Build a custom flow for authenticating with OAuth connections
Before you start
You must configure your application instance through the Clerk Dashboard for the social connection(s) that you want to use. Visit the appropriate guide for your platform to learn how to configure your instance.
Create the sign-up and sign-in flow
The following example will both sign up and sign in users, eliminating the need for a separate sign-up page. However, if you want to have separate sign-up and sign-in pages, the sign-up and sign-in flows are equivalent, meaning that all you have to do is swap out the SignIn
object for the SignUp
object using the useSignUp()
hook.
The following example:
- Accesses the
SignIn
object using theuseSignIn()
hook. - Starts the authentication process by calling
SignIn.authenticateWithRedirect(params)
. This method requires aredirectUrl
param, which is the URL that the browser will be redirected to once the user authenticates with the identity provider. - Creates a route at the URL that the
redirectUrl
param points to. The following example names this route/sso-callback
. This route should either render the prebuilt<AuthenticateWithRedirectCallback/>
component or call theClerk.handleRedirectCallback()
method if you're not using the prebuilt component.
The following example shows two files:
- The sign-in page where the user can start the authentication flow.
- The SSO callback page where the flow is completed.
'use client'
import * as React from 'react'
import { OAuthStrategy } from '@clerk/types'
import { useSignIn } from '@clerk/nextjs'
export default function OauthSignIn() {
const { signIn } = useSignIn()
if (!signIn) return null
const signInWith = (strategy: OAuthStrategy) => {
return signIn
.authenticateWithRedirect({
strategy,
redirectUrl: '/sign-up/sso-callback',
redirectUrlComplete: '/',
})
.then((res) => {
console.log(res)
})
.catch((err: any) => {
// See https://clerk.com/docs/custom-flows/error-handling
// for more info on error handling
console.log(err.errors)
console.error(err, null, 2)
})
}
// Render a button for each supported OAuth provider
// you want to add to your app. This example uses only Google.
return (
<div>
<button onClick={() => signInWith('oauth_google')}>Sign in with Google</button>
</div>
)
}
import { AuthenticateWithRedirectCallback } from '@clerk/nextjs'
export default function SSOCallback() {
// Handle the redirect flow by calling the Clerk.handleRedirectCallback() method
// or rendering the prebuilt <AuthenticateWithRedirectCallback/> component.
// This is the final step in the custom OAuth flow.
return <AuthenticateWithRedirectCallback />
}
The following example will both sign up and sign in users, eliminating the need for a separate sign-up page.
The following example:
- Uses the
useSSO()
hook to access thestartSSOFlow()
method. - Calls the
startSSOFlow()
method with thestrategy
param set tooauth_google
, but you can use any of the supported OAuth strategies. The optionalredirect_url
param is also set in order to redirect the user once they finish the authentication flow.- If authentication is successful, the
setActive()
method is called to set the active session with the newcreatedSessionId
. - If authentication is not successful, you can handle the missing requirements, such as MFA, using the
signIn
orsignUp
object returned fromstartSSOFlow()
, depending on if the user is signing in or signing up. These objects include properties, likestatus
, that can be used to determine the next steps. See the respective linked references for more information.
- If authentication is successful, the
import React, { useCallback, useEffect } from 'react'
import * as WebBrowser from 'expo-web-browser'
import * as AuthSession from 'expo-auth-session'
import { useSSO } from '@clerk/clerk-expo'
import { View, Button } from 'react-native'
export const useWarmUpBrowser = () => {
useEffect(() => {
// Preloads the browser for Android devices to reduce authentication load time
// See: https://docs.expo.dev/guides/authentication/#improving-user-experience
void WebBrowser.warmUpAsync()
return () => {
// Cleanup: closes browser when component unmounts
void WebBrowser.coolDownAsync()
}
}, [])
}
// Handle any pending authentication sessions
WebBrowser.maybeCompleteAuthSession()
export default function Page() {
useWarmUpBrowser()
// Use the `useSSO()` hook to access the `startSSOFlow()` method
const { startSSOFlow } = useSSO()
const onPress = useCallback(async () => {
try {
// Start the authentication process by calling `startSSOFlow()`
const { createdSessionId, setActive, signIn, signUp } = await startSSOFlow({
strategy: 'oauth_google',
// Defaults to current path
redirectUrl: AuthSession.makeRedirectUri(),
})
// If sign in was successful, set the active session
if (createdSessionId) {
setActive!({ session: createdSessionId })
} else {
// If there is no `createdSessionId`,
// there are missing requirements, such as MFA
// Use the `signIn` or `signUp` returned from `startSSOFlow`
// to handle next steps
}
} catch (err) {
// See https://clerk.com/docs/custom-flows/error-handling
// for more info on error handling
console.error(JSON.stringify(err, null, 2))
}
}, [])
return (
<View>
<Button title="Sign in with Google" onPress={onPress} />
</View>
)
}
import SwiftUI
import Clerk
struct OAuthView: View {
var body: some View {
// Render a button for each supported OAuth provider
// you want to add to your app. This example uses only Google.
Button("Sign In with Google") {
Task { await signInWithOAuth(provider: .google) }
}
}
}
extension OAuthView {
func signInWithOAuth(provider: OAuthProvider) async {
do {
// Start the sign-in process using the selected OAuth provider.
let result = try await SignIn.authenticateWithRedirect(strategy: .oauth(provider: provider))
// It is common for users who are authenticating with OAuth to use
// a sign-in button when they mean to sign-up, and vice versa.
// Clerk will handle this transfer for you if possible.
// Therefore, a TransferFlowResult can be either a SignIn or SignUp.
switch result {
case .signIn(let signIn):
switch signIn.status {
case .complete:
// If sign-in process is complete, navigate the user as needed.
dump(Clerk.shared.session)
default:
// If the status is not complete, check why. User may need to
// complete further steps.
dump(signIn.status)
}
case .signUp(let signUp):
switch signUp.status {
case .complete:
// If sign-up process is complete, navigate the user as needed.
dump(Clerk.shared.session)
default:
// If the status is not complete, check why. User may need to
// complete further steps.
dump(signUp.status)
}
}
} catch {
// See https://clerk.com/docs/custom-flows/error-handling
// for more info on error handling.
dump(error)
}
}
}
Feedback
Last updated on