chore: update lockfile (#3039 )

chore: update versions (#3038 )
This PR was opened by the [Changesets release](https://github.com/changesets/action) GitHub action. When you're ready to do a release, you can merge this and the packages will be published to npm automatically. If you're not ready to do a release yet, that's fine, whenever you add more changesets to main, this PR will be updated. # Releases ## @nhost/hasura-auth-js@2.8.0 ### Minor Changes - 14e6100: feat: add support for ID token sign-in from authentication providers ## @nhost/react@3.8.0 ### Minor Changes - 14e6100: feat: add support for ID token sign-in from authentication providers ### Patch Changes - @nhost/nhost-js@3.2.1 ## @nhost/vue@2.8.0 ### Minor Changes - 14e6100: feat: add support for ID token sign-in from authentication providers ### Patch Changes - @nhost/nhost-js@3.2.1 ## @nhost/apollo@8.0.1 ### Patch Changes - @nhost/nhost-js@3.2.1 ## @nhost/react-apollo@15.0.0 ### Patch Changes - Updated dependencies [14e6100] - @nhost/react@3.8.0 - @nhost/apollo@8.0.1 ## @nhost/react-urql@12.0.0 ### Patch Changes - Updated dependencies [14e6100] - @nhost/react@3.8.0 ## @nhost/nextjs@2.1.24 ### Patch Changes - Updated dependencies [14e6100] - @nhost/react@3.8.0 ## @nhost/nhost-js@3.2.1 ### Patch Changes - Updated dependencies [14e6100] - @nhost/hasura-auth-js@2.8.0 ## @nhost/dashboard@2.7.2 # @nhost/dashboard ## 1.30.0 ### Minor Changes - 50441a8: feat: add ui for project autoscaler settings and run services autoscaler settings ## 1.29.0 ### Minor Changes - 55d8bb5: feat: integrate turnstile for signup verification - 2a2e54c: fix: update docs url in run services form tooltip - 18f942f: fix: display long error messages in error toast without overflow ### Patch Changes - @nhost/react-apollo@13.0.0 - @nhost/nextjs@2.1.22 ## 1.28.2 ### Patch Changes - 52a38fe: chore: update dependencies to address security vulnerabilities - Updated dependencies [52a38fe] - @nhost/nextjs@2.1.21 ## 1.28.1 ### Patch Changes - 9735fa2: chore: remove broken link ## 1.28.0 ### Minor Changes - 526183a: feat: allow filtering users in "make request as" in graphql section - be3b85b: feat: add conceal errors toggle on auth settings page ### Patch Changes - 35a2f12: fix: prevent run service details from opening when attempting to delete - @nhost/react-apollo@12.0.6 - @nhost/nextjs@2.1.20 ## 1.27.0 ### Minor Changes - a7cd02c: fix: resolve rate limit query ## 1.26.0 ### Minor Changes - 3773ad7: chore: update pricing information - b63250d: fix: not allow run service creation form resubmission while creating a run service - a44a1d4: feat: add rate limits settings page ### Patch Changes - @nhost/react-apollo@12.0.5 - @nhost/nextjs@2.1.19 ## 1.25.0 ### Minor Changes - d1ceede: feat: add setting to migrate postgres major and/or minor versions - e5d3d1a: fix: allow manually typing column for custom check in database row permissions ### Patch Changes - @nhost/react-apollo@12.0.4 - @nhost/nextjs@2.1.18 ## 1.24.1 ### Patch Changes - 49f2e55: fix: use service subdomain in service form and service details dialog - 598b988: fix: use current project subdomain in ServiceDetailsDialog component ## 1.24.0 ### Minor Changes - abb24af: chore: add redirect to support page when project is locked - 18a6455: feat: show contact us info and locked reason when project is locked ### Patch Changes - e31eefa: fix: include ingresses field when updating run services ## 1.23.0 ### Minor Changes - 33284d3: fix: don't show double scrollbar in configuration editor ### Patch Changes - @nhost/react-apollo@12.0.3 - @nhost/nextjs@2.1.17 ## 1.22.0 ### Minor Changes - 998c037: fix: align drop-down list in select component - 807b8c0: fix: show city name in region selection for project creation ## 1.21.0 ### Minor Changes - a2efeed: fix: improve project health error handling, add unknown state and polling interval for health state ## 1.20.0 ### Minor Changes - 8ea4210: fix: error toasts can be closed individually, instead of dismissing all toasts at once - 58919ba: chore: add blink animation when project health service is updating ## 1.19.0 ### Minor Changes - b519862: fix: get configuration in configuration editor using local development environment ## 1.18.0 ### Minor Changes - 502abad: feat: add services health checks indicators to the overview page - b3ff6ad: chore: update title text on service status modal - dbadf59: feat: add project configuration TOML editor to the settings page ## 1.17.0 ### Minor Changes - 77fba27: fix: postgres version validation when activating ai in ai settings page - ac6d1b6: feat: use name instead of awsName ## 1.16.3 ### Patch Changes - 87a37cf: fix: remove unnecessary isPlatform check from verify button disable logic on custom domains - @nhost/react-apollo@12.0.2 - @nhost/nextjs@2.1.16 ## 1.16.2 ### Patch Changes - a9413af: fix: update `GetAllWorkspacesAndProjects` query polling to use exponential backoff - @nhost/react-apollo@12.0.1 - @nhost/nextjs@2.1.15 ## 1.16.1 ### Patch Changes - @nhost/react-apollo@12.0.0 - @nhost/nextjs@2.1.14 ## 1.16.0 ### Minor Changes - c6d5c5c: feat: add toggle switch to enable/disable public access in the database settings ## 1.15.2 ### Patch Changes - @nhost/react-apollo@11.0.4 - @nhost/nextjs@2.1.13 ## 1.15.1 ### Patch Changes - @nhost/react-apollo@11.0.3 - @nhost/nextjs@2.1.12 ## 1.15.0 ### Minor Changes - a7bde37: feat: send metadata in the edit form ### Patch Changes - 1bc615b: feat: improve error message handling in `ErrorToast` component - @nhost/react-apollo@11.0.2 - @nhost/nextjs@2.1.11 ## 1.14.0 ### Minor Changes - a448d7d: feat: allow configuring postmark and delete SMTP settings ## 1.13.3 ### Patch Changes - 5924bc3: fix: include password in `GetSmtpSettings` query - c5ad634: fix: resolved an issue where one-click install links were broken on Safari - 7278991: fix: update graphql auto-embeddings configuration to use String type for model field ## 1.13.2 ### Patch Changes - 026f84f: fix: use configuration server URL from environment variable ## 1.13.1 ### Patch Changes - 7e9a2ce: fix: resolve issue where run services form fails to open ## 1.13.0 ### Minor Changes - dd5d262: feat: add model field to the auto-embeddings form - 09962be: feat: enable settings and run services when running the dashboard locally - 9cdecb6: feat: enable users to update their email address from the account settings page ## 1.12.2 ### Patch Changes - c195c51: fix: send email upon signin for unverified users ## 1.12.1 ### Patch Changes - 93ebdf8: fix: use service urls when initilizaing NhostClient running local dashboard - @nhost/react-apollo@11.0.1 - @nhost/nextjs@2.1.10 ## 1.12.0 ### Minor Changes - f242e4b: feat: add connect with github to the user's account settings - 768ca17: chore: update dependencies - d62bd0f: fix: "Track this" option within the SQL editor now correctly updates the metadata - 91c2bb6: feat: refactor sign-in and sign-up pages to enforce email verification ### Patch Changes - 943831f: fix: resolve an error toast issue when unpausing a project - Updated dependencies [768ca17] - @nhost/react-apollo@11.0.0 - @nhost/nextjs@2.1.9 ## 1.11.2 ### Patch Changes - @nhost/react-apollo@10.0.2 - @nhost/nextjs@2.1.8 ## 1.11.1 ### Patch Changes - 981404f: fix: set default value for healthCheck field validation ## 1.11.0 ### Minor Changes - 7789469: chore: upgrade dependency `@graphql-codegen/cli` to `5.0.2` to address vulnerability - 6c11b75: feat: add update user displayName section in account settings ### Patch Changes - @nhost/react-apollo@10.0.1 - @nhost/nextjs@2.1.7 ## 1.10.0 ### Minor Changes - 49a80c2: chore: update dependencies - 150c04a: feat: add healthcheck config to run services ### Patch Changes - e03f141: fix: allow insert, update and delete on tables in `auth` and `storage` schemas - 28676f4: feat: add min postgres version check to enable the ai service - Updated dependencies [49a80c2] - @nhost/react-apollo@10.0.0 - @nhost/nextjs@2.1.6 ## 1.9.0 ### Minor Changes - d86e5c9: feat: add support for filtering the logs using a RegExp ## 1.8.3 ### Patch Changes - @nhost/react-apollo@9.0.3 - @nhost/nextjs@2.1.5 ## 1.8.2 ### Patch Changes - 6df4f02: fix: use custom error toast and show correct message when sending an invite ## 1.8.1 ### Patch Changes - @nhost/react-apollo@9.0.2 - @nhost/nextjs@2.1.4 ## 1.8.0 ### Minor Changes - 713d53c: feat: add catch-all route for workspace/project - useful for documentation ### Patch Changes - 3db2999: fix: refresh table list after running SQL using the editor - 3c4dd55: fix: handle `Error` objects properly in the `ErrorToast` component - 92b434e: fix: resolve an issue where the checkbox in the data-grid header did not select all rows - @nhost/react-apollo@9.0.1 - @nhost/nextjs@2.1.3 ## 1.7.0 ### Minor Changes - 0d8d0eb: Update docs and dashboard references ## 1.6.9 ### Patch Changes - @nhost/react-apollo@9.0.0 - @nhost/nextjs@2.1.2 ## 1.6.8 ### Patch Changes - @nhost/react-apollo@8.0.1 - @nhost/nextjs@2.1.1 ## 1.6.7 ### Patch Changes - 5ef5189: fix: update `@apollo/client` to `3.9.4` to fix a cache bug ## 1.6.6 ### Patch Changes - 3ba485e: fix: added discord.com to connect-src - e5bab6a: chore: update dependencies - Updated dependencies [b19ffed] - Updated dependencies [e5bab6a] - @nhost/nextjs@2.1.0 - @nhost/react-apollo@8.0.0 ## 1.6.5 ### Patch Changes - ba73bb4: fix: update ErrorToast component to show the internal graphql error - d5337ff: fix: utilize accumulator in the creation of validation schema within data grid utils ## 1.6.4 ### Patch Changes - 7c2a1c2: feat: show error and debug info in the error toast ## 1.6.3 ### Patch Changes - 6b8aad5: fix: add bare nhost.run to CSP ## 1.6.2 ### Patch Changes - b18edc0: feat: added CSP and X-Frame-Options ## 1.6.1 ### Patch Changes - 8d91f71: chore: update deps and enable pnpm audit - 3b8473b: chore: update turbo to `1.11.3` and pnpm to `8.10.5` in Dockerfile - Updated dependencies [8d91f71] - @nhost/react-apollo@7.0.2 - @nhost/nextjs@2.0.2 ## 1.6.0 ### Minor Changes - 3ff1c2b53: fix: show upgrade option for pro projects ## 1.5.0 ### Minor Changes - c2ef17c0a: feat: add support for new Team plan ## 1.4.0 ### Minor Changes - 7883bbcbd: feat: don't show deprecated plans - 44be6dc0a: feat: set redirectTo during sign-in to support preview environments ### Patch Changes - 3c3594898: fix: allow access to graphite when configured running in local dashboard - 32c246b7a: chore: update docs icon ## 1.3.2 ### Patch Changes - 174b4165b: chore: use env variables when running graphql codegen - 7c977e714: chore: change `Allowed Roles` to `Default Allowed Roles` - 46f028b9f: fix: remove hardcoded ai version setting ## 1.3.1 ### Patch Changes - af33c21d1: chore: remove backendUrl deprecation notice and remove all references to `providersUpdated` ## 1.3.0 ### Minor Changes - 04784d880: Fix graphite's default version ## 1.2.0 ### Minor Changes - 5733162ed: feat: add settings and ui for graphite ## 1.1.0 ### Minor Changes - e2b79b5ec: chore: remove sharp from deps ## 1.0.1 ### Patch Changes - @nhost/react-apollo@7.0.1 - @nhost/nextjs@2.0.1 ## 1.0.0 ### Major Changes - bc9eff6e4: chore: remove support for using backendUrl when instantiating the Nhost client ### Patch Changes - Updated dependencies [bc9eff6e4] - @nhost/nextjs@2.0.0 - @nhost/react-apollo@7.0.0 ## 0.21.1 ### Patch Changes - 97ced73a3: fix(dashboard): prevent dashboard from resolving secrets ## 0.21.0 ### Minor Changes - ed1a8d458: Update alert message on increasing PostgreSQL's volume capacity - 2e2248fd4: feat(dashboard): add SQL editor ## 0.20.28 ### Patch Changes - 7c2c31082: feat: add support for users to delete their account - @nhost/react-apollo@6.0.1 - @nhost/nextjs@1.13.40 ## 0.20.27 ### Patch Changes - fa79b7709: chore(dashboard): tweaks and fixes to the service form and dialog - 8df84d782: fix(dashboard): allow resetting custom domains - @nhost/react-apollo@6.0.0 - @nhost/nextjs@1.13.39 ## 0.20.26 ### Patch Changes - 331ba0376: feat(dashboard): add postgres storage capacity modifier in the settings - b7f801874: feat(dashboard): add new settings page for custom domains ## 0.20.25 ### Patch Changes - @nhost/react-apollo@5.0.38 ## 0.20.24 ### Patch Changes - e10389ecf: fix(dashboard): disable run tab when developing locally - @nhost/react-apollo@5.0.37 ## 0.20.23 ### Patch Changes - c01568a7d: chore(dashboard): show alert to update oauth providers ## 0.20.22 ### Patch Changes - c3efb7ec8: feat(dashboard): query latest announcement from platform ## 0.20.21 ### Patch Changes - 3e46d3873: chore: update link to node18 announcement ## 0.20.20 ### Patch Changes - @nhost/react-apollo@5.0.36 - @nhost/nextjs@1.13.38 ## 0.20.19 ### Patch Changes - 75c4c8ae3: feat(dashboard): make env value input multiline ## 0.20.18 ### Patch Changes - 425d485f8: fix(dashboard): make sure dedicated resources pricing follows total resources ## 0.20.17 ### Patch Changes - ae324f67f: fix(dashboard): remove unused graphql fields ## 0.20.16 ### Patch Changes - df5b4302c: chore(dashboard): remove run feature flag - bf4a1f6c2: feat(dashboard): fetch auth, postgres, hasura and storage versions from dashboard - 34fc08ca7: fix(dashboard/run): show correct private registry in service details - 885d10620: chore(dashboard): change feedback to contact us ## 0.20.15 ### Patch Changes - ed16c8b5d: feat(run): add a confirmation dialog when deleting a run service - 216990888: fix(run): center loading indicator when selecting a project ## 0.20.14 ### Patch Changes - 9fbea9787: feat: add node18 announcement ## 0.20.13 ### Patch Changes - e84acf469: fix(run): handle subdomain undefined error when creating a new service ## 0.20.12 ### Patch Changes - b7c799d62: feat(run): add dialog to copy registry and URLs ## 0.20.11 ### Patch Changes - 8903e6abd: fix(dashboard): show correct egress limit in usage stats ## 0.20.10 ### Patch Changes - 666a75a23: feat(dashboard): add functions execution time and egress volume to usage stats ## 0.20.9 ### Patch Changes - 5e1e80aa8: fix(dashboard): show correct locales in user details - @nhost/react-apollo@5.0.35 - @nhost/nextjs@1.13.37 ## 0.20.8 ### Patch Changes - @nhost/react-apollo@5.0.34 - @nhost/nextjs@1.13.36 ## 0.20.7 ### Patch Changes - 4a7ede11e: fix: distinguish files that were not uploaded - 202b64723: feat(nhost-run): add support for one-click-install run services - 074a0fa11: feat(dashboard): add settings toggle to enable/disable antivirus - @nhost/react-apollo@5.0.33 - @nhost/nextjs@1.13.35 ## 0.20.6 ### Patch Changes - b20761e97: feat(services): add pricing info and confirmation dialog - 90df6d81d: fix(services): handle null values when editing a service - aa8508467: fix: query service logs correctly feat: enable multiline support for environment value input ## 0.20.5 ### Patch Changes - 8d7f84b8d: fix: make announcement adapt to theme ## 0.20.4 ### Patch Changes - 3b75bfce2: fix: make announcement close properly - f49819075: fix: show correct values when dedicated resources are disabled ## 0.20.3 ### Patch Changes - e643bd362: fix(services): fix errors when config is null - bcdab66bf: feat: add annoucement for nhost run - f967a2e59: added note about storage not being able to be downsized - 311c7756d: chore(services): consistent naming for compute ## 0.20.2 ### Patch Changes - 9073182d5: chore(dashboard): bump `turbo` to 1.10.11 - ece717d6e: feat(logs): show services in the logs page - 82b335311: feat(metrics): change grafana link to point to the dashboards - b135ef695: fix(services): set command as optional and set min replicas to 0 ## 0.20.1 ### Patch Changes - 3d5c34f4c: fix(auth): fix users pagination limit ## 0.20.0 ### Minor Changes - c99d117d1: feat(services): add support for custom services ## 0.19.2 ### Patch Changes - face99ccd: chore(deps): bump turbo version - cfe527307: style: tweak pull config warning in dark mode - a9d7da8af: chore(deps): update dependency @types/pluralize to ^0.0.30 - 9aa4371ef: chore: add hasura-auth version 0.21.2 - d14e112bf: chore(deps): update dependency prettier-plugin-tailwindcss to ^0.4.0 - d3e8bb94a: chore(deps): update dependency vite-plugin-dts to v3 ## 0.19.1 ### Patch Changes - @nhost/react-apollo@5.0.32 - @nhost/nextjs@1.13.34 ## 0.19.0 ### Minor Changes - 9c61c69a7: chore(dashboard):add postgres 14.6-20230705-1 to the version selector ### Patch Changes - 47bda15ff: feat(settings): add warning to pull config ## 0.18.0 ### Minor Changes - ee0b9b8ed: chore(dashboard):add hasura v2.28.2 and v2.29.0 to the version selector ## 0.17.20 ### Patch Changes - @nhost/react-apollo@5.0.31 - @nhost/nextjs@1.13.33 ## 0.17.19 ### Patch Changes - f866120a6: fix(users): use the password length from the config ## 0.17.18 ### Patch Changes - @nhost/react-apollo@5.0.30 - @nhost/nextjs@1.13.32 ## 0.17.17 ### Patch Changes - ea7b102c0: fix(pat): highlight expired tokens ## 0.17.16 ### Patch Changes - b3b64a3b7: chore(deps): bump `@types/react` to `v18.2.14` and `@types/react-dom` to `v18.2.6` - 32b221f94: chore(deps): bump `graphiql` to `v3` - 3a56c12df: chore(deps): bump `turbo` to `v1.10.6` - Updated dependencies [b3b64a3b7] - @nhost/react-apollo@5.0.29 - @nhost/nextjs@1.13.31 ## 0.17.15 ### Patch Changes - f41fdc12a: chore(deps): bump `turbo` to `1.10.5` - 6199c1c55: fix(projects): don't redirect to 404 page - Updated dependencies [07a45fde0] - @nhost/react-apollo@5.0.28 - @nhost/nextjs@1.13.30 ## 0.17.14 ### Patch Changes - 80b22724d: chore(deps): bump `@types/react` to `v18.2.13`, `@types/react-dom` to `v18.2.6` and `@storybook/testing-library` to `v0.2.0` ## 0.17.13 ### Patch Changes - cc02902cb: chore(docs): update environment variable documentation ## 0.17.12 ### Patch Changes - 660d339e1: fix(storybook): don't break storybook - 660d339e1: fix(tests): prevent warnings during tests - @nhost/react-apollo@5.0.27 - @nhost/nextjs@1.13.29 ## 0.17.11 ### Patch Changes - bd4d0c270: chore(dashboard):add postgres 14.6-20230613-1 to the version selector ## 0.17.10 ### Patch Changes - c8c2a10b2: fix(database): don't break the password reset flow - e70b45498: chore(deps): bump `@types/react` to `v18.2.12` and `@types/react-dom` to `v18.2.5` ## 0.17.9 ### Patch Changes - 842055099: chore(deps): bump `turbo` to `v1.10.3` and `pnpm` to `v8.6.2` - fd12aa0a8: chore(projects): remove the postgres password input from the project creation screen - 022b76e78: chore(deps): bump `@types/react` to `v18.2.11` - 3555ab2b7: chore(deps): bump `vitest` monorepo to `v0.32.0` - c43e54922: feat(backups): add download button to backups ## 0.17.8 ### Patch Changes - d0457fe5c: feat(settings): improve the dashboard and config parity - @nhost/react-apollo@5.0.26 - @nhost/nextjs@1.13.28 ## 0.17.7 ### Patch Changes - 4f0368b95: fix(account): don't break account settings page ## 0.17.6 ### Patch Changes - 64a8f41d0: chore(resources): lower the maximum allowed resources per service ## 0.17.5 ### Patch Changes - @nhost/react-apollo@5.0.25 - @nhost/nextjs@1.13.27 ## 0.17.4 ### Patch Changes - 9b1d0f7a5: fix(deployments): use correct timestamp for deployment details - 6d2963ffa: chore(deps): bump `@types/react` to `v18.2.8` - 8871267b9: chore(deps): downgrade `pnpm` to `v8.5.1` because of no