Skip to main content

Google OAuth

Google Sign-In lets users authenticate with their Google account. It’s widely trusted and many users prefer it for its convenience.
App Store Requirement: If you add Google Sign-In, you must also add Apple Sign In. Your app will be rejected without it. See Apple Sign In for setup and important App Store guidelines.

Overview

Setting up Google OAuth requires configuration in three places:
  1. Google Cloud Console — Create OAuth credentials
  2. Supabase Dashboard — Enable Google as an auth provider
  3. Your App — Configure the redirect URI and use the auth function
Time required: ~20 minutes

Part 1: Google Cloud Console

Step 1: Create a Project (if needed)

1

Open Google Cloud Console

Go to console.cloud.google.comSign in with your Google account
2

Create or select a project

Click the project dropdown at the topClick New Project or select an existing oneGive it a name (e.g., “Your App Name”)
Before creating credentials, you need to configure what users see when they sign in.
1

Open OAuth consent screen

Go to APIs & Services → OAuth consent screenDirect link
2

Select user type

Choose External (unless you’re building for a Google Workspace organization)Click Create
3

Fill in app information

FieldValue
App nameYour app’s name
User support emailYour email
App logoOptional, but recommended
Developer contact emailYour email
Click Save and Continue
4

Scopes

Click Add or Remove ScopesSelect:
  • .../auth/userinfo.email
  • .../auth/userinfo.profile
  • openid
Click Update, then Save and Continue
5

Test users (optional)

While in testing mode, add your email as a test userClick Save and Continue
6

Summary

Review and click Back to Dashboard

Step 3: Create OAuth Credentials

1

Open Credentials

Go to APIs & Services → CredentialsDirect link
2

Create OAuth client ID

Click + Create Credentials → OAuth client ID
3

Configure for iOS

FieldValue
Application typeiOS
NameYour App (iOS)
Bundle IDYour app’s bundle ID (e.g., com.yourcompany.yourapp)
Click Create
4

Save your Client ID

Copy the Client ID — you’ll need this for SupabaseIt looks like: 123456789-abc123def456.apps.googleusercontent.com
5

Create Web client (for Supabase)

Click + Create Credentials → OAuth client ID again
FieldValue
Application typeWeb application
NameYour App (Web)
Authorized redirect URIshttps://YOUR_PROJECT_REF.supabase.co/auth/v1/callback
Click CreateCopy both the Client ID and Client Secret
Keep your Client Secret secure. Never commit it to version control or expose it in client-side code.

Part 2: Supabase Dashboard

Enable Google Provider

1

Open Auth settings

Go to your Supabase project dashboardNavigate to Authentication → Providers
2

Enable Google

Find Google in the list and click to expandToggle Enable Sign in with Google
3

Enter credentials

Use the Web application credentials (not iOS):
FieldValue
Client IDYour Web OAuth Client ID
Client SecretYour Web OAuth Client Secret
4

Save

Click Save

Part 3: App Configuration

Step 1: Update App Config

Update config/app.config.ts: 
auth: {
  mode: 'anonymous', // or 'required'
  providers: {
    apple: true,  // Required if you have Google
    google: true, // Enable Google Sign In
    email: false,
  },
}

Step 2: Configure Redirect URI

In lib/auth.ts, update the scheme in signInWithGoogle() to match your app: 
const redirectUri = makeRedirectUri({
  scheme: 'your-app-scheme', // Must match "scheme" in app.json
});
Your scheme is defined in app.json: 
{
  "expo": {
    "scheme": "your-app-scheme"
  }
}

Step 3: Use in Your App

import { signInWithGoogle } from '@/lib/auth';

try {
  const { user, session } = await signInWithGoogle();
  console.log('Signed in:', user.id);
} catch (error) {
  console.error('Google sign in failed:', error);
}
Or use the pre-built component: 
import { SocialAuthButtons } from '@/components/auth';

<SocialAuthButtons
  showApple={true}
  showGoogle={true}
  onSuccess={() => router.replace('/(main)')}
  onError={(err) => Alert.alert('Error', err.message)}
/>

Testing

Development Build Required

Google OAuth requires a development build — it won’t work in Expo Go. 
eas build --platform ios --profile development

Testing Checklist

  1. Build and install the development build
  2. Tap “Sign in with Google”
  3. Browser opens with Google’s sign-in page
  4. Sign in with a test user account
  5. You’re redirected back to the app
  6. User is authenticated

Troubleshooting

The redirect URI in Google Console must exactly match what your app sends.
  • Check the redirect URI in Credentials → Web client → Authorized redirect URIs
  • It should be: https://YOUR_PROJECT_REF.supabase.co/auth/v1/callback
  • No trailing slash, exact case match
  • If using External user type, ensure your Google account is added as a test user
  • Or publish your OAuth consent screen to production
  • Check your app scheme matches in app.json and the auth code
  • Ensure you’re using a development build, not Expo Go
  • Verify you’re using the Web client credentials in Supabase (not iOS)
  • Double-check the Client ID and Client Secret are correct

Publishing to Production

Before launching your app:
1

Publish OAuth consent screen

Go to OAuth consent screen in Google Cloud ConsoleClick Publish AppThis removes the “test user” restriction
2

Verify your app (optional)

If you’re requesting sensitive scopes, Google may require verificationFor basic profile/email scopes, this is usually not required

Next Steps

Apple Sign In

Required if you offer Google Sign-In

Email + Password

Add traditional email authentication