How to Implement Sign-in with Google in Angular and a REST API

How to Implement Sign-in with Google in Angular and a REST API

A few weeks ago, I demonstrated how to implement Sign in with Facebook with a REST API. Today, I will show you how to Sign-in with Google in Angular 5 with a REST API involved. We will use PHP at the backend, but this will work with any backend language you are totally comfortable with.

To put it simply, your Angular App will request a token from Google OAuth Servers and then send the token to the REST API. The REST API will then validate the token against Google Servers (Never Trust Anything from the User) and if genuine, Sign-in or create account or do something that needed user to be authenticated. You will also get user profile data from Google including the profile picture which you can store for future reference.

Let’s get started:

Create a Google App and Get API Credentials

The first thing we need is to create Google Project, so that we can get Access Credentials. To do this, you can head over to Google Developer Console and create an account or login with an existing account.

How to Implement Sign-in with Google in Angular and a REST API

First, click on create project button near the top left corner and enter the name for your project and click save. Wait until the project has been created.

Then, select the project you just created and go to the credentials of API and Services for the project by clicking on the menu icon on the top left corner, then select API and Services, and then Credentials. If it’s a new project, you won’t have any credentials on your screen.

There are a few things you need to do here. The first thing is to configure your OAuth Consent Screen. This is the screen users will see with your app name and logo as you ask for permission during the Sign in with Google Process. To configure the OAuth Consent Screen, click on the OAuth Consent Screen Tab (Refer to the image below) and fill in the requested details. The name of the App is mandatory.

How to Implement Sign-in with Google in Angular and a REST API

Next, you need to create OAuth Credentials for your project. You should see a Create Credentials button on the screen, either at the middle of the screen or on top of the Credentials tab, just beneath the toolbar of the window. Click on the Create Credential Button, and select OAuth Client Id option in the drop-down menu that follows.

In the next page, select Web Application from the options under Application Type. Then provide the name of the credentials and click Create button. You might want to restrict the authorized domain names in the restriction section before creating the credentials. Here you will get the Client Id and the Client Secret, store them securely as you will need them for the steps that will follow.

Add Sign-in with Google to your Angular Application

Assuming you have successfully created a project, let’s go on and add a Sign-in with Google button to your angular app. To achieve this, we will use angularx-social-login module. You can install it using NPM or Yarn:

npm install --save angular5-social-login


yarn add angular5-social-login

Then import the Angular Social Login module into your app module as show below:

import { SocialLoginModule, AuthServiceConfig, GoogleLoginProvider } from "angular5-social-login";

Then create a new file socialloginConfig.ts in the root of your project and add a config file for social login:

import { SocialLoginModule,AuthServiceConfig,GoogleLoginProvider } from "angular5-social-login";

export function getAuthServiceConfigs() {
    let config = new AuthServiceConfig([{
        id: GoogleLoginProvider.PROVIDER_ID,
        provider: new GoogleLoginProvider("<GoogleClientIdJHere>")
    return config;

NB: Replace the GoogleClientIdHere with your client id from the Google Project you created in the first step.

Then import getAuthServiceConfigs into your app modules:

import { getAuthServiceConfigs } from "./socialloginConfig ";

And finally import SocialLoginModule and add providers for SocialLoginModule as show below

  imports: [
  providers: [
  bootstrap: [...]

Add to your Sign In Page

Then, on your sign in component, import the AuthService, GoogleLoginProvider as shown below:

import { AuthService, GoogleLoginProvider } from "angular5-social-login";

And Inject AuthService into your component as shown below:

constructor( private socialAuthServiceAuthService ) {}

Then, add a method to handle Sign-in with Google and a button to your component. The method will look like this:

public signinWithGoogle () {
  let socialPlatformProvider = GoogleLoginProvider.PROVIDER_ID;

    (userData) => { //on success
       //this will return user data from google. What you need is a user token which you will send it to the server

And then add a Sign in with Google button as shown below:

<button (click)=” signinWithGoogle()” >Sign in with Google</button>

The sendToRestApiMethod is a method that will use HTTP to post the data to your REST API. The Token Id (idToken)received from Google should be either a parameter or form data depending on the HTTP method you use to send the data to the server. Here is an example:

sendToRestApiMethod(token: string) : void {“url to google login in your rest api”, { token: token } }
     .subscribe(onSuccess => {
      //login was successful
      //save the token that you got from your REST API in your preferred location i.e. as a Cookie or LocalStorage as you do with normal login
    }, onFail => {
       //login was unsuccessful
       //show an error message

Integrating with your REST API

My REST API will be using PHP, but you can use any language you are comfortable with. For further and detailed tutorials for other language am not covering, visit the official documentation from Google here.

First, install PHP Google SDK using composer as shown below (For detailed installation instruction, visit this link):

composer require google/apiclient

Once the installation is complete, go to your login script or method and call the Google OAuth endpoint to verify the Token Id (idToken) and create an account or grant user access to server-side resources or something.

First, initialize the Google SDK as shown below:

$client = new \Google_Client([
   'client_id' => '<GOOGLE CLIENT ID HERE>'

And then send the Token Id (idToken) to the server for verification as shown below:

$payload = $client->verifyIdToken($idToken);

Then, compare the claim aud value with your google client id to ensure that the idToken you got from your app was meant for your client and its valid. If they don’t match, then the token id is not valid. The payload contains personal data from the user, here is what is included in the payload:

   // These six fields are included in all Google ID Tokens.
   "iss": "",
   "sub": "110169484474386276334", //Unique Google Account Id
   "azp": "",
   "aud": "",
   "iat": "1433978353",
   "exp": "1433981953",
   // These seven fields are only included when the user has granted the "profile" and
   // "email" OAuth scopes to the application.
   "email": "[email protected]",
   "email_verified": "true",
   "name" : "Test User",
   "picture": "",
   "given_name": "Test",
   "family_name": "User",
   "locale": "en"

Next, create an account or sign in the user if they already exist. The sub key in the payload is the Account Id and you can use to check if the user already exists. I suggest you generate your own User Id and do not rely with Google unique user id.

Leave a Reply

Your email address will not be published. Required fields are marked *