Search code examples
google-signin

The credential still show up after calling clearCredentialState


I have signed in to account A, then signed out by calling clearCredentialState.

After that, when relaunching the app, I called getCredential with .setFilterByAuthorizedAccounts(true) and .setAutoSelectEnabled(true) then credential A still returned -> wrong?

code snipet

GetGoogleIdOption googleIdOption = new GetGoogleIdOption.Builder()
   .setFilterByAuthorizedAccounts(true)
   .setServerClientId(WEB_CLIENT_ID)
   .setAutoSelectEnabled(true)
   .build();

I expected that after signing out, no credentials should be returned. That means the clear credential function doesn't seem to work.

If I have signed in with account A then signed out and signed in with account B, then getCredential returns both accounts A and B. I expected it should be only B which hasn't signed out yet. It also reported here but seems there aren't any plans for it.

Has anyone faced this before? or if I did anything wrong?


Solution

  • The clearCredentialState call just signs you out but doesn't remove the grants that were previously given to the app, and that is why that account still shows up even if you use setFilterByAuthorizedAccounts(true) (as a side note: the clearCredentialState calls the signOut method on the OneTap APIs internally and the impact of that is to clear certain internal state that then stops that account from being the "default" account for that app, so, for example, the auto sign-in won't happen again for that account). In order to revoke grants, currently you can call revokeAccess() and that should do what you want. This method is deprecated and we're working on a new API to accomplish the same (and more) but meanwhile, you can use that (it won't be removed any time soon, definitely not before the replacement is introduced).