Turborepo support ## 0.17.3 ### Patch Changes - 01eeef9de: chore(misc): under the hood improvements - 21e13db05: chore(deps): bump `@types/react` to `v18.2.7` and `turbo` to `v1.10.1` - f16433ae6: chore(secrets): allow empty secrets and environment variables - aa3c62989: chore(cli): bump Nhost CLI version to v1.0 - @nhost/react-apollo@5.0.24 - @nhost/nextjs@1.13.26 ## 0.17.2 ### Patch Changes - 88a4983f: chore(misc): under the hood improvements ## 0.17.1 ### Patch Changes - 9b0d4dde: feat(secrets): enable secrets ## 0.17.0 ### Minor Changes - 15d84a19: Add postgres 14.6-20230525 ## 0.16.14 ### Patch Changes - 4c626174: chore: updated import paths, improved directory structure - cc047b71: chore(deps): bump `@fontsource` monorepo to `v5.0.0` - 99edd012: feat(account): add support for personal access tokens ## 0.16.13 ### Patch Changes - 78c7109c: feat(settings): allow selecting service versions ## 0.16.12 ### Patch Changes - 399009d6: fix(gql): don't enter an infinite loop when fetching remote app data - 329e5a91: fix(deployments): use the same sorting of deployments everywhere - 6d559d6e: chore(settings): add under the hood improvements to the settings page - 12eb236c: chore(deps): bump `prettier-plugin-tailwindcss` to `v0.3.0` - f9b81a2a: chore(deps): bump `turbo` to `v1.9.8` - 1345741b: fix(projects): don't redirect to 404 on project creation - Updated dependencies [7fea29a8] - @nhost/react-apollo@5.0.23 - @nhost/nextjs@1.13.25 ## 0.16.11 ### Patch Changes - 1230b722: fix(projects): don't redirect to 404 on when the project is renamed - @nhost/react-apollo@5.0.22 - @nhost/nextjs@1.13.24 ## 0.16.10 ### Patch Changes - Updated dependencies [da03bf39] - @nhost/react-apollo@5.0.21 - @nhost/nextjs@1.13.23 ## 0.16.9 ### Patch Changes - 349aac36: fix(settings): use region domain when constructing the postgres connection string ## 0.16.8 ### Patch Changes - 20fb69fa: chore(projects): change the way how API URLs are constructed ## 0.16.7 ### Patch Changes - 49f9b837: chore(docker): bump `pnpm` to `v8.4.0` and `turbo` to `v1.9.3` - 3f478a4e: chore(deps): bump `vitest` to `v0.31.0`, `@types/react` to `v18.2.6` and `@types/react-dom` to `v18.2.4` ## 0.16.6 ### Patch Changes - d926f156: fix(projects): redirect to 404 when an invalid project is opened - 49b99728: fix(projects): disable features for non-owner members of workspaces ## 0.16.5 ### Patch Changes - 12e2855f: chore(deps): bump `jsdom` to v22 - e4972b83: feat(metrics): add Grafana page ## 0.16.4 ### Patch Changes - 3f396a9e: fix(projects): unpause after upgrading a paused project to pro - 3f396a9e: fix(projects): don't redirect to 404 page after project creation ## 0.16.3 ### Patch Changes - Updated dependencies [90c60311] - @nhost/react-apollo@5.0.20 - @nhost/nextjs@1.13.22 ## 0.16.2 ### Patch Changes - 0f34f0c6: fix(projects): disallow downgrading to free plan - 8da291ad: chore(deps): bump `@types/react` to v18.2.0 and `@types/react-dom` to v18.2.1 ## 0.16.1 ### Patch Changes - adc828a5: fix(gql): don't enter an infinite loop when fetching remote app data ## 0.16.0 ### Minor Changes - 2fb1145f: feat(compute): add support for replicas ### Patch Changes - d8ceccec: chore(env): remove deprecated `NHOST_BACKEND_URL` environment variable ## 0.15.2 ### Patch Changes - 84b84ab7: fix(projects): filter projects by workspace ## 0.15.1 ### Patch Changes - 2faf7907: chore(deps): bump `graphql-request` to v6 - f1b5a944: chore(deps): bump `@vitejs/plugin-react` to v4 - 7f1785ac: chore(deps): bump `@types/react` to v18.0.37 - @nhost/react-apollo@5.0.19 ## 0.15.0 ### Minor Changes - 85889ee8: feat(dashboard): add Compute management to the settings ## 0.14.8 ### Patch Changes - 668c8771: chore(dialogs): unify dialog management of payment dialogs ## 0.14.7 ### Patch Changes - d4ccc656: chore: cleanup unused code - @nhost/react-apollo@5.0.18 - @nhost/nextjs@1.13.21 ## 0.14.6 ### Patch Changes - b299cfc9: chore(deps): bump `vitest` to v0.30.0 - 411cb65b: chore(projects): refactor workspace and project hooks - 43b1b144: chore(deps): bump `@types/react` to v18.0.34 and `@types/react-dom` to v18.0.11 - Updated dependencies [43b1b144] - @nhost/react-apollo@5.0.17 - @nhost/nextjs@1.13.20 ## 0.14.5 ### Patch Changes - ba0d57ee: fix(i18n): revert i18n library - 3328ed05: feat(projects): improve overview when there is an error ## 0.14.4 ### Patch Changes - 5e0920ba: chore(deps): bump `next-seo` to v6 - 706c9dc3: chore(deps): bump `@types/react` to 18.0.33 - 99f8f6b3: feat(metrics): show metrics on the overview ## 0.14.3 ### Patch Changes - @nhost/react-apollo@5.0.16 ## 0.14.2 ### Patch Changes - 3cb67300: fix(logs): don't break UI when clearing time picker - 7453bf3b: feat(projects): show project creator info - c166dad0: chore(tests): improve auth page tests - 6a290bb2: chore(deps): bump `@types/react` to 18.0.32 ## 0.14.1 ### Patch Changes - @nhost/react-apollo@5.0.15 - @nhost/nextjs@1.13.19 ## 0.14.0 ### Minor Changes - 6e1f03ea: feat(dashboard): add support for the Azure AD provider ### Patch Changes - 1bd2c373: chore(deps): bump `turbo` to 1.8.6 - d329b621: chore(deps): bump `@types/react` to 18.0.30 - cb248f0d: fix(tests): avoid name collision in database tests - 867c8076: chore(deps): bump `@types/react` to 18.0.29 ## 0.13.10 ### Patch Changes - e93b06ab: fix(dashboard): remove left margin from workspace list on mobile - 1c4806bf: chore(deps): bump `sharp` to 0.32.0 - @nhost/react-apollo@5.0.14 - @nhost/nextjs@1.13.18 ## 0.13.9 ### Patch Changes - 912ed76c: chore(dashboard): bump `@apollo/client` to 3.7.10 - Updated dependencies [912ed76c] - @nhost/react-apollo@5.0.13 ## 0.13.8 ### Patch Changes - 7c127372: chore(dashboard): bump `react-error-boundary` to v4 ## 0.13.7 ### Patch Changes - 9130ab12: chore(dashboard): bump `yup` to v1 and `@hookform/resolvers` to v3 ## 0.13.6 ### Patch Changes - 253dd235: using new mutation to create projects + refactor Create Project page. ## 0.13.5 ### Patch Changes - @nhost/react-apollo@5.0.12 - @nhost/nextjs@1.13.17 ## 0.13.4 ### Patch Changes - b48bc034: fix(dashboard): disable new users - 798e591b: fix(dashboard): show correct date in data grid ## 0.13.3 ### Patch Changes - bfb4c1a6: chore(dashboard): remove `useAxios` property - d8d8394b: Dashboard: allow to override hasura admin secret in docker - Updated dependencies [ce1ee40d] - @nhost/nextjs@1.13.16 - @nhost/react-apollo@5.0.11 ## 0.13.2 ### Patch Changes - beed2eba: Fix docker entrypoint for dashboard - 2c8559a3: fix(dashboard): refresh project list after deleting a project - 4329d048: chore(dashboard): bump `graphiql` dependencies ## 0.13.1 ### Patch Changes - cbb1fc5b: chore(dashboard): cleanup GraphQL operations ## 0.13.0 ### Minor Changes - 088584e7: feat(dashboard): add support for custom local subdomains ### Patch Changes - 2ac90dfd: fix(dashboard): improve mobile responsive layout - Updated dependencies [f375eacc] - @nhost/nextjs@1.13.15 - @nhost/react-apollo@5.0.10 ## 0.12.4 ### Patch Changes - @nhost/react-apollo@5.0.9 - @nhost/nextjs@1.13.14 ## 0.12.3 ### Patch Changes - 2b1338f7: chore(dashboard): bump `turbo` to 1.8.3 - 5223ee93: fix(dashboard): show correct deployment status on the main page - 850a049c: chore(deps): update docker/build-push-action action to v4 - Updated dependencies [850a049c] - @nhost/nextjs@1.13.13 - @nhost/react-apollo@5.0.8 ## 0.12.2 ### Patch Changes - 4bf40995: chore(deps): bump `typescript` to `4.9.5` - 8bb097c9: chore(deps): bump `vitest` - 35d52aab: chore(deps): replace `cross-fetch` with `isomorphic-unfetch` - Updated dependencies [4bf40995] - Updated dependencies [8bb097c9] - Updated dependencies [35d52aab] - @nhost/react-apollo@5.0.7 - @nhost/nextjs@1.13.12 ## 0.12.1 ### Patch Changes - c96d7ccd: fix(dashboard): fix docker builds ## 0.12.0 ### Minor Changes - d1671210: feat(dashboard): use mimir to manage project configuration ### Patch Changes - f65e4de9: chore(deps): bump @graphql-codegen monorepo to v3 ## 0.11.20 ### Patch Changes - 4b4f0d01: chore(dashboard): improve dialog management ## 0.11.19 ### Patch Changes - @nhost/react-apollo@5.0.6 - @nhost/nextjs@1.13.11 ## 0.11.18 ### Patch Changes - 01318860: fix(nhost-js): use correct URL for functions requests - Updated dependencies [01318860] - @nhost/react-apollo@5.0.5 - @nhost/nextjs@1.13.10 ## 0.11.17 ### Patch Changes - f673adea: fix(dashboard): set correct Content-Type for user creation - 445d8ef4: chore(deps): bump `@nhost/react-apollo` to 5.0.4 - 445d8ef4: chore(deps): bump `@nhost/nextjs` to 1.13.9 - 0368663d: fix(dashboard): allow permission editing for auth and storage schemas - Updated dependencies [445d8ef4] - Updated dependencies [445d8ef4] - @nhost/react-apollo@5.0.4 - @nhost/nextjs@1.13.9 ## 0.11.16 ### Patch Changes - b755e908: fix(dashboard): use correct date for last seen - 2d9145f9: chore(deps): revert GraphQL client - 1ddf704c: fix(dashboard): don't show false positive message for failed user creation - @nhost/react-apollo@5.0.3 - @nhost/nextjs@1.13.8 ## 0.11.15 ### Patch Changes - @nhost/react-apollo@5.0.2 - @nhost/nextjs@1.13.7 ## 0.11.14 ### Patch Changes - 2cc18dcb: fix(dashboard): prevent permission editor dropdown from being always open ## 0.11.13 ### Patch Changes - 3343a363: chore(dashboard): bump `@testing-library/react` to v14 and `@testing-library/dom` to v9 - @nhost/react-apollo@5.0.1 - @nhost/nextjs@1.13.6 ## 0.11.12 ### Patch Changes - 87eda76e: chore(dashboard): bump `@types/react` to v18.0.28 and `@types/react-dom` to v18.0.11 - 6f0ac570: feat(dashboard): show dashboard version in account menu ## 0.11.11 ### Patch Changes - bf1e4071: chore(dashboard): bump `react-is` version to `18.2.0` - Updated dependencies [bf1e4071] - Updated dependencies [5013213b] - @nhost/nextjs@1.13.5 - @nhost/react-apollo@4.13.5 ## 0.11.10 ### Patch Changes - a37a430b: fix(dashboard): don't break UI when deployments are unavailable - @nhost/react-apollo@4.13.4 - @nhost/nextjs@1.13.4 ## 0.11.9 ### Patch Changes - 7b970e68: fix(dashboard): fix header link color ## 0.11.8 ### Patch Changes - f33242f2: feat(dashboard): add new sign up, sign in and reset password pages ## 0.11.7 ### Patch Changes - e9c8909c: fix(dashboard): use correct theme color in dark mode ## 0.11.6 ### Patch Changes - 902f486b: fix(dashboard): re-enable Hasura on logs page ## 0.11.5 ### Patch Changes - 1f9720fa: fix(dashboard): apply select permissions properly ## 0.11.4 ### Patch Changes - deb14b51: fix(dashboard): don't break billing form ## 0.11.3 ### Patch Changes - @nhost/react-apollo@4.13.3 - @nhost/nextjs@1.13.3 ## 0.11.2 ### Patch Changes - f143e51d: chore(dashboard): pin Turborepo to 1.6.3 ## 0.11.1 ### Patch Changes - c2b5a41a: chore(dashboard): select system colors by default ## 0.11.0 ### Minor Changes - 1ebaf429: feat(dashboard): introduce Dark Mode 🌚 ### Patch Changes - 63b445c4: fixed duplicated logs bug and made to date count during live mode ## 0.10.1 ### Patch Changes - e146d32e: chore(deps): update dependency @types/react to v18.0.27 - 59347fcd: correct allowed role name - 5b65cac9: updated authentication documentation - 963f9b5e: feat(dashboard): include project info in feedback ## 0.10.0 ### Minor Changes - ed4c7801: chore(dashboard): remove Functions section ## 0.9.10 ### Patch Changes - 4e2f8ccd: fix(dashboard): don't break Auth page in local mode ## 0.9.9 ### Patch Changes - 31abbe5f: fix(dashboard): enable toggle when settings are filled in ## 0.9.8 ### Patch Changes - 5bdd31ad: chore(dashboard): list fewer images per page on the Storage page - 5121851c: fix(dashboard): don't throw validation error for valid permission rules ## 0.9.7 ### Patch Changes - c126b20d: fix(dashboard): correct redeployment button ## 0.9.6 ### Patch Changes - 36c3519c: feat(dashboard): retrigger deployments ## 0.9.5 ### Patch Changes - 200e9f77: chore(deps): update dependency @types/react-dom to v18.0.10 - Updated dependencies [200e9f77] - @nhost/nextjs@1.13.2 - @nhost/react-apollo@4.13.2 ## 0.9.4 ### Patch Changes - dbd3ded5: fix(dashboard): workspaces creation, new form, correct redirects. ## 0.9.3 ### Patch Changes - 85f0f943: fix(dashboard): don't break the table creation process ## 0.9.2 ### Patch Changes - Updated dependencies [d42c27ae] - Updated dependencies [927be4a2] - @nhost/nextjs@1.13.1 - @nhost/react-apollo@4.13.1 ## 0.9.1 ### Patch Changes - d0f80811: fix(dashboard): don't show error when signing out the user ## 0.9.0 ### Minor Changes - d92891b2: feat(dashboard): add Permission Editor to the Database section ### Patch Changes - 3d379128: fix(dashboard): create new user - @nhost/react-apollo@4.13.0 - @nhost/nextjs@1.13.0 ## 0.8.1 ### Patch Changes - 7cadd944: fix(dashboard): display Twitter provider settings ## 0.8.0 ### Minor Changes - 9a1aa7bb: add functions to the log dashboard - f29abe62: feat(dashboard): Users Management v2 ### Patch Changes - 7766624b: feat(dashboard): add JWT secret editor modal - @nhost/react-apollo@4.12.1 - @nhost/nextjs@1.12.1 ## 0.7.13 ### Patch Changes - dd0738d5: fix(dashboard): provisioning status polling ## 0.7.12 ### Patch Changes - b21222b3: chore(deps): update dependency @types/node to v16 - 9e0486a3: fix(dashboard): close modals when navigating - Updated dependencies [b21222b3] - Updated dependencies [65687bee] - Updated dependencies [54df0df4] - @nhost/nextjs@1.12.0 - @nhost/react-apollo@4.12.0 ## 0.7.11 ### Patch Changes - d6527122: fix(dashboard): use correct service URLs ## 0.7.10 ### Patch Changes - Updated dependencies [57db5b83] - @nhost/nextjs@1.11.0 - @nhost/nhost-js@1.7.0 - @nhost/react@0.17.0 - @nhost/react-apollo@4.11.0 ## 0.7.9 ### Patch Changes - a6d31dc2: fix(dashboard): don't break the UI when project is not loaded yet ## 0.7.8 ### Patch Changes - 7f251111: Use `NhostProvider` instead of `NhostReactProvider` and `NhostNextProvider` `NhostReactProvider` and `NhostNextProvider` are now deprecated - f4d70f88: fix(dashboard): do not break when region is nullish - 4a9471cc: Windows Live Provider displayed link updated to match backend url - 594488e4: fix(dashboard): do not show error when submitting Apple provider settings - Updated dependencies [7f251111] - @nhost/nextjs@1.10.0 - @nhost/react@0.16.0 - @nhost/react-apollo@4.10.0 ## 0.7.7 ### Patch Changes - 80b604ad: fix(dashboard): use correct Hasura slug ## 0.7.6 ### Patch Changes - 2d2beb53: fix(dashboard): prevent error on GraphQL page - ac8efcbd: chore(dashboard): deprecate old DNS name ## 0.7.5 ### Patch Changes - 132a4f4b: chore(dashboard): remove unused dependencies - 132a4f4b: chore(deps): synchronize @types/react-dom and @types/react versions - db57572f: fix(dashboard): correct section paddings when no env vars - Updated dependencies [132a4f4b] - @nhost/react@0.15.2 - @nhost/react-apollo@4.9.2 - @nhost/nextjs@1.9.3 ## 0.7.4 ### Patch Changes - 34d85e54: chore(deps): update dependency critters to ^0.0.16 - 9b93cf95: chore(deps): update dependency @netlify/functions to ^0.11.0 - e0439030: chore(deps): update dependency @types/react-dom to v18.0.9 - Updated dependencies [82124329] - @nhost/nextjs@1.9.2 ## 0.7.3 ### Patch Changes - a1193da4: fix(dashboard): remove character limit from env var inputs ## 0.7.2 ### Patch Changes - 44f13f62: chore(dashboard): cleanup unused files ## 0.7.1 ### Patch Changes - e01cb2ed: chore(dashboard): change settings sidebar menu item density ## 0.7.0 ### Minor Changes - db342f45: chore(dashboard): refactor Roles and Permissions settings sections - 8b9fa0b1: feat(dashboard): add Environment Variables page ### Patch Changes - Updated dependencies [66b4f3d0] - Updated dependencies [2e6923dc] - Updated dependencies [ef117c28] - Updated dependencies [aebb8225] - @nhost/core@0.9.4 - @nhost/nhost-js@1.6.2 - @nhost/nextjs@1.9.1 - @nhost/react@0.15.1 - @nhost/react-apollo@4.9.1 ## 0.6.0 ### Minor Changes - eef9c914: feat(dashboard): add Roles and Permissions page ## 0.5.0 ### Minor Changes - a48dd5bf: feat(dashboard): make backend port configurable ## 0.4.3 ### Patch Changes - 5de965d9: fix(dashboard): alphabetic ordering of providers - b9087a4a: fix(dashboard): console -> dashboard terminology - ca012d79: docs(workos): WorkOS Docs ## 0.4.2 ### Patch Changes - 89bd37bc: fix(dashboard): correct redirect URL input opacity - Updated dependencies [4601d84e] - Updated dependencies [843087cb] - @nhost/react@0.15.0 - @nhost/nextjs@1.9.0 - @nhost/react-apollo@4.9.0 ## 0.4.1 ### Patch Changes - 766cb612: fix(dashboard): correct redirect URL for oauth providers - Updated dependencies [53bdc294] - Updated dependencies [f2aaff05] - @nhost/nextjs@1.8.3 - @nhost/core@0.9.3 - @nhost/react@0.14.3 - @nhost/nhost-js@1.6.1 - @nhost/react-apollo@4.8.3 ## 0.4.0 ### Minor Changes - 9211743d: feat(dashboard): migrate Settings page features ## 0.3.0 ### Minor Changes - 73da6a67: fix(dashboard): avoid using BACKEND_URL locally ## 0.2.0 ### Minor Changes - db118f97: feat(dashboard): generate Docker image ## @nhost/docs@2.23.0 ### Minor Changes - 14e6100: feat: add documentation for sign-in with ID token ## @nhost-examples/react-native@0.1.0 ### Minor Changes - 14e6100: feat: add signIn with Google and Apple using an ID token ### Patch Changes - Updated dependencies [14e6100] - @nhost/react@3.8.0 - @nhost/react-apollo@15.0.0 ## @nhost-examples/cli@0.3.14 ### Patch Changes - @nhost/nhost-js@3.2.1 ## @nhost-examples/codegen-react-apollo@0.4.15 ### Patch Changes - Updated dependencies [14e6100] - @nhost/react@3.8.0 - @nhost/react-apollo@15.0.0 ## @nhost-examples/codegen-react-query@0.4.15 ### Patch Changes - Updated dependencies [14e6100] - @nhost/react@3.8.0 ## @nhost-examples/codegen-react-urql@0.3.15 ### Patch Changes - Updated dependencies [14e6100] - @nhost/react@3.8.0 - @nhost/react-urql@12.0.0 ## @nhost-examples/multi-tenant-one-to-many@2.2.15 ### Patch Changes - @nhost/nhost-js@3.2.1 ## @nhost-examples/nextjs@0.3.15 ### Patch Changes - Updated dependencies [14e6100] - @nhost/react@3.8.0 - @nhost/react-apollo@15.0.0 - @nhost/nextjs@2.1.24 ## @nhost-examples/node-storage@0.2.14 ### Patch Changes - @nhost/nhost-js@3.2.1 ## @nhost-examples/nextjs-server-components@0.4.16 ### Patch Changes - @nhost/nhost-js@3.2.1 ## @nhost-examples/react-apollo@1.1.1 ### Patch Changes - Updated dependencies [14e6100] - @nhost/react@3.8.0 - @nhost/react-apollo@15.0.0 ## @nhost-examples/react-gqty@1.2.15 ### Patch Changes - Updated dependencies [14e6100] - @nhost/react@3.8.0 ## @nhost-examples/vue-apollo@0.7.1 ### Patch Changes - Updated dependencies [14e6100] - @nhost/vue@2.8.0 - @nhost/nhost-js@3.2.1 - @nhost/apollo@8.0.1 ## @nhost-examples/vue-quickstart@0.2.15 ### Patch Changes - Updated dependencies [14e6100] - @nhost/vue@2.8.0 - @nhost/apollo@8.0.1 Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>
2024-11-28 13:58:58 +01:00 · 2024-11-28 13:29:47 +01:00 · 2024-11-28 12:59:43 +01:00 · 2024-11-28 09:34:12 +01:00
115 changed files with 2900 additions and 689 deletions
--- a/README.md
+++ b/README.md
@@ -15,6 +15,8 @@
 <a href="https://twitter.com/nhost">Twitter</a>
 <span>&nbsp;&nbsp;•&nbsp;&nbsp;</span>
 <a href="https://nhost.io/discord">Discord</a>
+<span>&nbsp;&nbsp;•&nbsp;&nbsp;</span>
+<a href="https://gurubase.io/g/nhost">Ask Nhost Guru (third party, unofficial)</a>
 <br />

