Skip to main content
POST
/
auth
/
google
Sign in with Google
curl --request POST \
  --url https://api.example.com/auth/google \
  --header 'Content-Type: application/json' \
  --data '
{
  "idToken": "<string>",
  "email": "<string>",
  "name": "<string>"
}
'
{
  "token": "<string>",
  "message": "<string>"
}
Authenticates a user with a Google OAuth idToken. If no account exists for the given token, a new user is created. Returns a JWT token on success.
This endpoint does not require authentication.

Request body

idToken
string
required
The Google OAuth ID token obtained from the Firebase Google sign-in flow. This value is hashed (SHA-256, truncated to 24 hex chars) to derive the user’s internal ID.
email
string
required
The user’s email address as returned by Google. Used to detect duplicate accounts registered via a different method.
name
string
required
The user’s display name as returned by Google. Stored on the user record when creating a new account.

Response

200 — Success

Returned whether the user already existed or was newly created.
token
string
required
A signed JWT valid for 1000 days. Pass this value in the x-access'courser-auth-token header on authenticated requests.
message
string
required
Always "Login successful".

409 — Email already in use

Returned when a different account (registered without Google) already uses the same email address.
message
string
"Email already in use"

Example

curl --request POST \
  --url http://localhost:8000/auth/google \
  --header 'Content-Type: application/json' \
  --data '{
    "idToken": "eyJhbGciOiJSUzI1NiIs...",
    "email": "professor@university.edu",
    "name": "Dr. Jane Smith"
  }'
200
{
  "token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9...",
  "message": "Login successful"
}
409
{
  "message": "Email already in use"
}