To migrate your app from Google+ Sign-In to Google Sign-In, you’ll need to
update your sign in button, the scopes you request from the user and how to
retrieve profile information from Google. Follow our
Google Sign In for Android documentation
for full instructions.
When updating your sign in button, do not refer to G+ or use the color red.
Please conform to our updated branding guidelines.
Most G+ Sign In applications requested some combination of the scopes:
plus.profile.emails.read. By using
GoogleSignInOptions.Builder with the
DEFAULT_SIGN_IN option, you will
automatically request the
profile scope which provides the user’s name and
profile picture. If you also want the user’s email address, you should call
.requestEmail() when constructing Google sign-in options.
code from Google and send that code back to the server (with cross site request
forgery protection). The server then validates the code and obtains refresh and
access tokens to pull user profile information from the people.get API.
Google now recommends requesting an ID token and sending the ID token from your
client to your server. ID tokens have cross site forgery protections built-in
and also can be statically verified on your server, thus avoiding an extra API
call to get user profile information from Google’s servers. Follow the
validating ID tokens on your server.
If you would still prefer to use the code flow to obtain profile information,
you may do so. Once your server has an access token, you will need to
obtain user profile information
userinfo endpoints specified in our Sign In
Discovery document. The API
response will be formatted differently than the Google+ profile response, so you
will need to update your parsing to the new format.
If you are using
Plus.API, you should
to the newest Sign-In API for greater security and a better user experience.