TypeScript icon, indicating that this package has built-in type declarations

1.6.2 • Public • Published


Handling Google sign-in and sign-out for Vue.js applications.

This package is updated to support detection of disabled cookies. This causes issues when users try to login in incognito mode, and the iframe fails to load. This includes an extra flag, cookiesDisabled to check when the plugin is initializing. An external window is used to grab an authCode instead of the regular iframe in these disabled environments, and is passed back in same method outlined below ($gAuth.getAuthCode()).

Forked repo readme:

npm bundle size GitHub vue-google-oauth2

We support TypeScript and Nuxt. 😎 For Vue3 applications, please refer to here

Front-end Demo


Installation with npm

npm install vue-google-oauth2

Installation with yarn

yarn add vue-google-oauth2


import GAuth from 'vue-google-oauth2'
const gauthOption = {
  clientId: 'CLIENT_ID.apps.googleusercontent.com',
  scope: 'profile email',
  prompt: 'select_account'
Vue.use(GAuth, gauthOption)

Please Don't use plus.login scope. It will be deprecated.

Initialization for Nuxt

  1. creates plug-in file for nuxt

    // plugins/vue-google-oauth2.js
    // file name can be changed to whatever you want
    import Vue from 'vue'
    import GAuth from 'vue-google-oauth2'
    const gauthOption = {
      clientId: 'CLIENT_ID.apps.googleusercontent.com',
      scope: 'profile email',
      prompt: 'select_account'
    Vue.use(GAuth, gauthOption)
  2. adds plugin to nuxt config file

    plugins: [


Property Type Required Description
clientId String Required. The app's client ID, found and created in the Google Developers Console.
scope String Optional. Default value is profile email. Full list of scopes.
prompt String Optional. This value using for authCode. The possible values are select_account or consent. Default value is select_account. To get refresh token from auth code, use consent.
fetch_basic_profile Boolean Optional. If set to true, email profile openid will be automatically added as scope. Default value is true.


Property Description Type
GoogleAuth return of gapi.auth2.getAuthInstance() Object
isAuthorized Whether or not you have auth Boolean
isInit Whether or not api init Boolean
isLoaded Whether or not api init. will be deprecated. Function
signIn function for sign-in Function
getAuthCode function for getting authCode Function
signOut function for sign-out Function


Getting authorization code

The authCode that is being returned is the one-time code that you can send to your backend server, so that the server can exchange for its own access_token and refresh_token.

The access_token and refresh_token can be saved in backend storage for reuse and refresh. In this way, you can avoid exposing your api key or secret key whenever you need to use various google APIs.

const authCode = await this.$gAuth.getAuthCode()
const response = await this.$http.post('http://your-backend-server-api-to-use-authcode', { code: authCode, redirect_uri: 'postmessage' })

: Directly get back the access_token and id_token

const googleUser = await this.$gAuth.signIn()
// googleUser.getId() : Get the user's unique ID string.
// googleUser.getBasicProfile() : Get the user's basic profile information.
// googleUser.getAuthResponse() : Get the response object from the user's auth session. access_token and so on
this.isSignIn = this.$gAuth.isAuthorized

refer to google signIn reference : GoogleUser


Handling Google sign-out

const response = await this.$gAuth.signOut()

Extra - Directly get access_token and refresh_token on Server-side

To get access_token and refresh_token in server side, the data for redirect_uri should be postmessage. postmessage is magic value for redirect_uri to get credentials without actual redirect uri.


curl -d "client_id=YOUR_CLIENT_ID&\
  code=YOUR_AUTH_CODE" https://accounts.google.com/o/oauth2/token

Sample Code

Additional Help


The failure of initialization happens

You can check the brower console to check errors which occur during initialization. The most of errors are from inproper setting of google oauth2 credentials setting in Google Developer Console. After changing the settings, you have to do hard refresh to clear your caches.

Type Errors

Follow the documentation provided here to add $gAuth as a property for preventing lint errors.

Package Sidebar


Weekly Downloads






Unpacked Size

27.4 kB

Total Files


Last publish


  • noahlozevski