Dashboard
Updated in v2.5.0

OAuth Providers

Sign in with Google, GitHub, or Apple. On first sign-in, a Koolbase user account is automatically created.

Supported providers

Google

Supported

GitHub

Supported

Apple

Supported

Sign in with Google

Koolbase handles the OAuth flow server-side. Your app opens a browser to the Google auth URL, the user authorises, and Koolbase returns a session.

lib/auth.dartDart
// Step 1: Get the Google auth URL
final authUrl = await Koolbase.auth.getGoogleAuthUrl();

// Step 2: Open in browser
await launchUrl(Uri.parse(authUrl), mode: LaunchMode.externalApplication);

// Step 3: In your deep link handler, extract the code
final code = Uri.parse(incomingLink).queryParameters['code'];

// Step 4: Exchange the code for a session
final session = await Koolbase.auth.signInWithGoogle(code: code!);
print(session.user.email);

Sign in with GitHub

GitHub OAuth follows the same flow as Google. Configure your GitHub OAuth app in the Koolbase dashboard.

lib/auth.dartDart
// Same flow as Google — use provider: 'github'
await Koolbase.auth.oauthLogin(
  provider: 'github',
  token: githubAccessToken,
  email: userEmail,
  name: userName,
);

Sign in with Apple

Sign in with Apple is required by Apple if your app offers any third-party social login. Koolbase verifies the Apple identity token server-side using Apple's JWKS endpoint — no client secret exposed.

Apple requirement

If your iOS app offers Google or GitHub sign-in, Apple requires you to also offer Sign in with Apple. Apps that violate this rule will be rejected from the App Store.

Flutter

Add sign_in_with_apple to your pubspec.yaml then:

lib/auth.dartDart
import 'package:koolbase_flutter/koolbase_flutter.dart';

// KoolbaseAppleAuth handles the full flow
final session = await KoolbaseAppleAuth.signIn();

if (session != null) {
  print('Signed in: ${session['user']['email']}');
}

React Native

Install @invertase/react-native-apple-authentication then:

App.tsxTypeScript
import { KoolbaseAppleAuth } from 'koolbase-react-native';
import { appleAuth } from '@invertase/react-native-apple-authentication';

const session = await KoolbaseAppleAuth.signIn(async () => {
  return await appleAuth.performRequest({
    requestedOperation: appleAuth.Operation.LOGIN,
    requestedScopes: [appleAuth.Scope.EMAIL, appleAuth.Scope.FULL_NAME],
  });
});

How Apple verification works

When a user signs in with Apple, your app receives an identity token (JWT). Koolbase verifies this token server-side using Apple's public JWKS keys — no private key is ever exposed to the client. The user's Apple ID and email are extracted and a Koolbase session is created automatically.

Private email relay

Apple allows users to hide their real email. In this case, Apple provides a relay address ending in @privaterelay.appleid.com. Koolbase handles this automatically — the relay address is used as the user's email.

Account linking

If a user with the same email already exists, signing in with any OAuth provider will link to the existing account. The user can then sign in with either method. Linking is based on email address.

API reference

MethodDescription
KoolbaseAppleAuth.signIn()Sign in with Apple — Flutter
KoolbaseAppleAuth.signIn(getCredential)Sign in with Apple — React Native
Koolbase.auth.oauthLogin(provider, token, email, name)Generic OAuth login for any provider

Previous

Password Reset

Next

Phone + OTP