  <hr />
@@ -148,4 +150,4 @@ Here are some ways of contributing to making Nhost better:
  <p align="center">
    <img width="720" src="https://contrib.rocks/image?repo=nhost/nhost" alt="A table of avatars from the project's contributors" />
  </p>
-</a>
+</a>
--- a/dashboard/package.json
+++ b/dashboard/package.json
@@ -1,6 +1,6 @@
 {
  "name": "@nhost/dashboard",
-  "version": "2.7.1",
+  "version": "2.7.2",
  "private": true,
  "scripts": {
    "preinstall": "npx only-allow pnpm",
--- a/docs/CHANGELOG.md
+++ b/docs/CHANGELOG.md
@@ -1,5 +1,11 @@
 # @nhost/docs

+## 2.23.0
+
+### Minor Changes
+
+- 14e6100: feat: add documentation for sign-in with ID token
+
 ## 2.22.0

 ### Minor Changes
--- a/docs/guides/auth/sign-in-idtokens.mdx
+++ b/docs/guides/auth/sign-in-idtokens.mdx
@@ -0,0 +1,93 @@
+---
+title: Sign In with ID tokens
+sidebarTitle: IDTokens
+description: Learn about ID tokens
+icon: binary
+---
+
+## Overview
+
+ID tokens are tokens provided by identity providers that contain authenticated user information and are specifically designed for authentication purposes, unlike access tokens which are used for authorization. ID tokens include claims about the user's identity, such as user ID, name, and email, along with metadata like token expiration time and intended audience.
+
+ID tokens serve as a secure proof that a user has already been authenticated by a trusted identity provider. When someone logs in through their device's built-in authentication (like Sign in with Apple on iOS/macOS or Google Sign-in on Android), the system generates an ID token. This token can then be passed to your authentication service, confirming the user's identity without requiring them to log in again. This streamlined approach works with any OpenID Connect (OIDC) provider, including popular services like Google One Tap sign-in, making the authentication process both secure and user-friendly.
+
+## Usage
+
+To use ID tokens, you need to configure supported identity providers (currently [apple](/guides/auth/social/sign-in-apple) and [google](/guides/auth/social/sign-in-google)) and make sure the `audience` is set correctly.
+
+### Sign in
+
+Once everything is configured you can use an ID token to authenticate users with just a single call:
+
+<Tabs>
+  <Tab title="javascript">
+  ```js
+  nhost.auth.signInIdToken({
+    provider: 'google', // The provider name, e.g., 'google', 'apple', etc.
+    idToken: '...', // The ID token issued by the provider.
+    nonce: '...' // Optional: The nonce used during token generation.
+  })
+  ```
+
+  </Tab>
+
+{' '}
+<Tab title="react">See [react docs](/reference/react/use-sign-in-id-token) for details</Tab>
+
+{' '}
+<Tab title="vue">See [vue docs](/reference/react/use-sign-in-id-token) for details</Tab>
+
+  <Tab title="dart">
+  ```dart
+  nhost.auth.signInIdToken(provider: 'google', idToken: '...', nonce: '...');
+  ```
+
+  </Tab>
+</Tabs>
+
+### Link Provider to existing user
+
+Similarly to the [Social Connect](/guides/auth/social-connect) feature, you can link an identity provider to an existing user:
+
+<Tabs>
+  <Tab title="javascript">
+  ```js
+  nhost.auth.linkIdToken({
+    provider: 'google', // The provider name, e.g., 'google', 'apple', etc.
+    idToken: '...', // The ID token issued by the provider.
+    nonce: '...' // Optional: The nonce used during token generation.
+  })
+  ```
+
+{' '}
+<Note>Keep in mind this is an authenticated method so the user must be logged in already.</Note>
+
+  </Tab>
+
+{' '}
+<Tab title="react">See [react docs](/reference/react/use-link-id-token) for details</Tab>
+
+{' '}
+<Tab title="vue">See [vue docs](/reference/vue/use-link-id-token) for details</Tab>
+
+  <Tab title="dart">
+  ```dart
+  nhost.auth.linkIdToken(provider: 'google', idToken: '...', nonce: '...');
+  ```
+
+  </Tab>
+</Tabs>
+
+## Examples
+
+Below you can find some examples on how to extract an ID Token from various identity providers to be used with the Auth service. Keep in mind these are just some examples, use cases and sources are not limited to the examples below.
+
+### React Native
+
+#### Apple
+
+For an example on how to authenticate using "Sign in with Apple" on iOS using React Native you can refer to our [sample component](https://github.com/nhost/nhost/blob/main/examples/react_native/src/components/SignInWithAppleButton.tsx).
+
+#### Google
+
+For an example on how to authenticate using "Sign in with Google" on Android using React Native you can refer to our [sample component](https://github.com/nhost/nhost/blob/main/examples/react_native/src/components/SignInWithGoogleButton.tsx).
--- a/docs/mint.json
+++ b/docs/mint.json
@@ -1,7 +1,11 @@
 {
  "$schema": "https://mintlify.com/schema.json",
  "name": "Documentation",
-  "openapi": ["reference/openapi-auth.yaml", "reference/openapi-auth-old.yaml", "reference/openapi-storage.yaml"],
+  "openapi": [
+    "reference/openapi-auth.yaml",
+    "reference/openapi-auth-old.yaml",
+    "reference/openapi-storage.yaml"
+  ],
  "logo": {
    "dark": "/logo/dark.svg",
    "light": "/logo/light.svg"
@@ -158,6 +162,7 @@
        "guides/auth/sign-in-magic-link",
        "guides/auth/sign-in-phone-number",
        "guides/auth/sign-in-webauthn",
+        "guides/auth/sign-in-idtokens",
        "guides/auth/elevated-permissions",
        "guides/auth/bot-protection",
        "guides/auth/email-templates",
@@ -347,7 +352,9 @@
                "reference/javascript/auth/elevate-email-security-key",
                "reference/javascript/auth/connect-provider",
                "reference/javascript/auth/sign-in-email-otp",
-                "reference/javascript/auth/verify-email-otp"
+                "reference/javascript/auth/verify-email-otp",
+                "reference/javascript/auth/sign-in-id-token",
+                "reference/javascript/auth/link-id-token"
              ]
            },
            {
@@ -431,7 +438,9 @@
            "reference/react/use-user-is-anonymous",
            "reference/react/use-user-locale",
            "reference/react/use-user-roles",
-            "reference/react/use-sign-in-email-otp"
+            "reference/react/use-sign-in-email-otp",
+            "reference/react/use-sign-in-id-token",
+            "reference/react/use-link-id-token"
          ]
        },
        {
@@ -479,7 +488,9 @@
            "reference/nextjs/use-user-is-anonymous",
            "reference/nextjs/use-user-locale",
            "reference/nextjs/use-user-roles",
-            "reference/nextjs/use-sign-in-email-otp"
+            "reference/nextjs/use-sign-in-email-otp",
+            "reference/nextjs/use-sign-in-id-token",
+            "reference/nextjs/use-link-id-token"
          ]
        },
        {
@@ -522,7 +533,9 @@
            "reference/vue/use-elevate-security-key-email",
            "reference/vue/use-sign-in-email-security-key",
            "reference/vue/use-sign-up-email-security-key",
-            "reference/vue/use-sign-in-email-otp"
+            "reference/vue/use-sign-in-email-otp",
+            "reference/vue/use-sign-in-id-token",
+            "reference/vue/use-link-id-token"
          ]
        },
        {
--- a/docs/package.json
+++ b/docs/package.json
@@ -1,6 +1,6 @@
 {
  "name": "@nhost/docs",
-  "version": "2.22.0",
+  "version": "2.23.0",
  "private": true,
  "scripts": {
    "start": "mintlify dev"
--- a/docs/product/authentication.mdx
+++ b/docs/product/authentication.mdx
@@ -21,7 +21,9 @@ Combined with a powerful **Permission Rules** system, Nhost Auth offers everythi
  </Card>
  <Card title="Security Keys (WebAuthn)" icon="square-5" href="../guides/auth/sign-in-webauthn">
  </Card>
-  <Card title="Elevated Permissions" icon="square-6" href="../guides/auth/elevated-permissions">
+  <Card title="ID Tokens" icon="square-6" href="../guides/auth/sign-in-idtokens">
+  </Card>
+  <Card title="Elevated Permissions" icon="square-7" href="../guides/auth/elevated-permissions">
  </Card>
 </CardGroup>

