software

Flutter Google Sign-In with google_sign_in 7: Understanding the New Authentication Flow

Published: (March 9, 2026 at 10:29 PM EDT)
3 min read
Source: Dev.to

Source: Dev.to

Changes in google_sign_in ^7.0.0

Starting with google_sign_in ^7.0.0, the plugin underwent a major refactor to support the Android Credential Manager and modern Google Identity Services. This introduced several breaking changes that move away from the traditional “all‑in‑one” signIn() method. If you recently upgraded your Flutter project, you may encounter compilation errors or unexpected behavior such as:

  • GoogleSignIn() constructor no longer exists
  • signIn() method is removed
  • accessToken missing from GoogleSignInAuthentication
  • Account picker not appearing unless initialize() is called

These changes stem from an architectural shift where authentication and authorization are now handled separately.

Fix 1 — GoogleSignIn Constructor Removed (Singleton Pattern)

The GoogleSignIn class no longer allows direct instantiation with GoogleSignIn().
Use the singleton instance instead:

final googleSignIn = GoogleSignIn.instance;

Fix 2 — Initialization Is Now Mandatory

Initialization must be performed exactly once before using the plugin. Call it during app startup (e.g., in main() or your authentication service initialization):

await GoogleSignIn.instance.initialize();

Skipping this step may prevent the authentication sheet from appearing.

Fix 3 — signIn() Replaced by authenticate()

The old signIn() method has been replaced by authenticate(), which triggers the new system‑level account picker / Credential Manager sheet on supported Android versions:

final GoogleSignInAccount googleUser =
    await GoogleSignIn.instance.authenticate();

Fix 4 — accessToken Missing (Authentication vs. Authorization)

Google has separated authentication (who the user is) from authorization (what permissions the app has). After calling authenticate(), you can obtain the idToken via googleUser.authentication, but the accessToken is no longer returned automatically. Request it explicitly by authorizing the required scopes:

final clientAuth = await googleUser.authorizationClient
    .authorizeScopes(['email', 'profile']);

Example: Sign‑in with Google and Firebase

If you need both tokens (e.g., for Firebase), use the following pattern:

Future signInWithGoogle() async {
  // 1. Ensure initialization
  final googleSignIn = GoogleSignIn.instance;
  await googleSignIn.initialize();

  // 2. Authentication (Identity)
  final GoogleSignInAccount googleUser =
      await googleSignIn.authenticate();

  // 3. Authorization (Permissions)
  final List scopes = ['email', 'profile'];
  final clientAuth =
      await googleUser.authorizationClient.authorizeScopes(scopes);

  // 4. Create Firebase Credential
  final credential = GoogleAuthProvider.credential(
    idToken: googleUser.authentication.idToken,
    accessToken: clientAuth.accessToken,
  );

  // 5. Sign in to Firebase
  return await FirebaseAuth.instance.signInWithCredential(credential);
}

Important: Call GoogleSignIn.instance.initialize() once during app startup before invoking signInWithGoogle().

Final Thoughts

The new google_sign_in API can feel confusing at first because many familiar methods were removed or redesigned. Understanding the separation between authentication and authorization clarifies the new flow and aligns the plugin with modern identity systems. Hopefully this guide saves you debugging time.

0 views
#flutter #google_sign_in #authentication #android-credential-manager #google-identity-services #migration #sign-in #mobile-development #plugin
View source
Share:
Back to Blog

Related posts

Read more »

Authentication vs Authorization

Authentication Authentication is about confirming a user's identity. It is the process the system uses to verify that you are who you claim to be. A common exa...