SUPER EARLY WIP — USE AT YOUR OWN RISK
shoo
GitHubCOMING SOON

Getting Started (Vanilla JS)

Add Google sign-in with a single script tag

Add the script

<script src="https://shoo.dev/shoo.js"></script>
<a href="https://shoo.dev/authorize?redirect_uri=https://your-app.com/shoo/callback">
  Sign in
</a>

The script automatically upgrades the link with PKCE and state, then handles the callback exchange on /shoo/callback. No server routes required — the /token endpoint is CORS-enabled.

Read the user's identity

const identity = window.Shoo.getIdentity();
console.log(identity.userId); // "ps_a1B2c3..." or null
console.log(identity.token);       // signed id_token JWT

Programmatic sign-in

// Basic sign-in
window.Shoo.startSignIn();

// With return-to URL
window.Shoo.startSignIn({ returnTo: "/dashboard" });

// With profile data (email, name, picture)
window.Shoo.startSignIn({ requestPii: true });

Sign out

window.Shoo.clearIdentity();

How it works

  1. User clicks the sign-in link
  2. shoo.js intercepts and adds PKCE challenge + state
  3. User authenticates with Google on shoo.dev
  4. Shoo redirects back to your callback path with a code
  5. The script exchanges the code for a signed id_token
  6. Identity is stored in localStorage

No client_id registration needed — Shoo derives it from your origin automatically.

Next steps

Getting Started (React)

Add Google sign-in to a React app in 3 lines

How It Works

The PKCE flow, pairwise subjects, and domain-scoped identity explained

On this page

Add the scriptAdd a sign-in linkRead the user's identityProgrammatic sign-inSign outHow it worksNext steps