--- a/docs/reference/javascript/auth/link-id-token.mdx
+++ b/docs/reference/javascript/auth/link-id-token.mdx
@@ -0,0 +1,28 @@
+---
+title: linkIdToken()
+sidebarTitle: linkIdToken()
+---
+
+Use `nhost.auth.linkIdToken` to link a user account with the provider's account using an ID token
+
+```ts
+nhost.auth.linkIdToken({
+  provider: 'google', // The provider name, e.g., 'google', 'apple', etc.
+  idToken: '...', // The ID token issued by the provider.
+  nonce: '...' // Optional: The nonce used during token generation.
+})
+```
+
+## Parameters
+
+---
+
+**<span className="parameter-name">params</span>** <span className="optional-status">required</span> [`LinkIdTokenParams`](/reference/javascript/auth/types/link-id-token-params)
+
+| Property                                                                                    | Type                                                    | Required | Notes |
+| :------------------------------------------------------------------------------------------ | :------------------------------------------------------ | :------: | :---- |
+| <span className="parameter-name"><span className="light-grey">params.</span>idToken</span>  | <code>string</code>                                     |    ✔️    |       |
+| <span className="parameter-name"><span className="light-grey">params.</span>provider</span> | [`Provider`](/reference/javascript/auth/types/provider) |    ✔️    |       |
+| <span className="parameter-name"><span className="light-grey">params.</span>nonce</span>    | <code>string</code>                                     |          |       |
+
+---
--- a/docs/reference/javascript/auth/sign-in-id-token.mdx
+++ b/docs/reference/javascript/auth/sign-in-id-token.mdx
@@ -0,0 +1,28 @@
+---
+title: signInIdToken()
+sidebarTitle: signInIdToken()
+---
+
+Use `nhost.auth.signInIdToken` to sign in a user with the provider's account using an ID token
+
+```ts
+nhost.auth.signInIdToken({
+  provider: 'google', // The provider name, e.g., 'google', 'apple', etc.
+  idToken: '...', // The ID token issued by the provider.
+  nonce: '...' // Optional: The nonce used during token generation.
+})
+```
+
+## Parameters
+
+---
+
+**<span className="parameter-name">params</span>** <span className="optional-status">required</span> [`SignInIdTokenParams`](/reference/javascript/auth/types/sign-in-id-token-params)
+
+| Property                                                                                    | Type                                                    | Required | Notes |
+| :------------------------------------------------------------------------------------------ | :------------------------------------------------------ | :------: | :---- |
+| <span className="parameter-name"><span className="light-grey">params.</span>idToken</span>  | <code>string</code>                                     |    ✔️    |       |
+| <span className="parameter-name"><span className="light-grey">params.</span>provider</span> | [`Provider`](/reference/javascript/auth/types/provider) |    ✔️    |       |
+| <span className="parameter-name"><span className="light-grey">params.</span>nonce</span>    | <code>string</code>                                     |          |       |
+
+---
--- a/docs/reference/javascript/auth/types/link-id-token-handler-params.mdx
+++ b/docs/reference/javascript/auth/types/link-id-token-handler-params.mdx
@@ -0,0 +1,23 @@
+---
+title: LinkIdTokenHandlerParams
+sidebarTitle: LinkIdTokenHandlerParams
+description: No description provided.
+---
+
+# `LinkIdTokenHandlerParams`
+
+## Parameters
+
+---
+
+**<span className="parameter-name">idToken</span>** <span className="optional-status">required</span> <code>string</code>
+
+---
+
+**<span className="parameter-name">provider</span>** <span className="optional-status">required</span> [`Provider`](/reference/javascript/auth/types/provider)
+
+---
+
+**<span className="parameter-name">nonce</span>** <span className="optional-status">optional</span> <code>string</code>
+
+---
--- a/docs/reference/javascript/auth/types/link-id-token-handler-result.mdx
+++ b/docs/reference/javascript/auth/types/link-id-token-handler-result.mdx
@@ -0,0 +1,35 @@
+---
+title: LinkIdTokenHandlerResult
+sidebarTitle: LinkIdTokenHandlerResult
+description: No description provided.
+---
+
+# `LinkIdTokenHandlerResult`
+
+## Parameters
+
+---
+
+**<span className="parameter-name">isError</span>** <span className="optional-status">required</span> <code>boolean</code>
+
+**`@returns`**
+
+`true` if an error occurred
+
+**`@depreacted`**
+
+use `!isSuccess` or `!!error` instead
+
+---
+
+**<span className="parameter-name">error</span>** <span className="optional-status">required</span> <code>null &#124; [`AuthErrorPayload`](/reference/javascript/auth/types/auth-error-payload)</code>
+
+Provides details about the error
+
+---
+
+**<span className="parameter-name">isSuccess</span>** <span className="optional-status">required</span> <code>boolean</code>
+
+Returns `true` if the action is successful.
+
+---
--- a/docs/reference/javascript/auth/types/link-id-token-params.mdx
+++ b/docs/reference/javascript/auth/types/link-id-token-params.mdx
@@ -0,0 +1,11 @@
+---
+title: LinkIdTokenParams
+sidebarTitle: LinkIdTokenParams
+description: No description provided.
+---
+
+# `LinkIdTokenParams`
+
+```ts
+type LinkIdTokenParams = () => { idToken: string, provider: [Provider](/reference/javascript/auth/types/provider), nonce: string }
+```
--- a/docs/reference/javascript/auth/types/sign-in-id-token-handler-params.mdx
+++ b/docs/reference/javascript/auth/types/sign-in-id-token-handler-params.mdx
@@ -0,0 +1,23 @@
+---
+title: SignInIdTokenHandlerParams
+sidebarTitle: SignInIdTokenHandlerParams
+description: No description provided.
+---
+
+# `SignInIdTokenHandlerParams`
+
+## Parameters
+
+---
+
+**<span className="parameter-name">idToken</span>** <span className="optional-status">required</span> <code>string</code>
+
+---
+
+**<span className="parameter-name">provider</span>** <span className="optional-status">required</span> [`Provider`](/reference/javascript/auth/types/provider)
+
+---
+
+**<span className="parameter-name">nonce</span>** <span className="optional-status">optional</span> <code>string</code>
+
+---
--- a/docs/reference/javascript/auth/types/sign-in-id-token-handler-result.mdx
+++ b/docs/reference/javascript/auth/types/sign-in-id-token-handler-result.mdx
@@ -0,0 +1,53 @@
+---
+title: SignInIdTokenHandlerResult
+sidebarTitle: SignInIdTokenHandlerResult
+description: No description provided.
+---
+
+# `SignInIdTokenHandlerResult`
+
+## Parameters
+
+---
+
+**<span className="parameter-name">isError</span>** <span className="optional-status">required</span> <code>boolean</code>
+
+**`@returns`**
+
+`true` if an error occurred
+
+**`@depreacted`**
+
+use `!isSuccess` or `!!error` instead
+
+---
+
+**<span className="parameter-name">error</span>** <span className="optional-status">required</span> <code>null &#124; [`AuthErrorPayload`](/reference/javascript/auth/types/auth-error-payload)</code>
+
+Provides details about the error
+
+---
+
+**<span className="parameter-name">isSuccess</span>** <span className="optional-status">required</span> <code>boolean</code>
+
+Returns `true` if the action is successful.
+
+---
+
+**<span className="parameter-name">user</span>** <span className="optional-status">required</span> <code>null &#124; [`User`](/reference/javascript/auth/types/user)</code>
+
+User information
+
+---
+
+**<span className="parameter-name">accessToken</span>** <span className="optional-status">required</span> <code>null &#124; string</code>
+
+Access token (JWT)
+
+---
+
+**<span className="parameter-name">refreshToken</span>** <span className="optional-status">required</span> <code>null &#124; string</code>
+
+Access token (JWT)
+
+---
--- a/docs/reference/javascript/auth/types/sign-in-id-token-params.mdx
+++ b/docs/reference/javascript/auth/types/sign-in-id-token-params.mdx
@@ -0,0 +1,11 @@
+---
+title: SignInIdTokenParams
+sidebarTitle: SignInIdTokenParams
+description: No description provided.
+---
+
+# `SignInIdTokenParams`
+
+```ts
+type SignInIdTokenParams = () => { idToken: string, provider: [Provider](/reference/javascript/auth/types/provider), nonce: string }
+```
--- a/docs/reference/javascript/auth/types/sign-in-id-token-state.mdx
+++ b/docs/reference/javascript/auth/types/sign-in-id-token-state.mdx
@@ -0,0 +1,61 @@
+---
+title: SignInIdTokenState
+sidebarTitle: SignInIdTokenState
+description: No description provided.
+---
+
+# `SignInIdTokenState`
+
+## Parameters
+
+---
+
+**<span className="parameter-name">isError</span>** <span className="optional-status">required</span> <code>boolean</code>
+
+**`@returns`**
+
+`true` if an error occurred
+
+**`@depreacted`**
+
+use `!isSuccess` or `!!error` instead
+
+---
+
+**<span className="parameter-name">error</span>** <span className="optional-status">required</span> <code>null &#124; [`AuthErrorPayload`](/reference/javascript/auth/types/auth-error-payload)</code>
+
+Provides details about the error
+
+---
+
+**<span className="parameter-name">isLoading</span>** <span className="optional-status">required</span> <code>boolean</code>
+
+**`@returns`**
+
+`true` when the action is executing, `false` when it finished its execution.
+
+---
+
+**<span className="parameter-name">isSuccess</span>** <span className="optional-status">required</span> <code>boolean</code>
+
+Returns `true` if the action is successful.
+
+---
+
+**<span className="parameter-name">user</span>** <span className="optional-status">required</span> <code>null &#124; [`User`](/reference/javascript/auth/types/user)</code>
+
+User information
+
+---
+
+**<span className="parameter-name">accessToken</span>** <span className="optional-status">required</span> <code>null &#124; string</code>
+
+Access token (JWT)
+
+---
+
+**<span className="parameter-name">refreshToken</span>** <span className="optional-status">required</span> <code>null &#124; string</code>
+
+Access token (JWT)
+
+---
--- a/docs/reference/javascript/nhost-js/link-id-token.mdx
+++ b/docs/reference/javascript/nhost-js/link-id-token.mdx
@@ -0,0 +1,28 @@
+---
+title: linkIdToken()
+sidebarTitle: linkIdToken()
+---
+
+Use `nhost.auth.linkIdToken` to link a user account with the provider's account using an ID token
+
+```ts
+nhost.auth.linkIdToken({
+  provider: 'google', // The provider name, e.g., 'google', 'apple', etc.
+  idToken: '...', // The ID token issued by the provider.
+  nonce: '...' // Optional: The nonce used during token generation.
+})
+```
+
+## Parameters
+
+---
+
+**<span className="parameter-name">params</span>** <span className="optional-status">required</span> [`LinkIdTokenParams`](/reference/javascript/nhost-js/types/link-id-token-params)
+
+| Property                                                                                    | Type                                                        | Required | Notes |
+| :------------------------------------------------------------------------------------------ | :---------------------------------------------------------- | :------: | :---- |
+| <span className="parameter-name"><span className="light-grey">params.</span>idToken</span>  | <code>string</code>                                         |    ✔️    |       |
+| <span className="parameter-name"><span className="light-grey">params.</span>provider</span> | [`Provider`](/reference/javascript/nhost-js/types/provider) |    ✔️    |       |
+| <span className="parameter-name"><span className="light-grey">params.</span>nonce</span>    | <code>string</code>                                         |          |       |
+
+---
--- a/docs/reference/javascript/nhost-js/sign-in-id-token.mdx
+++ b/docs/reference/javascript/nhost-js/sign-in-id-token.mdx
@@ -0,0 +1,28 @@
+---
+title: signInIdToken()
+sidebarTitle: signInIdToken()
+---
+
+Use `nhost.auth.signInIdToken` to sign in a user with the provider's account using an ID token
+
+```ts
+nhost.auth.signInIdToken({
+  provider: 'google', // The provider name, e.g., 'google', 'apple', etc.
+  idToken: '...', // The ID token issued by the provider.
+  nonce: '...' // Optional: The nonce used during token generation.
+})
+```
+
+## Parameters
+
+---
+
+**<span className="parameter-name">params</span>** <span className="optional-status">required</span> [`SignInIdTokenParams`](/reference/javascript/nhost-js/types/sign-in-id-token-params)
+
+| Property                                                                                    | Type                                                        | Required | Notes |
+| :------------------------------------------------------------------------------------------ | :---------------------------------------------------------- | :------: | :---- |
+| <span className="parameter-name"><span className="light-grey">params.</span>idToken</span>  | <code>string</code>                                         |    ✔️    |       |
+| <span className="parameter-name"><span className="light-grey">params.</span>provider</span> | [`Provider`](/reference/javascript/nhost-js/types/provider) |    ✔️    |       |
+| <span className="parameter-name"><span className="light-grey">params.</span>nonce</span>    | <code>string</code>                                         |          |       |
+
+---
--- a/docs/reference/javascript/nhost-js/types/link-id-token-handler-params.mdx
+++ b/docs/reference/javascript/nhost-js/types/link-id-token-handler-params.mdx
@@ -0,0 +1,23 @@
+---
+title: LinkIdTokenHandlerParams
+sidebarTitle: LinkIdTokenHandlerParams
+description: No description provided.
+---
+
+# `LinkIdTokenHandlerParams`
+
+## Parameters
+
+---
+
+**<span className="parameter-name">idToken</span>** <span className="optional-status">required</span> <code>string</code>
+
+---
+
+**<span className="parameter-name">provider</span>** <span className="optional-status">required</span> [`Provider`](/reference/javascript/nhost-js/types/provider)
+
+---
+
+**<span className="parameter-name">nonce</span>** <span className="optional-status">optional</span> <code>string</code>
+
+---
--- a/docs/reference/javascript/nhost-js/types/link-id-token-handler-result.mdx
+++ b/docs/reference/javascript/nhost-js/types/link-id-token-handler-result.mdx
@@ -0,0 +1,35 @@
+---
+title: LinkIdTokenHandlerResult
+sidebarTitle: LinkIdTokenHandlerResult
+description: No description provided.
+---
+
+# `LinkIdTokenHandlerResult`
+
+## Parameters
+
+---
+
+**<span className="parameter-name">isError</span>** <span className="optional-status">required</span> <code>boolean</code>
+
+**`@returns`**
+
+`true` if an error occurred
+
+**`@depreacted`**
+
+use `!isSuccess` or `!!error` instead
+
+---
+
+**<span className="parameter-name">error</span>** <span className="optional-status">required</span> <code>null &#124; [`AuthErrorPayload`](/reference/javascript/nhost-js/types/auth-error-payload)</code>
+
+Provides details about the error
+
+---
+
+**<span className="parameter-name">isSuccess</span>** <span className="optional-status">required</span> <code>boolean</code>
+
+Returns `true` if the action is successful.
+
+---
--- a/docs/reference/javascript/nhost-js/types/link-id-token-params.mdx
+++ b/docs/reference/javascript/nhost-js/types/link-id-token-params.mdx
@@ -0,0 +1,11 @@
+---
+title: LinkIdTokenParams
+sidebarTitle: LinkIdTokenParams
+description: No description provided.
+---
+
+# `LinkIdTokenParams`
+
+```ts
+type LinkIdTokenParams = () => { idToken: string, provider: [Provider](/reference/javascript/nhost-js/types/provider), nonce: string }
+```
--- a/docs/reference/javascript/nhost-js/types/sign-in-id-token-handler-params.mdx
+++ b/docs/reference/javascript/nhost-js/types/sign-in-id-token-handler-params.mdx
@@ -0,0 +1,23 @@
+---
+title: SignInIdTokenHandlerParams
+sidebarTitle: SignInIdTokenHandlerParams
+description: No description provided.
+---
+
+# `SignInIdTokenHandlerParams`
+
+## Parameters
+
+---
+
+**<span className="parameter-name">idToken</span>** <span className="optional-status">required</span> <code>string</code>
+
+---
+
+**<span className="parameter-name">provider</span>** <span className="optional-status">required</span> [`Provider`](/reference/javascript/nhost-js/types/provider)
+
+---
+
+**<span className="parameter-name">nonce</span>** <span className="optional-status">optional</span> <code>string</code>
+
+---
--- a/docs/reference/javascript/nhost-js/types/sign-in-id-token-handler-result.mdx
+++ b/docs/reference/javascript/nhost-js/types/sign-in-id-token-handler-result.mdx
@@ -0,0 +1,53 @@
+---
+title: SignInIdTokenHandlerResult
+sidebarTitle: SignInIdTokenHandlerResult
+description: No description provided.
+---
+
+# `SignInIdTokenHandlerResult`
+
+## Parameters
+
+---
+
+**<span className="parameter-name">isError</span>** <span className="optional-status">required</span> <code>boolean</code>
+
+**`@returns`**
+
+`true` if an error occurred
+
+**`@depreacted`**
+
+use `!isSuccess` or `!!error` instead
+
+---
+
+**<span className="parameter-name">error</span>** <span className="optional-status">required</span> <code>null &#124; [`AuthErrorPayload`](/reference/javascript/nhost-js/types/auth-error-payload)</code>
+
+Provides details about the error
+
+---
+
+**<span className="parameter-name">isSuccess</span>** <span className="optional-status">required</span> <code>boolean</code>
+
+Returns `true` if the action is successful.
+
+---
+
+**<span className="parameter-name">user</span>** <span className="optional-status">required</span> <code>null &#124; [`User`](/reference/javascript/nhost-js/types/user)</code>
+
+User information
+
+---
+
+**<span className="parameter-name">accessToken</span>** <span className="optional-status">required</span> <code>null &#124; string</code>
+
+Access token (JWT)
+
+---
+
+**<span className="parameter-name">refreshToken</span>** <span className="optional-status">required</span> <code>null &#124; string</code>
+
+Access token (JWT)
+
+---
--- a/docs/reference/javascript/nhost-js/types/sign-in-id-token-params.mdx
+++ b/docs/reference/javascript/nhost-js/types/sign-in-id-token-params.mdx
@@ -0,0 +1,11 @@
+---
+title: SignInIdTokenParams
+sidebarTitle: SignInIdTokenParams
+description: No description provided.
+---
+
+# `SignInIdTokenParams`
+
+```ts
+type SignInIdTokenParams = () => { idToken: string, provider: [Provider](/reference/javascript/nhost-js/types/provider), nonce: string }
+```
--- a/docs/reference/javascript/nhost-js/types/sign-in-id-token-state.mdx
+++ b/docs/reference/javascript/nhost-js/types/sign-in-id-token-state.mdx
@@ -0,0 +1,61 @@
+---
+title: SignInIdTokenState
+sidebarTitle: SignInIdTokenState
+description: No description provided.
+---
+
+# `SignInIdTokenState`
+
+## Parameters
+
+---
+
+**<span className="parameter-name">isError</span>** <span className="optional-status">required</span> <code>boolean</code>
+
+**`@returns`**
+
+`true` if an error occurred
+
+**`@depreacted`**
+
+use `!isSuccess` or `!!error` instead
+
+---
+
+**<span className="parameter-name">error</span>** <span className="optional-status">required</span> <code>null &#124; [`AuthErrorPayload`](/reference/javascript/nhost-js/types/auth-error-payload)</code>
+
+Provides details about the error
+
+---
+
+**<span className="parameter-name">isLoading</span>** <span className="optional-status">required</span> <code>boolean</code>
+
+**`@returns`**
+
+`true` when the action is executing, `false` when it finished its execution.
+
+---
+
+**<span className="parameter-name">isSuccess</span>** <span className="optional-status">required</span> <code>boolean</code>
+
+Returns `true` if the action is successful.
+
+---
+
+**<span className="parameter-name">user</span>** <span className="optional-status">required</span> <code>null &#124; [`User`](/reference/javascript/nhost-js/types/user)</code>
+
+User information
+
+---
+
+**<span className="parameter-name">accessToken</span>** <span className="optional-status">required</span> <code>null &#124; string</code>
+
+Access token (JWT)
+
+---
+
+**<span className="parameter-name">refreshToken</span>** <span className="optional-status">required</span> <code>null &#124; string</code>
+
+Access token (JWT)
+
+---
--- a/docs/reference/nextjs/types/link-id-token-hook-result.mdx
+++ b/docs/reference/nextjs/types/link-id-token-hook-result.mdx
@@ -0,0 +1,39 @@
+---
+title: LinkIdTokenHookResult
+sidebarTitle: LinkIdTokenHookResult
+description: No description provided.
+---
+
+# `LinkIdTokenHookResult`
+
+## Parameters
+
+---
+
+**<span className="parameter-name">isError</span>** <span className="optional-status">required</span> <code>boolean</code>
+
+**`@returns`**
+
+`true` if an error occurred
+
+**`@depreacted`**
+
+use `!isSuccess` or `!!error` instead
+
+---
+
+**<span className="parameter-name">error</span>** <span className="optional-status">required</span> <code>null &#124; [`ErrorPayload`](/reference/nextjs/types/error-payload)</code>
+
+Provides details about the error
+
+---
+
+**<span className="parameter-name">isSuccess</span>** <span className="optional-status">required</span> <code>boolean</code>
+
+Returns `true` if the action is successful.
+
+---
+
+**<span className="parameter-name">linkIdToken</span>** <span className="optional-status">required</span> <code>LinkIdTokenHandler</code>
+
+---
--- a/docs/reference/nextjs/types/sign-in-id-token-hook-result.mdx
+++ b/docs/reference/nextjs/types/sign-in-id-token-hook-result.mdx
@@ -0,0 +1,65 @@
+---
+title: SignInIdTokenHookResult
+sidebarTitle: SignInIdTokenHookResult
+description: No description provided.
+---
+
+# `SignInIdTokenHookResult`
+
+## Parameters
+
+---
+
+**<span className="parameter-name">isError</span>** <span className="optional-status">required</span> <code>boolean</code>
+
+**`@returns`**
+
+`true` if an error occurred
+
+**`@depreacted`**
+
+use `!isSuccess` or `!!error` instead
+
+---
+
+**<span className="parameter-name">error</span>** <span className="optional-status">required</span> <code>null &#124; AuthErrorPayload</code>
+
+Provides details about the error
+
+---
+
+**<span className="parameter-name">isLoading</span>** <span className="optional-status">required</span> <code>boolean</code>
+
+**`@returns`**
+
+`true` when the action is executing, `false` when it finished its execution.
+
+---
+
+**<span className="parameter-name">isSuccess</span>** <span className="optional-status">required</span> <code>boolean</code>
+
+Returns `true` if the action is successful.
+
+---
+
+**<span className="parameter-name">user</span>** <span className="optional-status">required</span> <code>null &#124; [`User`](/reference/nextjs/types/user)</code>
+
+User information
+
+---
+
+**<span className="parameter-name">accessToken</span>** <span className="optional-status">required</span> <code>null &#124; string</code>
+
+Access token (JWT)
+
+---
+
+**<span className="parameter-name">refreshToken</span>** <span className="optional-status">required</span> <code>null &#124; string</code>
+
+Access token (JWT)
+
+---
+
+**<span className="parameter-name">signInIdToken</span>** <span className="optional-status">required</span> <code>SignInIdTokenHandler</code>
+
+---
--- a/docs/reference/nextjs/use-link-id-token.mdx
+++ b/docs/reference/nextjs/use-link-id-token.mdx
@@ -0,0 +1,20 @@
+---
+title: useLinkIdToken()
+sidebarTitle: useLinkIdToken()
+---
+
+Use the hook `useLinkIdToken` to link a user account with the provider's account using an id token
+
+```tsx
+const { linkIdToken, isLoading, isSuccess, isError, error } = useLinkIdToken()
+
+const handleFormSubmit = async (e) => {
+  e.preventDefault()
+
+  await linkIdToken({
+    provider: 'google',
+    idToken: '...',
+    nonce: '...'
+  })
+}
+```
--- a/docs/reference/nextjs/use-sign-in-id-token.mdx
+++ b/docs/reference/nextjs/use-sign-in-id-token.mdx
@@ -0,0 +1,19 @@
+---
+title: useSignInIdToken()
+sidebarTitle: useSignInIdToken()
+---
+
+Use the hook `useSignInIdToken` to sign in a user using an `idToken`.
+
+```tsx
+const { signInIdToken, isLoading, isSuccess, isError, error } =
+  useSignInIdToken()
+
+console.log({ isLoading, isSuccess, isError, error })
+
+const handleFormSubmit = async (e) => {
+  e.preventDefault()
+
+  await signInIdToken({ provider: 'google', idToken: '...' })
+}
+```
--- a/docs/reference/react/types/link-id-token-hook-result.mdx
+++ b/docs/reference/react/types/link-id-token-hook-result.mdx
@@ -0,0 +1,39 @@
+---
+title: LinkIdTokenHookResult
+sidebarTitle: LinkIdTokenHookResult
+description: No description provided.
+---
+
+# `LinkIdTokenHookResult`
+
+## Parameters
+
+---
+
+**<span className="parameter-name">isError</span>** <span className="optional-status">required</span> <code>boolean</code>
+
+**`@returns`**
+
+`true` if an error occurred
+
+**`@depreacted`**
+
+use `!isSuccess` or `!!error` instead
+
+---
+
+**<span className="parameter-name">error</span>** <span className="optional-status">required</span> <code>null &#124; [`ErrorPayload`](/reference/react/types/error-payload)</code>
+
+Provides details about the error
+
+---
+
+**<span className="parameter-name">isSuccess</span>** <span className="optional-status">required</span> <code>boolean</code>
+
+Returns `true` if the action is successful.
+
+---
+
+**<span className="parameter-name">linkIdToken</span>** <span className="optional-status">required</span> <code>LinkIdTokenHandler</code>
+
+---
--- a/docs/reference/react/types/sign-in-id-token-hook-result.mdx
+++ b/docs/reference/react/types/sign-in-id-token-hook-result.mdx
@@ -0,0 +1,65 @@
+---
+title: SignInIdTokenHookResult
+sidebarTitle: SignInIdTokenHookResult
+description: No description provided.
+---
+
+# `SignInIdTokenHookResult`
+
+## Parameters
+
+---
+
+**<span className="parameter-name">isError</span>** <span className="optional-status">required</span> <code>boolean</code>
+
+**`@returns`**
+
+`true` if an error occurred
+
+**`@depreacted`**
+
+use `!isSuccess` or `!!error` instead
+
+---
+
+**<span className="parameter-name">error</span>** <span className="optional-status">required</span> <code>null &#124; AuthErrorPayload</code>
+
+Provides details about the error
+
+---
+
+**<span className="parameter-name">isLoading</span>** <span className="optional-status">required</span> <code>boolean</code>
+
+**`@returns`**
+
+`true` when the action is executing, `false` when it finished its execution.
+
+---
+
+**<span className="parameter-name">isSuccess</span>** <span className="optional-status">required</span> <code>boolean</code>
+
+Returns `true` if the action is successful.
+
+---
+
+**<span className="parameter-name">user</span>** <span className="optional-status">required</span> <code>null &#124; [`User`](/reference/react/types/user)</code>
+
+User information
+
+---
+
+**<span className="parameter-name">accessToken</span>** <span className="optional-status">required</span> <code>null &#124; string</code>
+
+Access token (JWT)
+
+---
+
+**<span className="parameter-name">refreshToken</span>** <span className="optional-status">required</span> <code>null &#124; string</code>
+
+Access token (JWT)
+
+---
+
+**<span className="parameter-name">signInIdToken</span>** <span className="optional-status">required</span> <code>SignInIdTokenHandler</code>
+
+---
--- a/docs/reference/react/use-link-id-token.mdx
+++ b/docs/reference/react/use-link-id-token.mdx
@@ -0,0 +1,20 @@
+---
+title: useLinkIdToken()
+sidebarTitle: useLinkIdToken()
+---
+
+Use the hook `useLinkIdToken` to link a user account with the provider's account using an id token
+
+```tsx
+const { linkIdToken, isLoading, isSuccess, isError, error } = useLinkIdToken()
+
+const handleFormSubmit = async (e) => {
+  e.preventDefault()
+
+  await linkIdToken({
+    provider: 'google',
+    idToken: '...',
+    nonce: '...'
+  })
+}
+```
--- a/docs/reference/react/use-sign-in-id-token.mdx
+++ b/docs/reference/react/use-sign-in-id-token.mdx
@@ -0,0 +1,19 @@
+---
+title: useSignInIdToken()
+sidebarTitle: useSignInIdToken()
+---
+
+Use the hook `useSignInIdToken` to sign in a user using an `idToken`.
+
+```tsx
+const { signInIdToken, isLoading, isSuccess, isError, error } =
+  useSignInIdToken()
+
+console.log({ isLoading, isSuccess, isError, error })
+
+const handleFormSubmit = async (e) => {
+  e.preventDefault()
+
+  await signInIdToken({ provider: 'google', idToken: '...' })
+}
+```
--- a/docs/reference/vue/types/link-id-token-result.mdx
+++ b/docs/reference/vue/types/link-id-token-result.mdx
@@ -0,0 +1,47 @@
+---
+title: LinkIdTokenResult
+sidebarTitle: LinkIdTokenResult
+description: No description provided.
+---
+
+# `LinkIdTokenResult`
+
+## Parameters
+
+---
+
+**<span className="parameter-name">isError</span>** <span className="optional-status">required</span> <code>Ref&lt;boolean&gt;</code>
+
+**`@returns`**
+
+`true` if an error occurred
+
+**`@depreacted`**
+
+use `!isSuccess` or `!!error` instead
+
+---
+
+**<span className="parameter-name">error</span>** <span className="optional-status">required</span> <code>Ref&lt;null &#124; ErrorPayload&lt;any&gt;&gt;</code>
+
+Provides details about the error
+
+---
+
+**<span className="parameter-name">isLoading</span>** <span className="optional-status">required</span> <code>Ref&lt;boolean&gt;</code>
+
+**`@returns`**
+
+`true` when the action is executing, `false` when it finished its execution.
+
+---
+
+**<span className="parameter-name">isSuccess</span>** <span className="optional-status">required</span> <code>Ref&lt;boolean&gt;</code>
+
+Returns `true` if the action is successful.
+
+---
+
+**<span className="parameter-name">linkIdToken</span>** <span className="optional-status">required</span> <code>(params: LinkIdTokenHandlerParams) =&gt; Promise&lt;LinkIdTokenHandlerResult&gt;</code>
+
+---
--- a/docs/reference/vue/use-link-id-token.mdx
+++ b/docs/reference/vue/use-link-id-token.mdx
@@ -0,0 +1,18 @@
+---
+title: useLinkIdToken()
+sidebarTitle: useLinkIdToken()
+---
+
+Use the hook `useLinkIdToken` to link a user account with the provider's account using an id token
+
+```tsx
+const { linkIdToken, isLoading, isSuccess, isError, error } = useLinkIdToken()
+
+const handleLinkIdToken = async () => {
+  await linkIdToken({
+    provider: 'google',
+    idToken: '...',
+    nonce: '...'
+  })
+}
+```
--- a/docs/reference/vue/use-sign-in-id-token.mdx
+++ b/docs/reference/vue/use-sign-in-id-token.mdx
@@ -0,0 +1,17 @@
+---
+title: useSignInIdToken()
+sidebarTitle: useSignInIdToken()
+---
+
+Use the composable `useSignInIdToken` to sign in a user using an `idToken`.
+
+```ts
+const { signInIdToken, isLoading, isSuccess, isError, error } =
+  useSignInIdToken()
+
+console.log({ isLoading, isSuccess, isError, error })
+
+const handleSignInIdToken = async () => {
+  await signInIdToken({ provider: 'google', idToken: '...' })
+}
+```
--- a/examples/cli/CHANGELOG.md
+++ b/examples/cli/CHANGELOG.md
@@ -1,5 +1,11 @@
 # @nhost-examples/cli

