After a lot of research online I’ve decided to ask for help here. I’m trying to setup Google Sign In in my Android App and am struggling a bit with it. I don’t want to use Universal Login or the Lock library, all I’m trying to do is to implement the google sign in flow in a similar fashion to what I’ve done with the Facebook social sign in, with my own custom Ui with a button for each social identity provider (Facebook and Google)
I’ve followed Google official instructions (Integrating Google Sign-In into Your Android App) and managed to authenticate with Google in my app and get a b hold of the “idToken”. I was expecting to send this “idToken” to auth using the Auth0 AuthenticationAPIClient APIs, to exchange it for Auth0 credentials to use in my backend.
I’ve followed the instructions here (Connect Apps to Google) and managed to generate an OAuth Client Id (Web Application client ID) and have also set up the Google social connection in Auth0. I’ve tested it and it’s working.
I tried to exchange the google “idToken” by Auth credentials using
AuthenticationAPIClient.loginWithOAuthAccessToken(oauthToken, auth0ConnectionName) method (which calls the /oauth/access_token endpoint), but i keep getting a 404 error. Checking the docs, it says that this is a legacy API, and should not be used as it’s not available for new tenants since 2017. (Authentication API Explorer)
I’ve then tried to use the same API I’m using for Facebook login:
AuthenticationAPIClient.loginWithNativeSocialToken(subject_token, subject_token_type), but the problem here is that I couldn’t find any information about what should I pass as “subject_token_type” in the case of Google being the social identity provider. I did some more research and found this answer in the community forum:
It seems that as of Aug 2020, Google Sign In native flow is not supported by Auth0. Is there a RESTful API I can call directly to accomplish this or does this mean that currently there is no way I can handle the authentication with Google in my App and then obtain Auth0 credentials with some artifact received from Google?
If it’s really not possible to do it this way, what are my options here to provide my users a way to authenticate via Google? Auth0 Universal Login ? Auth0 Lock Library ? Am I correct to assume that using this 2 alternatives means I don’t have to manually implement what’s described here (Integrating Google Sign-In into Your Android App), and they will do everything for me and give me back Auth0 credentials?
This forum thread (Token exchange for native social networks with google using the auth0 API) is also related to my problem, but following the link suggested did not help much as I was still confused about what to do after the social connection was setup and tested.
Thanks in advance for any guidance you can provide.