Learn

This document describes the authentication flow when using Google OAuth and the Okto React Native SDK. Learn how to implement secure user authentication using Google's OAuth 2.0 system integrated with Okto SDK.

What is Google OAuth Authentication?

Google OAuth 2.0 is an industry-standard protocol for authorization that enables applications to obtain limited access to user accounts on Google services. When using Okto with Google Authentication, you get:

• Secure user authentication using Google's trusted infrastructure
• Access to user profile information (email, name, profile picture)
• Simplified sign-up/sign-in process for users
• Cross-platform compatibility
• Built-in security features like token encryption and automatic session management

Implementation Overview

To implement Google Authentication in your application, you'll need to complete these steps:

1. Set up Google Console Project
   • Web Client ID
   • Android Client ID
   • iOS Client ID
2. Obtain Google ID Token
3. Authenticate with Okto
   • Use the ID token with Okto SDK
   • Pass the token to Okto's authentication method
   • Handle authentication response
   • Manage user session

Authentication Flow

Sequence Diagram

The sequence diagram illustrates the following steps:

1. Client Invokes Google Login

The user's login process begins when your React Native app invokes Google Sign-In using the platform-specific Google Sign-In library.

2. Google OAuth Server Returns ID Token

Upon successful login, the Google OAuth server generates and sends an id_token to your app, confirming the user's identity.

3. Client Invokes Okto React Native SDK Authentication

Your app then calls the loginUsingOAuth method of the Okto SDK, passing the id_token received from Google.

4. Okto React Native SDK Passes ID Token to Okto Servers

The Okto SDK forwards the ID token to the Okto servers for verification.

5. Okto Servers Verify the ID Token

The Okto servers verify the validity of the ID token:

• If the token is verified successfully, the Okto servers check if a user exists with the email associated with the ID token.
• If the user exists, the process continues.
• If the user does not exist, a new user is created.
• If verification fails, the process ends with an error

6. Okto Servers Send Okto Auth Token

Once the ID token is verified and user creation or validation is complete, the Okto servers generate and send an Okto authentication token to the Okto SDK.

7. Okto React Native SDK Returns Auth Token or Error to Client

The Okto SDK returns the Okto authentication token to your React Native app. If an error occurred during verification, the SDK returns an error instead.

Conclusion

This authentication flow ensures a secure and streamlined process by combining Google OAuth with Okto's infrastructure. After the user successfully logs in with Google, Okto handles the verification and user management, returning a unique authentication token to the client. This token can be used to grant access to protected resources or services, all while maintaining user security and a seamless experience.

For detailed implementation instructions, refer to our Login Using OAuth guide.