+## 0.3.14
+
+### Patch Changes
+
+- @nhost/nhost-js@3.2.1
+
 ## 0.3.13

 ### Patch Changes
--- a/examples/cli/package.json
+++ b/examples/cli/package.json
@@ -1,6 +1,6 @@
 {
  "name": "@nhost-examples/cli",
-  "version": "0.3.13",
+  "version": "0.3.14",
  "main": "src/index.mjs",
  "private": true,
  "scripts": {
--- a/examples/codegen-react-apollo/CHANGELOG.md
+++ b/examples/codegen-react-apollo/CHANGELOG.md
@@ -1,5 +1,13 @@
 # @nhost-examples/codegen-react-apollo

+## 0.4.15
+
+### Patch Changes
+
+- Updated dependencies [14e6100]
+  - @nhost/react@3.8.0
+  - @nhost/react-apollo@15.0.0
+
 ## 0.4.14

 ### Patch Changes
--- a/examples/codegen-react-apollo/package.json
+++ b/examples/codegen-react-apollo/package.json
@@ -1,6 +1,6 @@
 {
  "name": "@nhost-examples/codegen-react-apollo",
-  "version": "0.4.14",
+  "version": "0.4.15",
  "private": true,
  "scripts": {
    "codegen": "graphql-codegen",
--- a/examples/codegen-react-query/CHANGELOG.md
+++ b/examples/codegen-react-query/CHANGELOG.md
@@ -1,5 +1,12 @@
 # @nhost-examples/codegen-react-query

+## 0.4.15
+
+### Patch Changes
+
+- Updated dependencies [14e6100]
+  - @nhost/react@3.8.0
+
 ## 0.4.14

 ### Patch Changes
--- a/examples/codegen-react-query/package.json
+++ b/examples/codegen-react-query/package.json
@@ -1,6 +1,6 @@
 {
  "name": "@nhost-examples/codegen-react-query",
-  "version": "0.4.14",
+  "version": "0.4.15",
  "private": true,
  "scripts": {
    "codegen": "graphql-codegen",
--- a/examples/codegen-react-urql/CHANGELOG.md
+++ b/examples/codegen-react-urql/CHANGELOG.md
@@ -1,5 +1,13 @@
 # @nhost-examples/react-urql

+## 0.3.15
+
+### Patch Changes
+
+- Updated dependencies [14e6100]
+  - @nhost/react@3.8.0
+  - @nhost/react-urql@12.0.0
+
 ## 0.3.14

 ### Patch Changes
--- a/examples/codegen-react-urql/package.json
+++ b/examples/codegen-react-urql/package.json
@@ -1,7 +1,7 @@
 {
  "name": "@nhost-examples/codegen-react-urql",
  "private": true,
-  "version": "0.3.14",
+  "version": "0.3.15",
  "scripts": {
    "dev": "vite",
    "build": "tsc && vite build",
--- a/examples/multi-tenant-one-to-many/CHANGELOG.md
+++ b/examples/multi-tenant-one-to-many/CHANGELOG.md
@@ -1,5 +1,11 @@
 # @nhost-examples/multi-tenant-one-to-many

+## 2.2.15
+
+### Patch Changes
+
+- @nhost/nhost-js@3.2.1
+
 ## 2.2.14

 ### Patch Changes
--- a/examples/multi-tenant-one-to-many/package.json
+++ b/examples/multi-tenant-one-to-many/package.json
@@ -1,7 +1,7 @@
 {
  "name": "@nhost-examples/multi-tenant-one-to-many",
  "private": true,
-  "version": "2.2.14",
+  "version": "2.2.15",
  "description": "",
  "main": "index.js",
  "scripts": {},
--- a/examples/nextjs/CHANGELOG.md
+++ b/examples/nextjs/CHANGELOG.md
@@ -1,5 +1,14 @@
 # @nhost-examples/nextjs

+## 0.3.15
+
+### Patch Changes
+
+- Updated dependencies [14e6100]
+  - @nhost/react@3.8.0
+  - @nhost/react-apollo@15.0.0
+  - @nhost/nextjs@2.1.24
+
 ## 0.3.14

 ### Patch Changes
--- a/examples/nextjs/package.json
+++ b/examples/nextjs/package.json
@@ -1,6 +1,6 @@
 {
  "name": "@nhost-examples/nextjs",
-  "version": "0.3.14",
+  "version": "0.3.15",
  "private": true,
  "scripts": {
    "dev": "next dev",
--- a/examples/node-storage/CHANGELOG.md
+++ b/examples/node-storage/CHANGELOG.md
@@ -1,5 +1,11 @@
 # @nhost-examples/node-storage

+## 0.2.14
+
+### Patch Changes
+
+- @nhost/nhost-js@3.2.1
+
 ## 0.2.13

 ### Patch Changes
--- a/examples/node-storage/package.json
+++ b/examples/node-storage/package.json
@@ -1,6 +1,6 @@
 {
  "name": "@nhost-examples/node-storage",
-  "version": "0.2.13",
+  "version": "0.2.14",
  "private": true,
  "description": "This is an example of how to use the Storage with Node.js",
  "main": "src/index.mjs",
--- a/examples/quickstarts/nextjs-server-components/CHANGELOG.md
+++ b/examples/quickstarts/nextjs-server-components/CHANGELOG.md
@@ -1,5 +1,11 @@
 # @nhost-examples/nextjs-server-components

+## 0.4.16
+
+### Patch Changes
+
+- @nhost/nhost-js@3.2.1
+
 ## 0.4.15

 ### Patch Changes
--- a/examples/quickstarts/nextjs-server-components/package.json
+++ b/examples/quickstarts/nextjs-server-components/package.json
@@ -1,6 +1,6 @@
 {
  "name": "@nhost-examples/nextjs-server-components",
-  "version": "0.4.15",
+  "version": "0.4.16",
  "private": true,
  "scripts": {
    "dev": "next dev",
--- a/examples/react-apollo/CHANGELOG.md
+++ b/examples/react-apollo/CHANGELOG.md
@@ -1,5 +1,13 @@
 # @nhost-examples/react-apollo

