Discontinuing authorization support for the Google Sign-In JavaScript Platform Library

MAR 01, 2022

Posted by Brian Daugherty, Product Solutions Engineer

Last year, we announced our plan to deprecate the Google Sign-In JavaScript Platform Library for web applications.

On March 31, 2023 we will fully retire the Google Sign-In JavaScript Platform Library and would like to remind you to check if this affects your web application, and if necessary, to plan for a migration.

Beginning April 30th, 2022 new applications must use the Google Identity Services library, existing apps may continue using the Platform Library until the deprecation date.

What does this mean for you?

Are you affected?

To protect users' personal information across the web, Google continues to make signing into apps and services secure by default. Delivering on this promise, we announced Google Identity Services, our family of Identity APIs that consolidate multiple identity offerings under one software development kit (SDK). Recently, we released an update to the Google Identity Services library, adding user authorization and data sharing features based on OAuth 2.0. Due to numerous security and privacy improvements, the new Identity Services library is not fully backward compatible with all features and functionality found in the older Platform Library, and so a migration to the new library and code changes are necessary.

The deprecation applies to web apps loading the Google Sign-In JavaScript Platform Library and apps using the Google API Client Library for JavaScript with access tokens.

If your web pages use the apis.google.com/js/api.js or apis.google.com/js/client.js JavaScript modules to load the Platform Library, you are affected and need to update your existing implementation to use the new Identity Services client library.

Web applications using gapi.client from the Google API Client Library implicitly load and use the Platform Library’s soon to be deprecated gapi.auth2 module when working with access tokens to call Google APIs. Updates to your web app to explicitly include the new Identity Services library, manage access token requests, and replace auth2 module references with newer equivalent methods are necessary.

Your full suite of apps and platforms may be using different methods of authentication and authorization from Google. The following are NOT affected by this deprecation announcement:

Migration

Authorization and authentication functionalities are clearly separated in the new Identity Services library.

There are two guides to help you with migration:

(1) migrate to Google Identity Services for user authorization and obtaining access tokens for use with Google APIs, and

(2) migrating from Google Sign-In for user authentication and sign-in.

Your web application may use both authorization (to call Google APIs), and authentication (to manage user sign-in to your app). If this is the case, you’ll need to follow both migration guides to ensure separation of user authorization and authentication flows in your web application.

The migration guides are written to help you understand how the new Identity Services library differs from prior libraries, what these changes are, how to separate authentication from authorization, and how these changes affect both your users and your codebase.

Changes and benefits

Migration to our new Identity Services library includes a number of changes and benefits:

This is a brief summary of privacy, security, and usability changes found in the new Identity Services library, additional detail is available in the migration guides.

How to get help

Visit our developer site for more information and check out the google-oauth tag on Stack Overflow for technical assistance. You can also offer your suggestions and feedback by sending an email to gis-migration-feedback@google.com.