Google API Authentication stopped working today 2024-09-18

[slishnevsky]

Important gapi.auth2 notice: gapi.auth2 has been deprecated and replaced with Google Identity Services. Please see https://developers.google.com/identity/sign-in/web/deprecation-and-sunset for more information. If you have questions related to authentication/authorization please look at the associated documentation or post questions on Stack Overflow with the google-oauth tag.

Summary Google API Authentication stopped working today 2024-09-18

Browser(s)/Version(s) Version 129.0.6668.59 (Official Build) (64-bit)

Expected Behavior Should authenticate with Google sign-in popup and load the page

Actual Behavior The Authentication popup appears, I perform sign-in, the popup closes, but the page is blank. The website was working for years, including yesterday. This morning it stopped working. In the console, I see multiple error messages like:

Cross-Origin-Opener-Policy policy would block the window.closed call.
cb=gapi.loaded_0?le=scs:425
POST https://play.google.com/log?format=json&hasfast=true&authuser=0 net::ERR_BLOCKED_BY_CLIENT

Steps to Reproduce Open a website, authenticate in the sign-in popup window.

[brdaugherty]

It is likely this failure is due to iframe permissions-policy or Content Security Policy changes, please read Google Sign-in with FedCM APIs and let me know if you're able to resolve the issue.

[slishnevsky]

For some reason it began working again after a couple of days.

[brdaugherty]

Good. During the transition period that the client library is currently in, some percentage of requests will use the new sign-in flow and some will use the existing flow. So there may be differences between sign-in attempts, even if nothing changes with your code and app. If you do see failures again I'd recommend testing with use_fedcm:true to confirm that it is not responsible.