+## 1.1.1
+
+### Patch Changes
+
+- Updated dependencies [14e6100]
+  - @nhost/react@3.8.0
+  - @nhost/react-apollo@15.0.0
+
 ## 1.1.0

 ### Minor Changes
--- a/examples/react-apollo/package.json
+++ b/examples/react-apollo/package.json
@@ -1,6 +1,6 @@
 {
  "name": "@nhost-examples/react-apollo",
-  "version": "1.1.0",
+  "version": "1.1.1",
  "private": true,
  "type": "module",
  "scripts": {
--- a/examples/react-gqty/CHANGELOG.md
+++ b/examples/react-gqty/CHANGELOG.md
@@ -1,5 +1,12 @@
 # @nhost-examples/react-gqty

+## 1.2.15
+
+### Patch Changes
+
+- Updated dependencies [14e6100]
+  - @nhost/react@3.8.0
+
 ## 1.2.14

 ### Patch Changes
--- a/examples/react-gqty/package.json
+++ b/examples/react-gqty/package.json
@@ -1,7 +1,7 @@
 {
  "name": "@nhost-examples/react-gqty",
  "private": true,
-  "version": "1.2.14",
+  "version": "1.2.15",
  "type": "module",
  "scripts": {
    "dev": "vite",
--- a/examples/react_native/.npmrc
+++ b/examples/react_native/.npmrc
@@ -1,2 +0,0 @@
-hoist-pattern=false
-shamefully-hoist=false
--- a/examples/react_native/CHANGELOG.md
+++ b/examples/react_native/CHANGELOG.md
@@ -1,5 +1,17 @@
 # @nhost-examples/react-native

+## 0.1.0
+
+### Minor Changes
+
+- 14e6100: feat: add signIn with Google and Apple using an ID token
+
+### Patch Changes
+
+- Updated dependencies [14e6100]
+  - @nhost/react@3.8.0
+  - @nhost/react-apollo@15.0.0
+
 ## 0.0.7

 ### Patch Changes
--- a/examples/react_native/mocks/@react-native-google-signin/google-signin.js
+++ b/examples/react_native/mocks/@react-native-google-signin/google-signin.js
@@ -0,0 +1,7 @@
+jest.mock('@react-native-google-signin/google-signin', () => ({
+  GoogleSignin: {
+    configure: jest.fn(),
+    signIn: jest.fn(() => Promise.resolve({idToken: 'test-token'})),
+    hasPlayServices: jest.fn(() => Promise.resolve(true)),
+  },
+}));
--- a/examples/react_native/mocks/react-native-simple-toast.js
+++ b/examples/react_native/mocks/react-native-simple-toast.js
@@ -0,0 +1,3 @@
+export default {
+  show: jest.fn(),
+};
--- a/examples/react_native/android/app/build.gradle
+++ b/examples/react_native/android/app/build.gradle
@@ -74,9 +74,9 @@ android {
    buildToolsVersion rootProject.ext.buildToolsVersion
    compileSdk rootProject.ext.compileSdkVersion

-    namespace "com.react_native"
+    namespace "io.nhost.react_native"
    defaultConfig {
-        applicationId "com.react_native"
+        applicationId "io.nhost.react_native"
        minSdkVersion rootProject.ext.minSdkVersion
        targetSdkVersion rootProject.ext.targetSdkVersion
        versionCode 1
--- a/examples/react_native/android/app/src/main/java/com/react_native/MainActivity.kt
+++ b/examples/react_native/android/app/src/main/java/com/react_native/MainActivity.kt
@@ -1,4 +1,4 @@
-package com.react_native
+package io.nhost.react_native

 import android.os.Bundle;
 import com.facebook.react.ReactActivity
--- a/examples/react_native/android/app/src/main/java/com/react_native/MainApplication.kt
+++ b/examples/react_native/android/app/src/main/java/com/react_native/MainApplication.kt
@@ -1,4 +1,4 @@
-package com.react_native
+package io.nhost.react_native

 import android.app.Application
 import com.facebook.react.PackageList
--- a/examples/react_native/babel.config.js
+++ b/examples/react_native/babel.config.js
@@ -2,6 +2,7 @@ module.exports = {
  presets: ['module:@react-native/babel-preset'],
  plugins: [
    '@babel/plugin-transform-export-namespace-from',
+    'module:react-native-dotenv',
    'react-native-reanimated/plugin',
    [
      'module-resolver',
--- a/examples/react_native/backend/.secrets.example
+++ b/examples/react_native/backend/.secrets.example
@@ -2,13 +2,17 @@ HASURA_GRAPHQL_ADMIN_SECRET='nhost-admin-secret'
 HASURA_GRAPHQL_JWT_SECRET='oqpdwyffgxncqamwlyebkaifyazvqgso'
 NHOST_WEBHOOK_SECRET='nhost-webhook-secret'
 GRAFANA_ADMIN_PASSWORD='FIXME'
+
 APPLE_TEAM_ID = 'FIXME'
 APPLE_SERVICE_IDENTIFIER = 'FIXME'
 APPLE_KEY_ID = 'FIXME'
 APPLE_PRIVATE_KEY = ''
+APPLE_AUDIENCE = ''
+
 GITHUB_CLIENT_ID = 'FIXME'
 GITHUB_CLIENT_SECRET = 'FIXME'
 GOOGLE_CLIENT_ID = 'FIXME'
 GOOGLE_CLIENT_SECRET = 'FIXME'
+
 LINKEDIN_CLIENT_ID = 'FIXME'
 LINKEDIN_CLIENT_SECRET = 'FIXME'
--- a/examples/react_native/backend/nhost/metadata/databases/default/tables/auth_user_providers.yaml
+++ b/examples/react_native/backend/nhost/metadata/databases/default/tables/auth_user_providers.yaml
@@ -46,3 +46,26 @@ object_relationships:
  - name: user
    using:
      foreign_key_constraint_on: user_id
+select_permissions:
+  - role: user
+    permission:
+      columns:
+        - access_token
+        - provider_id
+        - provider_user_id
+        - refresh_token
+        - created_at
+        - updated_at
+        - id
+        - user_id
+      filter:
+        user_id:
+          _eq: X-Hasura-User-Id
+    comment: ""
+delete_permissions:
+  - role: user
+    permission:
+      filter:
+        user_id:
+          _eq: X-Hasura-User-Id
+    comment: ""
--- a/examples/react_native/backend/nhost/nhost.toml
+++ b/examples/react_native/backend/nhost/nhost.toml
@@ -30,7 +30,7 @@ httpPoolSize = 100
 version = 18

 [auth]
-version = '0.30.0'
+version = '0.36.1'

 [auth.elevatedPrivileges]
 mode = 'disabled'
@@ -90,6 +90,7 @@ clientId = '{{ secrets.APPLE_SERVICE_IDENTIFIER }}'
 keyId = '{{ secrets.APPLE_KEY_ID }}'
 teamId = '{{ secrets.APPLE_TEAM_ID }}'
 privateKey = '{{ secrets.APPLE_PRIVATE_KEY }}'
+audience = '{{ secrets.APPLE_AUDIENCE }}'

 [auth.method.oauth.azuread]
 tenant = 'common'
--- a/examples/react_native/ios/Podfile.lock
+++ b/examples/react_native/ios/Podfile.lock
@@ -1,4 +1,10 @@
 PODS:
+  - AppAuth (1.7.5):
+    - AppAuth/Core (= 1.7.5)
+    - AppAuth/ExternalUserAgent (= 1.7.5)
+  - AppAuth/Core (1.7.5)
+  - AppAuth/ExternalUserAgent (1.7.5):
+    - AppAuth/Core
  - boost (1.83.0)
  - CocoaAsyncSocket (7.6.5)
  - DoubleConversion (1.1.6)
@@ -68,6 +74,14 @@ PODS:
    - FlipperKit/FlipperKitNetworkPlugin
  - fmt (6.2.1)
  - glog (0.3.5)
+  - GoogleSignIn (7.1.0):
+    - AppAuth (< 2.0, >= 1.7.3)
+    - GTMAppAuth (< 5.0, >= 4.1.1)
+    - GTMSessionFetcher/Core (~> 3.3)
+  - GTMAppAuth (4.1.1):
+    - AppAuth/Core (~> 1.7)
+    - GTMSessionFetcher/Core (< 4.0, >= 3.3)
+  - GTMSessionFetcher/Core (3.5.0)
  - hermes-engine (0.73.7):
    - hermes-engine/Pre-built (= 0.73.7)
  - hermes-engine/Pre-built (0.73.7)
@@ -944,10 +958,17 @@ PODS:
  - React-Mapbuffer (0.73.7):
    - glog
    - React-debug
-  - react-native-document-picker (9.3.0):
+  - react-native-document-picker (9.3.1):
+    - glog
+    - RCT-Folly (= 2022.05.16.00)
    - React-Core
-  - react-native-safe-area-context (4.10.5):
+  - react-native-randombytes (3.6.1):
    - React-Core
+  - react-native-safe-area-context (4.10.9):
+    - React-Core
+  - react-native-simple-toast (3.3.1):
+    - React-Core
+    - Toast (~> 4)
  - React-nativeconfig (0.73.7)
  - React-NativeModulesApple (0.73.7):
    - glog
@@ -1115,25 +1136,45 @@ PODS:
    - React-jsi (= 0.73.7)
    - React-logger (= 0.73.7)
    - React-perflogger (= 0.73.7)
-  - RNCAsyncStorage (1.23.1):
+  - RNAppleAuthentication (2.4.0):
    - React-Core
-  - RNGestureHandler (2.16.2):
+  - RNCAsyncStorage (1.24.0):
+    - React-Core
+  - RNGestureHandler (2.19.0):
    - glog
    - RCT-Folly (= 2022.05.16.00)
    - React-Core
+  - RNGoogleSignin (13.1.0):
+    - GoogleSignIn (~> 7.1)
+    - React-Core
  - RNInAppBrowser (3.7.0):
    - React-Core
-  - RNReanimated (3.12.0):
+  - RNReanimated (3.15.1):
    - glog
    - RCT-Folly (= 2022.05.16.00)
    - React-Core
    - ReactCommon/turbomodule/core
-  - RNScreens (3.32.0):
+    - RNReanimated/reanimated (= 3.15.1)
+    - RNReanimated/worklets (= 3.15.1)
+  - RNReanimated/reanimated (3.15.1):
+    - glog
+    - RCT-Folly (= 2022.05.16.00)
+    - React-Core
+    - ReactCommon/turbomodule/core
+  - RNReanimated/worklets (3.15.1):
+    - glog
+    - RCT-Folly (= 2022.05.16.00)
+    - React-Core
+    - ReactCommon/turbomodule/core
+  - RNScreens (3.34.0):
    - glog
    - RCT-Folly (= 2022.05.16.00)
    - React-Core
    - React-RCTImage
+  - RNSha256 (1.4.10):
+    - React-Core
  - SocketRocket (0.6.1)
+  - Toast (4.1.1)
  - Yoga (1.14.0)

 DEPENDENCIES:
@@ -1190,7 +1231,9 @@ DEPENDENCIES:
  - React-logger (from `../node_modules/react-native/ReactCommon/logger`)
  - React-Mapbuffer (from `../node_modules/react-native/ReactCommon`)
  - react-native-document-picker (from `../node_modules/react-native-document-picker`)
+  - react-native-randombytes (from `../node_modules/react-native-randombytes`)
  - react-native-safe-area-context (from `../node_modules/react-native-safe-area-context`)
+  - react-native-simple-toast (from `../node_modules/react-native-simple-toast`)
  - React-nativeconfig (from `../node_modules/react-native/ReactCommon`)
  - React-NativeModulesApple (from `../node_modules/react-native/ReactCommon/react/nativemodule/core/platform/ios`)
  - React-perflogger (from `../node_modules/react-native/ReactCommon/reactperflogger`)
@@ -1211,15 +1254,19 @@ DEPENDENCIES:
  - React-runtimescheduler (from `../node_modules/react-native/ReactCommon/react/renderer/runtimescheduler`)
  - React-utils (from `../node_modules/react-native/ReactCommon/react/utils`)
  - ReactCommon/turbomodule/core (from `../node_modules/react-native/ReactCommon`)
+  - "RNAppleAuthentication (from `../node_modules/@invertase/react-native-apple-authentication`)"
  - "RNCAsyncStorage (from `../node_modules/@react-native-async-storage/async-storage`)"
  - RNGestureHandler (from `../node_modules/react-native-gesture-handler`)
+  - "RNGoogleSignin (from `../node_modules/@react-native-google-signin/google-signin`)"
  - RNInAppBrowser (from `../node_modules/react-native-inappbrowser-reborn`)
  - RNReanimated (from `../node_modules/react-native-reanimated`)
  - RNScreens (from `../node_modules/react-native-screens`)
+  - RNSha256 (from `../node_modules/react-native-sha256`)
  - Yoga (from `../node_modules/react-native/ReactCommon/yoga`)

 SPEC REPOS:
  trunk:
+    - AppAuth
    - CocoaAsyncSocket
    - Flipper
    - Flipper-Boost-iOSX
@@ -1230,9 +1277,13 @@ SPEC REPOS:
    - Flipper-PeerTalk
    - FlipperKit
    - fmt
+    - GoogleSignIn
+    - GTMAppAuth
+    - GTMSessionFetcher
    - libevent
    - OpenSSL-Universal
    - SocketRocket
+    - Toast

 EXTERNAL SOURCES:
  boost:
@@ -1292,8 +1343,12 @@ EXTERNAL SOURCES:
    :path: "../node_modules/react-native/ReactCommon"
  react-native-document-picker:
    :path: "../node_modules/react-native-document-picker"
+  react-native-randombytes:
+    :path: "../node_modules/react-native-randombytes"
  react-native-safe-area-context:
    :path: "../node_modules/react-native-safe-area-context"
+  react-native-simple-toast:
+    :path: "../node_modules/react-native-simple-toast"
  React-nativeconfig:
    :path: "../node_modules/react-native/ReactCommon"
  React-NativeModulesApple:
@@ -1334,20 +1389,27 @@ EXTERNAL SOURCES:
    :path: "../node_modules/react-native/ReactCommon/react/utils"
  ReactCommon:
    :path: "../node_modules/react-native/ReactCommon"
+  RNAppleAuthentication:
+    :path: "../node_modules/@invertase/react-native-apple-authentication"
  RNCAsyncStorage:
    :path: "../node_modules/@react-native-async-storage/async-storage"
  RNGestureHandler:
    :path: "../node_modules/react-native-gesture-handler"
+  RNGoogleSignin:
+    :path: "../node_modules/@react-native-google-signin/google-signin"
  RNInAppBrowser:
    :path: "../node_modules/react-native-inappbrowser-reborn"
  RNReanimated:
    :path: "../node_modules/react-native-reanimated"
  RNScreens:
    :path: "../node_modules/react-native-screens"
+  RNSha256:
+    :path: "../node_modules/react-native-sha256"
  Yoga:
    :path: "../node_modules/react-native/ReactCommon/yoga"

 SPEC CHECKSUMS:
+  AppAuth: 501c04eda8a8d11f179dbe8637b7a91bb7e5d2fa
  boost: d3f49c53809116a5d38da093a8aa78bf551aed09
  CocoaAsyncSocket: 065fd1e645c7abab64f7a6a2007a48038fdc6a99
  DoubleConversion: fea03f2699887d960129cc54bba7e52542b6f953
@@ -1363,6 +1425,9 @@ SPEC CHECKSUMS:
  FlipperKit: 37525a5d056ef9b93d1578e04bc3ea1de940094f
  fmt: ff9d55029c625d3757ed641535fd4a75fedc7ce9
  glog: c5d68082e772fa1c511173d6b30a9de2c05a69a2
+  GoogleSignIn: d4281ab6cf21542b1cfaff85c191f230b399d2db
+  GTMAppAuth: f69bd07d68cd3b766125f7e072c45d7340dea0de
+  GTMSessionFetcher: 5aea5ba6bd522a239e236100971f10cb71b96ab6
  hermes-engine: 39589e9c297d024e90fe68f6830ff86c4e01498a
  libevent: 4049cae6c81cdb3654a443be001fb9bdceff7913
  OpenSSL-Universal: ebc357f1e6bc71fa463ccb2fe676756aff50e88c
@@ -1387,8 +1452,10 @@ SPEC CHECKSUMS:
  React-jsinspector: f356e49aa086380d3a4892708ca173ad31ac69c1
  React-logger: 7b19bdfb254772a0332d6cd4d66eceb0678b6730
  React-Mapbuffer: 6f392912435adb8fbf4c3eee0e79a0a0b4e4b717
-  react-native-document-picker: 5b97e24a7f1a1e4a50a72c540a043f32d29a70a2
-  react-native-safe-area-context: a240ad4b683349e48b1d51fed1611138d1bdad97
+  react-native-document-picker: 23b6a82e09199f4f109376e73d88892a8931eeea
+  react-native-randombytes: 421f1c7d48c0af8dbcd471b0324393ebf8fe7846
+  react-native-safe-area-context: ab8f4a3d8180913bd78ae75dd599c94cce3d5e9a
+  react-native-simple-toast: 1f1cc551d419bc0ab05dcb0136554006c274789d
  React-nativeconfig: 754233aac2a769578f828093b672b399355582e6
  React-NativeModulesApple: a03b2da2b8e127d5f5ee29c683e0deba7a9e1575
  React-perflogger: 68ec84e2f858a3e35009aef8866b55893e5e0a1f
@@ -1409,14 +1476,18 @@ SPEC CHECKSUMS:
  React-runtimescheduler: a884a55560e2a90caa1cbe0b9eaa24a5add4fa2c
  React-utils: d07d009101c7dabff68b710da5c4a47b7a850d98
  ReactCommon: 8cae78d3c3eceff20ee4bbca8bb73b675a45fd5d
-  RNCAsyncStorage: 826b603ae9c0f88b5ac4e956801f755109fa4d5c
-  RNGestureHandler: 96439cf6543defdde87459e48cd1a3f0e45a008e
+  RNAppleAuthentication: e00c76acb03351f5544373c78fa7f359bef6d5d3
+  RNCAsyncStorage: ec53e44dc3e75b44aa2a9f37618a49c3bc080a7a
+  RNGestureHandler: 75e2ebf4e8ac521f2b3c9afdc048fcbc2e2c9ea4
+  RNGoogleSignin: 9e68b9bcc3888219357924e32ee563624745647d
  RNInAppBrowser: e36d6935517101ccba0e875bac8ad7b0cb655364
-  RNReanimated: 3a6dc95919aeb5a319ab24e560571f4e84991a15
-  RNScreens: e842cdccb23c0a084bd6307f6fa83fd1c1738029
+  RNReanimated: ca141907a2153dc45da331bafc0dc214f59bf4e2
+  RNScreens: 29418ceffb585b8f0ebd363de304288c3dce8323
+  RNSha256: e1bc64e9e50b293d5282bb4caa1b2043931f1c9d
  SocketRocket: f32cd54efbe0f095c4d7594881e52619cfe80b17
-  Yoga: c716aea2ee01df6258550c7505fa61b248145ced
+  Toast: 1f5ea13423a1e6674c4abdac5be53587ae481c4e
+  Yoga: 47d399a73c0c0caa9ff824e5c657eae31215bfee

