Google Sign-In JS Bridge
The Google Sign-In Bridge lets your website JavaScript trigger native Google authentication on the device and receive the signed-in user's profile back — without any redirect, browser tab, or PKCE flow.
This is useful when your website cannot complete the Google Sign-In flow on its own inside the app (for example, single-page apps, custom auth libraries, or AI-built platforms like Lovable and Bolt that use a managed OAuth flow).
For a general introduction to the JavaScript Bridge, see the Overview article.
Prerequisites
Before the JS Bridge can trigger Google Sign-In, you must configure the Google Sign-In module in your Appilix dashboard:
- Go to your app's Integration Modules and enable Google Sign-In.
- Enter the Android Client ID (and/or iOS Client ID) generated from Google Cloud Console for your app.
The JS Bridge will not work if the Android/iOS Client ID is not configured in the dashboard. See the Google Sign-In settings article for how to obtain and enter these credentials.
Triggering Sign-In
Call appilix.postMessage with type: "google_sign_in" to open the native Google account picker on the device:
appilix.postMessage(JSON.stringify({
type: "google_sign_in",
props: {
web_client_id: "WEB_CLIENT_ID", // optional if already set in dashboard module settings
scope: "email profile", // optional — defaults to "email profile"
response_type: "code", // optional — "code" | "id_token"
}
}));Props reference:
| Prop | Required | Description |
|---|---|---|
scope | No | OAuth scopes to request, space-separated. Defaults to email profile. |
web_client_id | No | Your website's Web OAuth Client ID from Google Cloud Console. Can be omitted if already entered in the dashboard Integration Modules settings. Required here if not set there, or when using response_type. |
response_type | No | "code" returns a server auth code your backend can exchange for tokens. "id_token" returns a signed JWT your backend can verify. Only valid when web_client_id is provided. |
Receiving the Response
Set appilix.onmessage before or immediately after triggering sign-in. The app calls it once with the result:
appilix.onmessage = function(event) {
const data = JSON.parse(event.data);
if (data.type !== "google_sign_in") return;
appilix.onmessage = null; // Remove listener after handling
if (data.response.error) {
console.error("Google Sign-In failed:", data.response.error);
return;
}
console.log("Signed in:", data.response);
// data.response.email, .name, .picture, .id, .code, .id_token
};Response fields:
| Field | Description |
|---|---|
email | User's Google account email address |
name | User's display name |
picture | URL of the user's Google profile photo |
id | Stable Google account ID |
code | Server auth code — present when response_type: "code". Exchange on your backend via https://oauth2.googleapis.com/token. |
id_token | Signed JWT — always present. Verify on your backend using Google's public keys. |
error | Error message string on failure, null on success. |
Complete Example
function signInWithGoogle() {
if (typeof appilix === 'undefined') return; // only runs inside the app
appilix.onmessage = function(event) {
const data = JSON.parse(event.data);
if (data.type !== "google_sign_in") return;
appilix.onmessage = null;
if (data.response.error) {
console.error("Sign-in error:", data.response.error);
return;
}
const { email, name, picture, code } = data.response;
// Send the auth code to your backend for token exchange
fetch("/auth/google/callback", {
method: "POST",
headers: { "Content-Type": "application/json" },
body: JSON.stringify({ code, email, name, picture })
})
.then(res => res.json())
.then(result => {
if (result.success) window.location.href = "/dashboard";
});
};
appilix.postMessage(JSON.stringify({
type: "google_sign_in",
props: {
web_client_id: "YOUR_WEB_CLIENT_ID",
scope: "email profile",
response_type: "code"
}
}));
}When to Use This
Use the JS Bridge flow when:
- Your website uses a managed OAuth flow (Lovable, Bolt, Supabase Auth, Firebase Auth, etc.) that Appilix cannot intercept automatically.
- Your website is a single-page app where there is no page reload to complete a redirect-based flow.
- You need an auth code (server-side token exchange) rather than just the user's profile.
For websites where the automatic sign-in flow already works, the JS Bridge is not required. See the Google Sign-In settings article for the standard setup.