Federated identity & social sign-in
Social authentication is a multi-step authentication flow, allowing you to sign a user into an account or linkthem with an existing one.
Both native platforms and web support creating a credential which can then be passed to thesignInWithCredentialorlinkWithCredential methods. Alternatively on web platforms, you can trigger the authentication process viaa popup or redirect.
Most configuration is already setup when using Google Sign-In with Firebase, however you need to ensure your machine'sSHA1 key has been configured for use with Android. You can see how to generate the key in theauthentication documentation.
Ensure the "Google" sign-in provider is enabled on theFirebase Console.
If your user signs in with Google, after having already manually registered an account, their authentication provider will automaticallychange to Google, due to Firebase Authentications concept of trusted providers. You can find out more aboutthishere.
iOS+ and Android
On native platforms, a 3rd party library is required to trigger the authentication flow.
Install the officialgoogle_sign_in plugin.
Once installed, trigger the sign-in flow and create a new credential:
import'package:google_sign_in/google_sign_in.dart';Future<UserCredential>signInWithGoogle()async{// Trigger the authentication flowfinalGoogleSignInAccount?googleUser=awaitGoogleSignIn.instance.authenticate();// Obtain the auth details from the requestfinalGoogleSignInAuthenticationgoogleAuth=googleUser.authentication;// Create a new credentialfinalcredential=GoogleAuthProvider.credential(idToken:googleAuth.idToken);// Once signed in, return the UserCredentialreturnawaitFirebaseAuth.instance.signInWithCredential(credential);}Web
On the web, the Firebase SDK provides support for automatically handling the authentication flow using your Firebase project. For example:
Create a Google auth provider, providing any additionalpermission scopeyou wish to obtain from the user:
GoogleAuthProvidergoogleProvider=GoogleAuthProvider();googleProvider.addScope('https://www.googleapis.com/auth/contacts.readonly');googleProvider.setCustomParameters({'login_hint':'user@example.com'});Provide the credential to thesignInWithPopup method. This will trigger a newwindow to appear prompting the user to sign-in to your project. Alternatively you can usesignInWithRedirect to keep theauthentication process in the same window.
Future<UserCredential>signInWithGoogle()async{// Create a new providerGoogleAuthProvidergoogleProvider=GoogleAuthProvider();googleProvider.addScope('https://www.googleapis.com/auth/contacts.readonly');googleProvider.setCustomParameters({'login_hint':'user@example.com'});// Once signed in, return the UserCredentialreturnawaitFirebaseAuth.instance.signInWithPopup(googleProvider);// Or use signInWithRedirect// return await FirebaseAuth.instance.signInWithRedirect(googleProvider);}Google Play Games (Android only)
Ensure the "Play Games" sign-in provider is enabled on theFirebase Console.Follow these instructions forPlay Games Firebase project set-up.
Follow theseinstructions for configuring Play Games serviceswith your Firebase app.
Android
Future<void>_signInWithPlayGames()async{// Get server auth code from 3rd party provider// See PR description for details on how you might get the server auth code:// https://github.com/firebase/flutterfire/pull/12201#issue-2100392487finalserverAuthCode='...';finalplayGamesCredential=PlayGamesAuthProvider.credential(serverAuthCode:serverAuthCode);awaitFirebaseAuth.instance.signInWithCredential(playGamesCredential);}Before getting started setup yourFacebook Developer App and follow the setup process to enable Facebook Login.
Ensure the "Facebook" sign-in provider is enabled on theFirebase Console.with the Facebook App ID and Secret set.
iOS+ and Android
On native platforms, a 3rd party library is required to both install the Facebook SDK and trigger the authentication flow.
Install theflutter_facebook_auth plugin.
You will need to follow the steps in the plugin documentation to ensure that both the Android & iOS Facebook SDKs have been initializedcorrectly. Once complete, trigger the sign-in flow, create a Facebook credential and sign the user in:
import'package:flutter_facebook_auth/flutter_facebook_auth.dart';Future<UserCredential>signInWithFacebook()async{// Trigger the sign-in flowfinalLoginResultloginResult=awaitFacebookAuth.instance.login();// Create a credential from the access tokenfinalOAuthCredentialfacebookAuthCredential=FacebookAuthProvider.credential(loginResult.accessToken.token);// Once signed in, return the UserCredentialreturnFirebaseAuth.instance.signInWithCredential(facebookAuthCredential);}Web
On the web, the Firebase SDK provides support for automatically handling the authentication flow using theFacebook application details provided on the Firebase console. For example:
Create a Facebook provider, providing any additionalpermission scopeyou wish to obtain from the user.
Ensure that the OAuth redirect URI from the Firebase console is added as a valid OAuth Redirect URIin your Facebook App.