 PODFILE CHECKSUM: b631a3a7835105d1ea642d63b6f5644aa54a4e2f

-COCOAPODS: 1.14.3
+COCOAPODS: 1.16.2
--- a/examples/react_native/ios/react_native.xcodeproj/project.pbxproj
+++ b/examples/react_native/ios/react_native.xcodeproj/project.pbxproj
@@ -59,6 +59,7 @@
 		3B4392A12AC88292D35C810B /* Pods-react_native.debug.xcconfig */ = {isa = PBXFileReference; includeInIndex = 1; lastKnownFileType = text.xcconfig; name = "Pods-react_native.debug.xcconfig"; path = "Target Support Files/Pods-react_native/Pods-react_native.debug.xcconfig"; sourceTree = "<group>"; };
 		5709B34CF0A7D63546082F79 /* Pods-react_native.release.xcconfig */ = {isa = PBXFileReference; includeInIndex = 1; lastKnownFileType = text.xcconfig; name = "Pods-react_native.release.xcconfig"; path = "Target Support Files/Pods-react_native/Pods-react_native.release.xcconfig"; sourceTree = "<group>"; };
 		5B7EB9410499542E8C5724F5 /* Pods-react_native-react_nativeTests.debug.xcconfig */ = {isa = PBXFileReference; includeInIndex = 1; lastKnownFileType = text.xcconfig; name = "Pods-react_native-react_nativeTests.debug.xcconfig"; path = "Target Support Files/Pods-react_native-react_nativeTests/Pods-react_native-react_nativeTests.debug.xcconfig"; sourceTree = "<group>"; };
+		5C2E306B2CE6571D000FD88A /* react_native.entitlements */ = {isa = PBXFileReference; lastKnownFileType = text.plist.entitlements; name = react_native.entitlements; path = react_native/react_native.entitlements; sourceTree = "<group>"; };
 		5C2F189D2BE2A7B2002C248D /* AntDesign.ttf */ = {isa = PBXFileReference; lastKnownFileType = file; path = AntDesign.ttf; sourceTree = "<group>"; };
 		5C2F189E2BE2A7B2002C248D /* Entypo.ttf */ = {isa = PBXFileReference; lastKnownFileType = file; path = Entypo.ttf; sourceTree = "<group>"; };
 		5C2F189F2BE2A7B2002C248D /* EvilIcons.ttf */ = {isa = PBXFileReference; lastKnownFileType = file; path = EvilIcons.ttf; sourceTree = "<group>"; };
@@ -124,6 +125,7 @@
 		13B07FAE1A68108700A75B9A /* react_native */ = {
 			isa = PBXGroup;
 			children = (
+				5C2E306B2CE6571D000FD88A /* react_native.entitlements */,
 				13B07FAF1A68108700A75B9A /* AppDelegate.h */,
 				13B07FB01A68108700A75B9A /* AppDelegate.mm */,
 				13B07FB51A68108700A75B9A /* Images.xcassets */,
@@ -550,10 +552,11 @@
 			buildSettings = {
 				ASSETCATALOG_COMPILER_APPICON_NAME = AppIcon;
 				CLANG_ENABLE_MODULES = YES;
+				CODE_SIGN_ENTITLEMENTS = react_native/react_native.entitlements;
 				CODE_SIGN_IDENTITY = "Apple Development";
 				CODE_SIGN_STYLE = Automatic;
 				CURRENT_PROJECT_VERSION = 1;
-				DEVELOPMENT_TEAM = 589D3J8HPL;
+				DEVELOPMENT_TEAM = C7HCKFA2LG;
 				ENABLE_BITCODE = NO;
 				INFOPLIST_FILE = react_native/Info.plist;
 				LD_RUNPATH_SEARCH_PATHS = (
@@ -581,8 +584,9 @@
 			buildSettings = {
 				ASSETCATALOG_COMPILER_APPICON_NAME = AppIcon;
 				CLANG_ENABLE_MODULES = YES;
+				CODE_SIGN_ENTITLEMENTS = react_native/react_native.entitlements;
 				CURRENT_PROJECT_VERSION = 1;
-				DEVELOPMENT_TEAM = GX7FJWGPEG;
+				DEVELOPMENT_TEAM = C7HCKFA2LG;
 				INFOPLIST_FILE = react_native/Info.plist;
 				LD_RUNPATH_SEARCH_PATHS = (
 					"$(inherited)",
--- a/examples/react_native/ios/react_native/Info.plist
+++ b/examples/react_native/ios/react_native/Info.plist
@@ -1,86 +1,91 @@
 <?xml version="1.0" encoding="UTF-8"?>
 <!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
 <plist version="1.0">
-	<dict>
-		<key>CFBundleDevelopmentRegion</key>
-		<string>en</string>
-		<key>CFBundleDisplayName</key>
-		<string>react_native</string>
-		<key>CFBundleExecutable</key>
-		<string>$(EXECUTABLE_NAME)</string>
-		<key>CFBundleIdentifier</key>
-		<string>$(PRODUCT_BUNDLE_IDENTIFIER)</string>
-		<key>CFBundleInfoDictionaryVersion</key>
-		<string>6.0</string>
-		<key>CFBundleName</key>
-		<string>$(PRODUCT_NAME)</string>
-		<key>CFBundlePackageType</key>
-		<string>APPL</string>
-		<key>CFBundleShortVersionString</key>
-		<string>$(MARKETING_VERSION)</string>
-		<key>CFBundleSignature</key>
-		<string>????</string>
-		<key>CFBundleURLTypes</key>
-		<array>
-			<dict>
-				<key>CFBundleTypeRole</key>
-				<string>Editor</string>
-				<key>CFBundleURLName</key>
-				<string>myapp</string>
-				<key>CFBundleURLSchemes</key>
-				<array>
-					<string>myapp</string>
-				</array>
-			</dict>
-		</array>
-		<key>CFBundleVersion</key>
-		<string>$(CURRENT_PROJECT_VERSION)</string>
-		<key>LSRequiresIPhoneOS</key>
-		<true/>
-		<key>NSAppTransportSecurity</key>
+<dict>
+	<key>CFBundleDevelopmentRegion</key>
+	<string>en</string>
+	<key>CFBundleDisplayName</key>
+	<string>react_native</string>
+	<key>CFBundleExecutable</key>
+	<string>$(EXECUTABLE_NAME)</string>
+	<key>CFBundleIdentifier</key>
+	<string>$(PRODUCT_BUNDLE_IDENTIFIER)</string>
+	<key>CFBundleInfoDictionaryVersion</key>
+	<string>6.0</string>
+	<key>CFBundleName</key>
+	<string>$(PRODUCT_NAME)</string>
+	<key>CFBundlePackageType</key>
+	<string>APPL</string>
+	<key>CFBundleShortVersionString</key>
+	<string>$(MARKETING_VERSION)</string>
+	<key>CFBundleSignature</key>
+	<string>????</string>
+	<key>CFBundleURLTypes</key>
+	<array>
 		<dict>
-			<key>NSAllowsArbitraryLoads</key>
-			<false/>
-			<key>NSAllowsLocalNetworking</key>
-			<true/>
+			<key>CFBundleTypeRole</key>
+			<string>Editor</string>
+			<key>CFBundleURLName</key>
+			<string></string>
+			<key>CFBundleURLSchemes</key>
+			<array>
+				<string>com.googleusercontent.apps.936282223875-bhcoqne9s2d6qbpel40jh6damg79dv3i</string>
+			</array>
 		</dict>
-		<key>NSLocationWhenInUseUsageDescription</key>
-		<string></string>
-		<key>UILaunchStoryboardName</key>
-		<string>LaunchScreen</string>
-		<key>UIRequiredDeviceCapabilities</key>
-		<array>
-			<string>armv7</string>
-		</array>
-		<key>UISupportedInterfaceOrientations</key>
-		<array>
-			<string>UIInterfaceOrientationPortrait</string>
-			<string>UIInterfaceOrientationLandscapeLeft</string>
-			<string>UIInterfaceOrientationLandscapeRight</string>
-		</array>
-		<key>UIViewControllerBasedStatusBarAppearance</key>
+		<dict>
+			<key>CFBundleTypeRole</key>
+			<string>None</string>
+		</dict>
+		<dict/>
+	</array>
+	<key>CFBundleVersion</key>
+	<string>$(CURRENT_PROJECT_VERSION)</string>
+	<key>LSRequiresIPhoneOS</key>
+	<true/>
+	<key>NSAppTransportSecurity</key>
+	<dict>
+		<key>NSAllowsArbitraryLoads</key>
 		<false/>
-		<key>UIAppFonts</key>
-		<array>
-			<string>AntDesign.ttf</string>
-			<string>Entypo.ttf</string>
-			<string>EvilIcons.ttf</string>
-			<string>Feather.ttf</string>
-			<string>FontAwesome.ttf</string>
-			<string>FontAwesome5_Brands.ttf</string>
-			<string>FontAwesome5_Regular.ttf</string>
-			<string>FontAwesome5_Solid.ttf</string>
-			<string>FontAwesome6_Brands.ttf</string>
-			<string>FontAwesome6_Regular.ttf</string>
-			<string>FontAwesome6_Solid.ttf</string>
-			<string>Foundation.ttf</string>
-			<string>Ionicons.ttf</string>
-			<string>MaterialIcons.ttf</string>
-			<string>MaterialCommunityIcons.ttf</string>
-			<string>SimpleLineIcons.ttf</string>
-			<string>Octicons.ttf</string>
-			<string>Zocial.ttf</string>
-			<string>Fontisto.ttf</string>
-		</array>
+		<key>NSAllowsLocalNetworking</key>
+		<true/>
 	</dict>
+	<key>NSLocationWhenInUseUsageDescription</key>
+	<string></string>
+	<key>UIAppFonts</key>
+	<array>
+		<string>AntDesign.ttf</string>
+		<string>Entypo.ttf</string>
+		<string>EvilIcons.ttf</string>
+		<string>Feather.ttf</string>
+		<string>FontAwesome.ttf</string>
+		<string>FontAwesome5_Brands.ttf</string>
+		<string>FontAwesome5_Regular.ttf</string>
+		<string>FontAwesome5_Solid.ttf</string>
+		<string>FontAwesome6_Brands.ttf</string>
+		<string>FontAwesome6_Regular.ttf</string>
+		<string>FontAwesome6_Solid.ttf</string>
+		<string>Foundation.ttf</string>
+		<string>Ionicons.ttf</string>
+		<string>MaterialIcons.ttf</string>
+		<string>MaterialCommunityIcons.ttf</string>
+		<string>SimpleLineIcons.ttf</string>
+		<string>Octicons.ttf</string>
+		<string>Zocial.ttf</string>
+		<string>Fontisto.ttf</string>
+	</array>
+	<key>UILaunchStoryboardName</key>
+	<string>LaunchScreen</string>
+	<key>UIRequiredDeviceCapabilities</key>
+	<array>
+		<string>armv7</string>
+	</array>
+	<key>UISupportedInterfaceOrientations</key>
+	<array>
+		<string>UIInterfaceOrientationPortrait</string>
+		<string>UIInterfaceOrientationLandscapeLeft</string>
+		<string>UIInterfaceOrientationLandscapeRight</string>
+	</array>
+	<key>UIViewControllerBasedStatusBarAppearance</key>
+	<false/>
+</dict>
 </plist>
--- a/examples/react_native/ios/react_native/react_native.entitlements
+++ b/examples/react_native/ios/react_native/react_native.entitlements
@@ -0,0 +1,10 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
+<plist version="1.0">
+<dict>
+	<key>com.apple.developer.applesignin</key>
+	<array>
+		<string>Default</string>
+	</array>
+</dict>
+</plist>
--- a/examples/react_native/jest.config.js
+++ b/examples/react_native/jest.config.js
@@ -1,7 +1,7 @@
 module.exports = {
  preset: 'react-native',
  transformIgnorePatterns: [
-    '../../node_modules/(?!@react-native|react-native)',
+    '../../node_modules/(?!@react-native|react-native|expo-modules-core|burnt)',
  ],
  setupFiles: ['./setup-jest.js'],
 };
--- a/examples/react_native/package.json
+++ b/examples/react_native/package.json
@@ -1,6 +1,6 @@
 {
  "name": "@nhost-examples/react-native",
-  "version": "0.0.7",
+  "version": "0.1.0",
  "private": true,
  "scripts": {
    "android": "react-native run-android",
@@ -11,25 +11,32 @@
    "test": "jest"
  },
  "dependencies": {
-    "@apollo/client": "^3.9.9",
+    "@apollo/client": "^3.11.4",
+    "@invertase/react-native-apple-authentication": "^2.4.0",
    "@nhost/react": "workspace:*",
    "@nhost/react-apollo": "workspace:^",
    "@react-native-async-storage/async-storage": "^1.23.1",
    "@react-native-community/cli-platform-android": "^13.6.6",
+    "@react-native-google-signin/google-signin": "^13.1.0",
    "@react-navigation/drawer": "^6.6.15",
    "@react-navigation/native": "^6.1.17",
    "@react-navigation/native-stack": "^6.9.26",
    "base-64": "^1.0.0",
+    "expo-modules-core": "^2.0.1",
    "react": "18.2.0",
    "react-hook-form": "^7.51.2",
    "react-native": "0.73.7",
    "react-native-document-picker": "^9.2.0",
+    "react-native-dotenv": "^3.4.11",
    "react-native-gesture-handler": "^2.16.0",
    "react-native-gradle-plugin": "^0.71.19",
    "react-native-inappbrowser-reborn": "^3.7.0",
+    "react-native-randombytes": "^3.6.1",
    "react-native-reanimated": "^3.8.1",
    "react-native-safe-area-context": "^4.9.0",
    "react-native-screens": "^3.30.1",
+    "react-native-sha256": "^1.4.10",
+    "react-native-simple-toast": "^3.3.1",
    "react-native-vector-icons": "^10.1.0"
  },
  "devDependencies": {
@@ -52,6 +59,7 @@
    "jest": "^29.6.3",
    "prettier": "2.8.8",
    "react-test-renderer": "18.2.0",
+    "rn-nodeify": "^10.3.0",
    "typescript": "5.0.4"
  },
  "engines": {
--- a/examples/react_native/setup-jest.js
+++ b/examples/react_native/setup-jest.js
@@ -2,9 +2,15 @@ import 'react-native-gesture-handler/jestSetup';
 import WebSocket from 'ws';

 import MockBroadcastChannel from './__mocks__/BroadcastChannel';
+import '@react-native-google-signin/google-signin';

 jest.useFakeTimers();

