对于启用了自动登录的网页,如果满足上述条件,系统会自动返回用户的 ID 令牌凭据,而无需用户进行任何互动。如果不满足这些条件,即使页面上启用了“自动登录”,用户在登录或同意时也默认采用“一键式”流程。如果用户有多个 Google 账号,并且访问您的网站,则必须先登录单个 Google 账号,并已针对该账号提供同意声明。
[null,null,["最后更新时间 (UTC):2025-05-23。"],[[["\u003cp\u003eGoogle One Tap enables automatic sign-in, providing a frictionless user experience by eliminating manual login steps for returning users.\u003c/p\u003e\n"],["\u003cp\u003eAutomatic sign-in works when users are signed in to their Google Account, have previously granted consent, and (for FedCM) haven't attempted sign-in within the last 10 minutes.\u003c/p\u003e\n"],["\u003cp\u003eTo enable automatic sign-in, add \u003ccode\u003edata-auto_select="true"\u003c/code\u003e to your One Tap implementation code.\u003c/p\u003e\n"],["\u003cp\u003eWhen implementing sign-out functionality, ensure auto-selection is disabled to prevent a login loop, which can be achieved by using the \u003ccode\u003eg_id_signout\u003c/code\u003e class or \u003ccode\u003egoogle.accounts.id.disableAutoSelect()\u003c/code\u003e.\u003c/p\u003e\n"],["\u003cp\u003eOne Tap sign-out (disabling automatic sign-in) is temporary and does not sign users out of your website or Google services.\u003c/p\u003e\n"]]],[],null,["# Automatic sign-in and sign-out\n\nThis page describes how to implement features related to how users sign in or\nsign out with Google One Tap.\n\nSign in users automatically\n---------------------------\n\nGoogle One Tap supports automatic sign-in, which provides a frictionless user\nexperience (UX) by removing the manual steps users must take when returning\nto your site. Users don't need to remember which Google Account they selected\nduring their last visit, decreasing the chances of unnecessary duplicate\naccounts being created on your platform.\n\nAutomatic sign-in is intended to complement our Sign in with Google button\nand One Tap dialogs. It is designed to be used across your entire site, with\nmanual sign-up or switching accounts occurring only after the user has first\nsigned-out of your site.\n\nFor Automatic sign-in to occur the following conditions are required:\n\n- users must first be signed-in to their Google Account, and\n- previously granted consent to share their account profile with your app, and\n- when using FedCM, made only a single sign-in attempt in the last 10 minutes. One Tap is displayed when repeated sign-in attempts occur during this window.\n- when using FedCM, Chrome requires users to reconfirm that they want to sign in to the website with Google Account in each Chrome instance even if the user approved the website prior to the FedCM rollout. This change may affect conversion rate on your existing site using One Tap. In Chrome M121 update, [Auto Sign-in improvement](/identity/gsi/web/reference/release-notes#2023-12-21) mitigates conversion rate drop issue.\n\nFor pages where Automatic sign-in is enabled and if these conditions are met\nthe user's ID token credential is automatically returned without any user\ninteraction. If these conditions are not met, and even if Automatic sign-in is\nenabled on the page, the user defaults to the One Tap flow for sign-in or\nconsent. If a user has multiple Google Accounts and visits your site they are\nrequired to first sign-in to a single Google Account and to have provided\nconsent for that account.\n\nYou may measure Automatic sign-in success rate using the `auto` value in the\n[select_by](/identity/gsi/web/reference/js-reference#select_by) field of the returned credential object.\n\nTo enable automatic sign-in, add `data-auto_select=\"true\"` to your code, as\nshown in the following snippet: \n\n \u003cdiv id=\"g_id_onload\"\n data-client_id=\"\u003cvar translate=\"no\"\u003eYOUR_GOOGLE_CLIENT_ID\u003c/var\u003e\"\n data-login_uri=\"\u003cvar translate=\"no\"\u003ehttps://your.domain/your_login_endpoint\u003c/var\u003e\"\n data-auto_select=\"true\"\u003e\n \u003c/div\u003e\n\n| **Note:** The [upgraded One Tap UX for ITP browsers](/identity/gsi/web/guides/features#upgraded_ux_on_itp_browsers) doesn't support auto sign-in.\n\nSign out\n--------\n\nWhen a user signs out of your website, they can be directed to a page where a\nGoogle One Tap prompt is automatically displayed. For this setup, auto-selection\nmust be prohibited. Otherwise, the user is automatically signed in again, which\nleads to a dead-loop UX. \n\n### Using FedCM\n\nTo improve user experience, there is a 10 minute quiet period between every\nautomatic sign-in attempt. During this time period, One Tap prompt is\ndisplayed instead. Users need to explicitly click One Tap to sign in.\n\n### Without FedCM\n\nTo prohibit auto-selection after a user signs out, add the class name\n`g_id_signout` to all of your logout links and buttons. See the following code\nsnippet: \n\n \u003cdiv class=\"g_id_signout\"\u003eSign Out\u003c/div\u003e\n\nThe following JavaScript code snippet can also be used for sign out: \n\n const button = document.getElementById('signout_button');\n button.onclick = () =\u003e {\n google.accounts.id.disableAutoSelect();\n }\n\nTo prevent a dead-loop UX, user signed-out status is stored in a cookie named\n`g_state` that is set by the Google Identity Services library. By default the\ncookie domain is set to the domain of current page. If One Tap is displayed\non the parent domain and subdomains, the state cookie must be visible across\nall of your domains. Use the `data-state_cookie_domain` attribute to set the\n`g_state` cookie domain to your parent domain. For example, add\n`data-state_cookie_domain=\"example.com\"` to the `g_id_onload` element for a\nparent domain of `example.com` and a subdomain named `webapp.example.com`.\n| **Key Point:** If One Tap is displayed on multiple domains, you need to set the `g_state` cookie domain to your parent domain.\n\nIf you have a service that monitors all of the cookies used in your domain,\nyou need to notify them of the `g_state` cookie.\n| **Key Point:** Feel free to use other ways to prevent the dead-loop UX on log out moment.\n\nIf you don't want to load the client library on your post-login pages, use\nthese solutions to prevent a dead-loop UX after log out occurs:\n\n- On log out, redirect users to a page (say, `https://example.com/logged_out`) where One Tap is not displayed, or where auto sign-in is always disabled.\n- On log out, add a parameter to the URL. For example, `logged_out=1`. When rendering One Tap by JavaScript API, check that URL parameter and disable auto sign-in when present.\n\n| **Warning:** The term 'sign out' here refers to temporarily disabling One Tap Automatic sign-in for one day. This API does not sign out your users out of your website or any Google websites.\n\nKey user journeys\n-----------------\n\nThe automatic sign-in page. \n\n### Using FedCM\n\nUsers can close the One Tap prompt by clicking the **X** button. For\naccessibility consideration, an ID token is shared with your website\neven if users click the **X** button.\n\nTo improve user experience, there is a 10 minute quiet period between every\nautomatic sign-in attempt. During this time period, One Tap prompt is\ndisplayed instead. Users need to explicitly click One Tap to sign in.\n\n### Without FedCM\n\nIf users don't click the **Cancel** button within 5 seconds, an ID token\nis shared with your website.\n\nWhen Sign-In is cancelled, based on the number of active Google sessions,\neither the account chooser page or the returning user page displays.\n\n- Multiple Google sessions\n\n- Single Google Sessions\n\n| **Key Point:** Once cancelled, Automatic sign-in is disabled for one day."]]