FacebookAuthProviderfacebookProvider=FacebookAuthProvider();facebookProvider.addScope('email');facebookProvider.setCustomParameters({'display':'popup',});Provide the credential to thesignInWithPopup method. This will trigger a newwindow to appear prompting the user to sign-in to your Facebook application:
Future<UserCredential>signInWithFacebook()async{// Create a new providerFacebookAuthProviderfacebookProvider=FacebookAuthProvider();facebookProvider.addScope('email');facebookProvider.setCustomParameters({'display':'popup',});// Once signed in, return the UserCredentialreturnawaitFirebaseAuth.instance.signInWithPopup(facebookProvider);// Or use signInWithRedirect// return await FirebaseAuth.instance.signInWithRedirect(facebookProvider);}User.isEmailVerified propertytotrue if your user logs in with Facebook. Should your user login using a provider that verifies email (e.g. Google sign-in) then this will be set to true.For further information, see thisissue.Apple
iOS+
Before you begin,configure Sign In with Appleandenable Apple as a sign-in provider.
Next, make sure that yourRunner apps have the "Sign in with Apple" capability.
Android
Before you begin,configure Sign In with Appleandenable Apple as a sign-in provider.
Web
Before you begin,configure Sign In with Appleandenable Apple as a sign-in provider.
import'package:firebase_auth/firebase_auth.dart';Future<UserCredential>signInWithApple()async{finalappleProvider=AppleAuthProvider();if(kIsWeb){awaitFirebaseAuth.instance.signInWithPopup(appleProvider);}else{awaitFirebaseAuth.instance.signInWithProvider(appleProvider);}}Apple platform sign-in only
Apple sign-in on iOS+ platforms can also be achieved with the following method:
// Implement a function that generates a nonce. See iOS documentation for how to create a nonce:// https://firebase.google.com/docs/auth/ios/apple#sign_in_with_apple_and_authenticate_with_firebaseStringrawNonce=createNonce();// Create a SHA-256 hash of the nonce. Consider using the `crypto` package from the pub.dev registry.StringhashSHA256String=createHashSHA256String(rawNonce);// Use the hash of the nonce to get the idToken. Consider using the `sign_in_with_apple` plugin from the pub.dev registry.StringidToken=awaitgetIdToken();finalfullName=AppleFullPersonName(familyName:'Name',givenName:'Your',);// Use the `rawNonce` and `idToken` to get the credentialfinalcredential=AppleAuthProvider.credentialWithIDToken(idToken,rawNonce,fullName,);awaitFirebaseAuth.instance.signInWithCredential(credential);Revoke Apple auth tokens
Apple sign-in on Apple platforms returns an authorization code that can be usedto revoke the Apple auth token using therevokeTokenWithAuthorizationCode()API.
import'package:firebase_auth/firebase_auth.dart';Future<UserCredential>signInWithApple()async{finalappleProvider=AppleAuthProvider();UserCredentialuserCredential=awaitFirebaseAuth.instance.signInWithPopup(appleProvider);// Keep the authorization code returned from Apple platformsString?authCode=userCredential.additionalUserInfo?.authorizationCode;// Revoke Apple auth tokenawaitFirebaseAuth.instance.revokeTokenWithAuthorizationCode(authCode!);}Apple Game Center (Apple only)
Ensure the "Game Center" sign-in provider is enabled on theFirebase Console.Follow these instructions forGame Center Firebase project set-up.
You will need to login with Game Center before a Firebase Game Center credential can be issued and logged in via Firebase.Here are some instructionson how that can be achieved.
iOS+
Future<void>_signInWithGameCenter()async{finalcredential=GameCenterAuthProvider.credential();awaitFirebaseAuth.instance.signInWithCredential(credential);}Microsoft
iOS+
Before you beginconfigure Microsoft Login for iOS and add thecustom URL schemesto your Runner (step 1).
Android
Before you beginconfigure Microsoft Login for Android.
Don't forget to add your app's SHA-1 fingerprint.
Web
Before you beginconfigure Microsoft Login for Web.
import'package:firebase_auth/firebase_auth.dart';Future<UserCredential>signInWithMicrosoft()async{finalmicrosoftProvider=MicrosoftAuthProvider();if(kIsWeb){awaitFirebaseAuth.instance.signInWithPopup(microsoftProvider);}else{awaitFirebaseAuth.instance.signInWithProvider(microsoftProvider);}}Ensure the "Twitter" sign-in provider is enabled on theFirebase Consolewith an API Key and API Secret set. Ensure your Firebase OAuth redirect URI (e.g. my-app-12345.firebaseapp.com/__/auth/handler)is set as your Authorization callback URL in your app's settings page on yourTwitter app's config.
