Streamlining Android authentication: Credential Manager replaces legacy APIs

Posted by Diego Zavala and Jason Lucibello – Product Managers

In 2023, we introduced Credential Manager for Android. Credential Manager creates a unified experience for passkeys, Sign in with Google, and passwords, allowing seamless sign-in and eliminating the need for users to type in usernames or passwords.

Fig 1. Sample app showing Credential Manager dialog in a sign-in flow with a passkey, a password, and a Sign in with Google options

To bring Credential Manager’s benefits to more Android users and simplify developers’ integration efforts, APIs that were previously deprecated will continue their phased removals and shutdowns. These APIs include:

• Smart Lock for Passwords API
• Credential Saving API
• Sign in with Google button API
• One Tap Sign-in API
• Google Sign-In for Android (GSI) API

Developers with apps that still use these APIs should migrate to Credential Manager as soon as possible. Credential Manager supports all authentication features included in these legacy APIs, as well as streamlined journeys for users and modernizes the experience with passkey support and streamlined user journeys. Developers looking to implement authorization functionality for Google Accounts, such as scoped access to a service like Google Drive, should continue to use the AuthorizationClient API.

Current status of APIs as of September 2024, update plans, and recommended migration guides.

API: Smart Lock for Passwords

Status: Removed

Next Update: Fully shut down in Q1 2025

Migration guide: Migrate from Smart Lock for Passwords to Credential Manager

API: Credential Saving API

Status: Deprecated

Next Update: Removed in H1 2025

Migration guide: Migrate passwords to Credential Manager

API: Sign in with Google button

Status: Deprecated

Next Update: Removed in H1 2025

Migration guide: Migrate to the Sign in with Google button and Credential Manager

API: One Tap Sign-in

Status: Deprecated

Next Update: Removed in H2 2025

Migration guide: Authenticate users with Sign in with Google and Credential Manager

API: Google Sign-In for Android

Status: Deprecated

Next Update: Removed in H2 2025

Migration guide: Migrate from legacy Google Sign-In to Credential Manager

• Deprecated: API is still in the SDK and functional, but will be removed and fully shut down in the future. Developers are recommended to migrate to Credential Manager at this time.
• Removed: API is still functional for users, but is no longer included in the SDK. New app versions compiled with the most recent SDK would fail in the build process if your code still utilizes the removed API. If your app still relies on any of these APIs, you should migrate to Credential Manager as soon as possible.
• Fully shut down: API is no longer functional, and it will fail when a request is sent by an app.

Credential Manager offers streamlined, more secure auth journeys

Credential Manager delivers multiple advantages to users and developers over the deprecated APIs:

1. Easier, more secure sign-ins with passkeys: Passkeys are an alternative to passwords that provide an easier and more secure authentication experience, based on industry standards. Credential Manager brings support for passkeys to Android apps.

2. Frictionless, one-tap sign-in: Users select their preferred saved credential from the options offered, without needing to remember or type username or passwords.

3. Unified UI across all credentials: Credential Manager’s one-tap sign-in works with passkeys, Sign in with Google, and passwords. It deduplicates methods for the same account, so users no longer need to remember which method they last used, or which one is the “right” method.

4. Extended support for password managers: Users benefit from using the credentials stored in their preferred password manager on Credential Manager flows, and can even enable multiple password managers at the same time! Passwords managers not only protect users’ credentials, but they also provide additional action and protections to keep users safe, such as upgrading passwords to passkeys, alerting users to password reuse, and containing usage to affiliated apps and domains.

5. Simplified development: Developers can consolidate their sign-in logic into a single, modern API, reducing development overhead and maintenance efforts. New authentication functionality will be released through Credential Manager going forward.

Adopting Credential Manager is an intuitive upgrade for developers

For developers previously using our deprecated APIs, the transition to Credential Manager is smooth and intuitive. Developers like X (formerly known as Twitter), Pinterest have already experienced the benefits of the upgrade. X shared with us that Credential Manager’s unified approach made migration and maintenance effortless, while Pinterest expressed a smooth process for both users and engineers with Credential Manager.

Developers can use the following guides to make adopting Credential Manager even easier:

• Get started: Credential Manager Implementation Guide
• Migrate from Smart Lock for Passwords to Credential Manager guide
• Migrate from legacy Google Sign-In to Credential Manager
• Authenticate users with Sign in with Google using Credential Manager

Share your feedback

Your input is very valuable to us as we continue to refine and improve our authentication services. Please keep providing us feedback on the issue tracker and share your experience integrating Credential Manager!