and use it to control what data a user can access.

To sign out a user, call signOut . You also need to clear the current user credential state from all credential providers, as recommended by the Credential Manager documentation :

Kotlin

 private 
  
 fun 
  
 signOut 
 () 
  
 { 
  
 // Firebase sign out 
  
 auth 
 . 
 signOut 
 () 
  
 // When a user signs out, clear the current user credential state from all credential providers. 
  
 lifecycleScope 
 . 
 launch 
  
 { 
  
 try 
  
 { 
  
 val 
  
 clearRequest 
  
 = 
  
 ClearCredentialStateRequest 
 () 
  
 credentialManager 
 . 
 clearCredentialState 
 ( 
 clearRequest 
 ) 
  
 updateUI 
 ( 
 null 
 ) 
  
 } 
  
 catch 
  
 ( 
 e 
 : 
  
 ClearCredentialException 
 ) 
  
 { 
  
 Log 
 . 
 e 
 ( 
 TAG 
 , 
  
 "Couldn't clear user credentials: 
 ${ 
 e 
 . 
 localizedMessage 
 } 
 " 
 ) 
  
 } 
  
 } 
 } 
   GoogleSignInActivity 
 . 
 kt

Java

 private 
  
 void 
  
 signOut 
 () 
  
 { 
  
 // Firebase sign out 
  
 mAuth 
 . 
 signOut 
 (); 
  
 // When a user signs out, clear the current user credential state from all credential providers. 
  
 ClearCredentialStateRequest 
  
 clearRequest 
  
 = 
  
 new 
  
 ClearCredentialStateRequest 
 (); 
  
 credentialManager 
 . 
 clearCredentialStateAsync 
 ( 
  
 clearRequest 
 , 
  
 new 
  
 CancellationSignal 
 (), 
  
 Executors 
 . 
 newSingleThreadExecutor 
 (), 
  
 new 
  
 CredentialManagerCallback 
<> () 
  
 { 
  
 @Override 
  
 public 
  
 void 
  
 onResult 
 ( 
 @NonNull 
  
 Void 
  
 result 
 ) 
  
 { 
  
 updateUI 
 ( 
 null 
 ); 
  
 } 
  
 @Override 
  
 public 
  
 void 
  
 onError 
 ( 
 @NonNull 
  
 ClearCredentialException 
  
 e 
 ) 
  
 { 
  
 Log 
 . 
 e 
 ( 
 TAG 
 , 
  
 "Couldn't clear user credentials: " 
  
 + 
  
 e 
 . 
 getLocalizedMessage 
 ()); 
  
 } 
  
 }); 
 } 
   GoogleSignInActivity 
 . 
 java

Except as otherwise noted, the content of this page is licensed under the Creative Commons Attribution 4.0 License , and code samples are licensed under the Apache 2.0 License . For details, see the Google Developers Site Policies . Java is a registered trademark of Oracle and/or its affiliates.

Last updated 2025-09-05 UTC.

Authenticate with Google on Android Stay organized with collections Save and categorize content based on your preferences.

Before you begin

Authenticate with Firebase

Kotlin

Java

Kotlin

Java

Kotlin

Java

Kotlin

Java

Kotlin

Java

Next steps

Kotlin

Java

Authenticate with Google on Android