You also might need to request elevatedAPI access depending on your app.
iOS+
You need to configure your custom URL scheme asdescribed in iOS guide step 1.
Android
If you haven't yet specified your app's SHA-1 fingerprint, do so from theSettings pageof the Firebase console. Refer toAuthenticating Your Client for details on how to get your app's SHA-1 fingerprint.
Web
Works out of the box.
import'package:firebase_auth/firebase_auth.dart';Future<void>_signInWithTwitter()async{TwitterAuthProvidertwitterProvider=TwitterAuthProvider();if(kIsWeb){awaitFirebaseAuth.instance.signInWithPopup(twitterProvider);}else{awaitFirebaseAuth.instance.signInWithProvider(twitterProvider);}}GitHub
Ensure that you have setup an OAuth App from yourGitHub Developer Settings andthat the "GitHub" sign-in provider is enabled on theFirebase Consolewith the Client ID and Secret are set, with the callback URL set in the GitHub app.
iOS+ and Android
For native platforms, you need to add thegoogle-services.json andGoogleService-Info.plist.
For iOS, add the custom URL scheme asdescribed on the iOS guide step 1.
Future<UserCredential>signInWithGitHub()async{// Create a new providerGithubAuthProvidergithubProvider=GithubAuthProvider();returnawaitFirebaseAuth.instance.signInWithProvider(githubProvider);}Web
On the web, the GitHub SDK provides support for automatically handling the authentication flow using theGitHub application details provided on the Firebase console. Ensure that the callback URL in the Firebase console is addedas a callback URL in your GitHub application on the developer console.
For example:
Create a GitHub provider and provide the credential to thesignInWithPopup method. This will trigger a newwindow to appear prompting the user to sign-in to your GitHub application:
Future<UserCredential>signInWithGitHub()async{// Create a new providerGithubAuthProvidergithubProvider=GithubAuthProvider();// Once signed in, return the UserCredentialreturnawaitFirebaseAuth.instance.signInWithPopup(githubProvider);// Or use signInWithRedirect// return await FirebaseAuth.instance.signInWithRedirect(githubProvider);}Yahoo
Ensure the "Yahoo" sign-in provider is enabled on theFirebase Consolewith an API Key and API Secret set. Also make sure your Firebase OAuth redirect URI (e.g. my-app-12345.firebaseapp.com/__/auth/handler)is set as a redirect URI in your app's Yahoo Developer Network configuration.
iOS+
Before you begin,configure Yahoo Login for iOS and add thecustom URL schemesto your Runner (step 1).
Android
Before you begin,configure Yahoo Login for Android.
Don't forget to add your app's SHA-1 fingerprint.
Web
Works out of the box.
import'package:firebase_auth/firebase_auth.dart';Future<UserCredential>signInWithYahoo()async{finalyahooProvider=YahooAuthProvider();if(kIsWeb){await_auth.signInWithPopup(yahooProvider);}else{await_auth.signInWithProvider(yahooProvider);}}Using the OAuth access token
By using an AuthProvider, you can retrieve the access token associated with the providerby making the following request.
finalappleProvider=AppleAuthProvider();finaluser=awaitFirebaseAuth.instance.signInWithProvider(appleProvider);finalaccessToken=user.credential?.accessToken;// You can send requests with the `accessToken`Linking an Authentication Provider
If you want to link a provider to a current user, you can use the following method:
awaitFirebaseAuth.instance.signInAnonymously();finalappleProvider=AppleAuthProvider();if(kIsWeb){awaitFirebaseAuth.instance.currentUser?.linkWithPopup(appleProvider);// You can also use `linkWithRedirect`}else{awaitFirebaseAuth.instance.currentUser?.linkWithProvider(appleProvider);}// You're anonymous user is now upgraded to be able to connect with Sign In With AppleReauthenticate with provider
The same pattern can be used withreauthenticateWithProvider which can be used to retrieve freshcredentials for sensitive operations that require recent login.
finalappleProvider=AppleAuthProvider();if(kIsWeb){awaitFirebaseAuth.instance.currentUser?.reauthenticateWithPopup(appleProvider);// Or you can reauthenticate with a redirection// await FirebaseAuth.instance.currentUser?.reauthenticateWithRedirect(appleProvider);}else{awaitFirebaseAuth.instance.currentUser?.reauthenticateWithProvider(appleProvider);}// You can now perform sensitive operationsExcept as otherwise noted, the content of this page is licensed under theCreative Commons Attribution 4.0 License, and code samples are licensed under theApache 2.0 License. For details, see theGoogle Developers Site Policies. Java is a registered trademark of Oracle and/or its affiliates.
Last updated 2025-10-29 UTC.