+jest.mock('expo-modules-core', () => ({
+  EventEmitter: jest.fn(),
+  requireNativeModule: jest.fn().mockReturnValue({}), // Mock this function
+}));
+
 Object.assign(global, {
  WebSocket,
  BroadcastChannel: MockBroadcastChannel,
--- a/examples/react_native/src/components/LinkAppleAccount.tsx
+++ b/examples/react_native/src/components/LinkAppleAccount.tsx
@@ -0,0 +1,215 @@
+import {gql} from '@apollo/client';
+import Button from '@components/Button';
+import {
+  useAuthenticationStatus,
+  useLinkIdToken,
+  useNhostClient,
+} from '@nhost/react';
+import {appleAuth} from '@invertase/react-native-apple-authentication';
+import React, {useCallback, useEffect, useState} from 'react';
+import {ActivityIndicator, StyleSheet, Text, View} from 'react-native';
+import Icon from 'react-native-vector-icons/MaterialCommunityIcons';
+import Toast from 'react-native-simple-toast';
+
+export default function LinkAppleAccount() {
+  const nhost = useNhostClient();
+  const {linkIdToken} = useLinkIdToken();
+  const {isAuthenticated} = useAuthenticationStatus();
+  const [loading, setLoading] = useState(false);
+  const [linkedWithApple, setLinkedWithApple] = useState(false);
+
+  const checkIfAppleLinked = useCallback(async () => {
+    try {
+      setLoading(true);
+      const {data, error} = await nhost.graphql.request<{
+        authUserProviders: {id: string; providerId: string}[];
+      }>(gql`
+        query getAuthUserProviders {
+          authUserProviders {
+            id
+            providerId
+          }
+        }
+      `);
+
+      if (error) {
+        Toast.show(
+          'Failed to fetch query user authentication providers',
+          Toast.SHORT,
+        );
+        return;
+      }
+
+      if (data) {
+        setLinkedWithApple(
+          data.authUserProviders?.some(elem => elem.providerId === 'apple'),
+        );
+      }
+    } catch (error) {
+      Toast.show(
+        'Failed to fetch query user authentication providers',
+        Toast.SHORT,
+      );
+    } finally {
+      setLoading(false);
+    }
+  }, [nhost]);
+
+  useEffect(() => {
+    if (isAuthenticated) {
+      checkIfAppleLinked();
+    }
+  }, [isAuthenticated, checkIfAppleLinked]);
+
+  const handleLinkAppleAccount = async () => {
+    try {
+      setLoading(true);
+
+      const appleAuthRequestResponse = await appleAuth.performRequest({
+        requestedOperation: appleAuth.Operation.LOGIN,
+        requestedScopes: [appleAuth.Scope.EMAIL, appleAuth.Scope.FULL_NAME],
+      });
+
+      const {identityToken, nonce} = appleAuthRequestResponse;
+
+      if (identityToken && nonce) {
+        const {isError, isSuccess, error} = await linkIdToken({
+          provider: 'apple',
+          idToken: identityToken,
+          nonce,
+        });
+
+        if (isError) {
+          Toast.show(
+            error?.error ?? 'An unexpected error happened',
+            Toast.SHORT,
+          );
+        }
+
+        if (isSuccess) {
+          Toast.show('Apple account was linked successfully', Toast.SHORT);
+          await checkIfAppleLinked();
+        }
+      } else {
+        Toast.show('An unexpected error happened', Toast.SHORT);
+      }
+    } catch (error) {
+      Toast.show('An unexpected error happened', Toast.SHORT);
+    } finally {
+      setLoading(false);
+    }
+  };
+
+  const handleUnlinkAppleAccount = async () => {
+    try {
+      setLoading(true);
+
+      const {error} = await nhost.graphql.request(
+        gql`
+          mutation deleteAuthUserProvider($providerId: String!) {
+            deleteAuthUserProviders(where: {providerId: {_eq: $providerId}}) {
+              affected_rows
+            }
+          }
+        `,
+        {
+          providerId: 'apple',
+        },
+      );
+
+      if (!error) {
+        Toast.show('Apple Account was unlinked successfully', Toast.SHORT);
+        await checkIfAppleLinked();
+        return;
+      }
+
+      Toast.show('Failed to unlink auth user provider', Toast.SHORT);
+    } catch (error) {
+      Toast.show('Failed to unlink auth user provider', Toast.SHORT);
+    } finally {
+      setLoading(false);
+    }
+  };
+
+  if (loading) {
+    return (
+      <View style={styles.unlinkAppleContainer}>
+        <ActivityIndicator />
+      </View>
+    );
+  }
+
+  if (linkedWithApple) {
+    return (
+      <View style={styles.unlinkAppleContainer}>
+        <View style={styles.linkedWithAppleContainer}>
+          <Icon name="apple" color="#333" size={20} />
+          <Text style={styles.linkedWithAppleText}>Linked with Apple</Text>
+        </View>
+
+        <Button
+          label={
+            <View style={styles.labelWrapper}>
+              <Text style={styles.text}>Unlink Apple Account</Text>
+            </View>
+          }
+          color="#333"
+          onPress={handleUnlinkAppleAccount}
+        />
+      </View>
+    );
+  }
+
+  return (
+    <Button
+      disabled={loading || linkedWithApple}
+      label={
+        <View style={styles.labelWrapper}>
+          <Icon name="apple" color="white" size={20} />
+          <Text style={styles.text}>Link Apple Account</Text>
+        </View>
+      }
+      color="#333"
+      onPress={handleLinkAppleAccount}
+    />
+  );
+}
+
+const styles = StyleSheet.create({
+  text: {
+    color: 'white',
+    fontSize: 16,
+    fontWeight: 'bold',
+  },
+  labelWrapper: {
+    flexDirection: 'row',
+    alignItems: 'center',
+    gap: 4,
+  },
+  linkedWithApple: {
+    flexDirection: 'row',
+    padding: 12,
+    backgroundColor: '#333',
+    gap: 4,
+    borderRadius: 10,
+    alignItems: 'center',
+    justifyContent: 'center',
+  },
+  unlinkAppleContainer: {
+    gap: 16,
+    padding: 16,
+    flexDirection: 'column',
+    backgroundColor: 'white',
+  },
+  linkedWithAppleContainer: {
+    gap: 4,
+    flexDirection: 'row',
+    alignItems: 'center',
+    justifyContent: 'center',
+  },
+  linkedWithAppleText: {
+    color: '#333',
+    fontSize: 16,
+    fontWeight: 'bold',
+  },
+});
--- a/examples/react_native/src/components/LinkGoogleAccount.tsx
+++ b/examples/react_native/src/components/LinkGoogleAccount.tsx
@@ -0,0 +1,240 @@
+import {gql} from '@apollo/client';
+import Button from '@components/Button';
+import {
+  useAuthenticationStatus,
+  useLinkIdToken,
+  useNhostClient,
+} from '@nhost/react';
+import {
+  GoogleSignin,
+  isErrorWithCode,
+  isSuccessResponse,
+  statusCodes,
+} from '@react-native-google-signin/google-signin';
+import React, {useCallback, useEffect, useState} from 'react';
+import {ActivityIndicator, StyleSheet, Text, View} from 'react-native';
+import Icon from 'react-native-vector-icons/MaterialCommunityIcons';
+import Toast from 'react-native-simple-toast';
+
+GoogleSignin.configure({
+  webClientId: process.env.GOOGLE_CLIENT_ID,
+  iosClientId: process.env.GOOGLE_CLIENT_ID,
+});
+
+export default function LinkGoogleAccount() {
+  const nhost = useNhostClient();
+  const {linkIdToken} = useLinkIdToken();
+  const {isAuthenticated} = useAuthenticationStatus();
+  const [loading, setLoading] = useState(false);
+  const [linkedWithGoogle, setLinkedWithGoogle] = useState(false);
+
+  const checkIfGoogleLinked = useCallback(async () => {
+    try {
+      setLoading(true);
+      const {data, error} = await nhost.graphql.request<{
+        authUserProviders: {id: string; providerId: string}[];
+      }>(gql`
+        query getAuthUserProviders {
+          authUserProviders {
+            id
+            providerId
+          }
+        }
+      `);
+
+      if (error) {
+        Toast.show(
+          'Failed to fetch query user authentication providers',
+          Toast.SHORT,
+        );
+        return;
+      }
+
+      if (data) {
+        setLinkedWithGoogle(
+          data.authUserProviders?.some(elem => elem.providerId === 'google'),
+        );
+      }
+    } catch (error) {
+      Toast.show(
+        'Failed to fetch query user authentication providers',
+        Toast.SHORT,
+      );
+    } finally {
+      setLoading(false);
+    }
+  }, [nhost]);
+
+  useEffect(() => {
+    if (isAuthenticated) {
+      checkIfGoogleLinked();
+    }
+  }, [isAuthenticated, checkIfGoogleLinked]);
+
+  const handleLinkGoogleAccount = async () => {
+    try {
+      setLoading(true);
+
+      await GoogleSignin.hasPlayServices();
+      const response = await GoogleSignin.signIn();
+
+      if (isSuccessResponse(response)) {
+        const idToken = response?.data?.idToken as string;
+
+        const {isError, isSuccess} = await linkIdToken({
+          provider: 'google',
+          idToken,
+        });
+
+        if (isError) {
+          Toast.show('An unexpected error happened', Toast.SHORT);
+        }
+
+        if (isSuccess) {
+          Toast.show('Google account was linked successfully', Toast.SHORT);
+          await checkIfGoogleLinked();
+        }
+      } else {
+        // sign in was cancelled by user
+        Toast.show('Sign in was cancelled by user', Toast.SHORT);
+      }
+    } catch (error) {
+      if (isErrorWithCode(error)) {
+        switch (error.code) {
+          case statusCodes.IN_PROGRESS:
+            // operation (eg. sign in) already in progress
+            Toast.show('Sign in already in progress', Toast.SHORT);
+            break;
+          case statusCodes.PLAY_SERVICES_NOT_AVAILABLE:
+            // Android only, play services not available or outdated
+            Toast.show(
+              'Google play services not available or outdated',
+              Toast.SHORT,
+            );
+            break;
+          default:
+            // some other error happened
+            Toast.show('An unexpected error happened', Toast.SHORT);
+        }
+      } else {
+        // an error that's not related to google sign in occurred
+        Toast.show('An unexpected error happened', Toast.SHORT);
+      }
+    } finally {
+      setLoading(false);
+    }
+  };
+
+  const handleUnlinkGoogleAccount = async () => {
+    try {
+      setLoading(true);
+
+      const {error} = await nhost.graphql.request(
+        gql`
+          mutation deleteAuthUserProvider($providerId: String!) {
+            deleteAuthUserProviders(where: {providerId: {_eq: $providerId}}) {
+              affected_rows
+            }
+          }
+        `,
+        {
+          providerId: 'google',
+        },
+      );
+
+      if (!error) {
+        Toast.show('Google Account was unlinked successfully', Toast.SHORT);
+        await checkIfGoogleLinked();
+        return;
+      }
+
+      Toast.show('Failed to unlink auth user provider', Toast.SHORT);
+    } catch (error) {
+      Toast.show('Failed to unlink auth user provider', Toast.SHORT);
+    } finally {
+      setLoading(false);
+    }
+  };
+
+  if (loading) {
+    return (
+      <View style={styles.unlinkGoogleContainer}>
+        <ActivityIndicator />
+      </View>
+    );
+  }
+
+  if (linkedWithGoogle) {
+    return (
+      <View style={styles.unlinkGoogleContainer}>
+        <View style={styles.linkedWithGoogleContainer}>
+          <Icon name="google" color="#333" size={20} />
+          <Text style={styles.linkedWithGoogleText}>Linked with Google</Text>
+        </View>
+
+        <Button
+          label={
+            <View style={styles.labelWrapper}>
+              <Text style={styles.text}>Unlink Google Account</Text>
+            </View>
+          }
+          color="#d97d73"
+          onPress={handleUnlinkGoogleAccount}
+        />
+      </View>
+    );
+  }
+
+  return (
+    <Button
+      disabled={loading || linkedWithGoogle}
+      label={
+        <View style={styles.labelWrapper}>
+          <Icon name="google" color="white" size={20} />
+          <Text style={styles.text}>Link Google Account</Text>
+        </View>
+      }
+      color="#de5246"
+      onPress={handleLinkGoogleAccount}
+    />
+  );
+}
+
+const styles = StyleSheet.create({
+  text: {
+    color: 'white',
+    fontSize: 16,
+    fontWeight: 'bold',
+  },
+  labelWrapper: {
+    flexDirection: 'row',
+    alignItems: 'center',
+    gap: 4,
+  },
+  linkedWithGoogle: {
+    flexDirection: 'row',
+    padding: 12,
+    backgroundColor: '#de524688',
+    gap: 4,
+    borderRadius: 10,
+    alignItems: 'center',
+    justifyContent: 'center',
+  },
+  unlinkGoogleContainer: {
+    gap: 16,
+    padding: 16,
+    flexDirection: 'column',
+    backgroundColor: 'white',
+  },
+  linkedWithGoogleContainer: {
+    gap: 4,
+    flexDirection: 'row',
+    alignItems: 'center',
+    justifyContent: 'center',
+  },
+  linkedWithGoogleText: {
+    color: '#333',
+    fontSize: 16,
+    fontWeight: 'bold',
+  },
+});
--- a/examples/react_native/src/components/SignInWithAppleButton.tsx
+++ b/examples/react_native/src/components/SignInWithAppleButton.tsx
@@ -2,12 +2,60 @@ import React from 'react';
 import Button from '@components/Button';
 import {StyleSheet, Text, View} from 'react-native';
 import Icon from 'react-native-vector-icons/MaterialCommunityIcons';
+import {appleAuth} from '@invertase/react-native-apple-authentication';
+import {useSignInIdToken} from '@nhost/react';
+import Toast from 'react-native-simple-toast';
+
+export default function SignInWithAppleButton() {
+  const {signInIdToken} = useSignInIdToken();
+
+  async function handleSignInWithApple() {
+    try {
+      const appleAuthRequestResponse = await appleAuth.performRequest({
+        requestedOperation: appleAuth.Operation.LOGIN,
+        requestedScopes: [appleAuth.Scope.EMAIL, appleAuth.Scope.FULL_NAME],
+      });
+
+      const {identityToken, nonce} = appleAuthRequestResponse;
+
+      if (identityToken) {
+        const {isError, isSuccess, error} = await signInIdToken(
+          'apple',
+          identityToken,
+          nonce,
+        );
+
+        if (isSuccess) {
+          Toast.showWithGravity(
+            'Signin with Apple succeeded',
+            Toast.SHORT,
+            Toast.BOTTOM,
+          );
+        }
+
+        if (isError) {
+          Toast.showWithGravity(
+            `Signin with Apple failed: ${error?.message}`,
+            Toast.SHORT,
+            Toast.BOTTOM,
+          );
+        }
+      } else {
+        Toast.showWithGravity(
+          'Signin with Apple failed: no idToken received',
+          Toast.SHORT,
+          Toast.BOTTOM,
+        );
+      }
+    } catch (error) {
+      Toast.showWithGravity(
+        `Signin with Apple failed: ${JSON.stringify(error)}`,
+        Toast.SHORT,
+        Toast.BOTTOM,
+      );
+    }
+  }

-export default function SignInWithAppleButton({
-  hanldeSignIn,
-}: {
-  hanldeSignIn?: () => Promise<void>;
-}) {
  return (
    <Button
      label={
@@ -17,7 +65,7 @@ export default function SignInWithAppleButton({
        </View>
      }
      color="black"
-      onPress={hanldeSignIn}
+      onPress={handleSignInWithApple}
    />
  );
 }
--- a/examples/react_native/src/components/SignInWithGoogleButton.tsx
+++ b/examples/react_native/src/components/SignInWithGoogleButton.tsx
@@ -1,13 +1,96 @@
-import React from 'react';
 import Button from '@components/Button';
+import {useSignInIdToken} from '@nhost/react';
+import {
+  GoogleSignin,
+  isErrorWithCode,
+  isSuccessResponse,
+  statusCodes,
+} from '@react-native-google-signin/google-signin';
+import React from 'react';
 import {StyleSheet, Text, View} from 'react-native';
 import Icon from 'react-native-vector-icons/MaterialCommunityIcons';
+import Toast from 'react-native-simple-toast';
+
+GoogleSignin.configure({
+  webClientId: process.env.GOOGLE_CLIENT_ID,
+  iosClientId: process.env.IOS_GOOGLE_CLIENT_ID,
+});
+
+export default function SignInWithGoogleButton() {
+  const {signInIdToken} = useSignInIdToken();
+
+  const handleSignInWithGoogle = async () => {
+    try {
+      await GoogleSignin.hasPlayServices();
+      const response = await GoogleSignin.signIn();
+      if (isSuccessResponse(response)) {
+        const idToken = response?.data?.idToken as string;
+
+        const {isError, isSuccess, error} = await signInIdToken(
+          'google',
+          idToken,
+        );
+
+        if (isSuccess) {
+          Toast.showWithGravity(
+            'Signin with Google succeeded',
+            Toast.SHORT,
+            Toast.BOTTOM,
+          );
+        }
+
+        if (isError) {
+          Toast.showWithGravity(
+            `Signin with Google failed: ${error?.message}`,
+            Toast.SHORT,
+            Toast.BOTTOM,
+          );
+        }
+      } else {
+        Toast.showWithGravity(
+          'Sign in was cancelled by user',
+          Toast.SHORT,
+          Toast.BOTTOM,
+        );
+      }
+    } catch (error) {
+      if (isErrorWithCode(error)) {
+        switch (error.code) {
+          case statusCodes.IN_PROGRESS:
+            // operation (eg. sign in) already in progress
+            Toast.showWithGravity(
+              'Signin is already in progress',
+              Toast.SHORT,
+              Toast.BOTTOM,
+            );
+            break;
+          case statusCodes.PLAY_SERVICES_NOT_AVAILABLE:
+            // Android only, play services not available or outdated
+            Toast.showWithGravity(
+              'Play services not available or outdated',
+              Toast.SHORT,
+              Toast.BOTTOM,
+            );
+            break;
+          default:
+            // some other error happened
+            Toast.showWithGravity(
+              'An unexpected error happened',
+              Toast.SHORT,
+              Toast.BOTTOM,
+            );
+        }
+      } else {
+        // an error that's not related to google sign in occurred
+        Toast.showWithGravity(
+          'An unexpected error happened',
+          Toast.SHORT,
+          Toast.BOTTOM,
+        );
+      }
+    }
+  };

-export default function SignInWithGoogleButton({
-  handleSignIn,
-}: {
-  handleSignIn: () => Promise<void>;
-}) {
  return (
    <Button
      label={
@@ -17,7 +100,7 @@ export default function SignInWithGoogleButton({
        </View>
      }
      color="#de5246"
-      onPress={handleSignIn}
+      onPress={handleSignInWithGoogle}
    />
  );
 }
--- a/examples/react_native/src/root.tsx
+++ b/examples/react_native/src/root.tsx
@@ -4,9 +4,11 @@ import {NhostClient, NhostProvider} from '@nhost/react';
 import AsyncStorage from '@react-native-async-storage/async-storage';
 import Main from '@screens/Main';
 import {NhostApolloProvider} from '@nhost/react-apollo';
+import {Platform} from 'react-native';

 const nhost = new NhostClient({
-  subdomain: 'local',
+  subdomain: Platform.OS === 'ios' ? 'local' : '10-0-2-2',
+  region: 'local',
  clientStorageType: 'react-native',
  clientStorage: AsyncStorage,
 });
--- a/examples/react_native/src/screens/Profile.tsx
+++ b/examples/react_native/src/screens/Profile.tsx
@@ -1,13 +1,17 @@
-import React from 'react';
+import LinkAppleAccount from '@components/LinkAppleAccount';
+import LinkGoogleAccount from '@components/LinkGoogleAccount';
 import {useHasuraClaims, useUserData} from '@nhost/react';
-import {ScrollView, StyleSheet, Text, View} from 'react-native';
+import React from 'react';
+import {ScrollView, StyleSheet, Text} from 'react-native';

 export default function Profile() {
  const user = useUserData();
  const claims = useHasuraClaims();

  return (
-    <View style={styles.wrapper}>
+    <ScrollView contentContainerStyle={styles.wrapper}>
+      <LinkAppleAccount />
+      <LinkGoogleAccount />
      <Text style={styles.subTitle}>User information</Text>
      <ScrollView
        horizontal
@@ -22,13 +26,14 @@ export default function Profile() {
        contentContainerStyle={styles.codeScrollView}>
        <Text style={styles.code}>{JSON.stringify(claims, null, 2)}</Text>
      </ScrollView>
-    </View>
+    </ScrollView>
  );
 }

 const styles = StyleSheet.create({
  wrapper: {
    padding: 12,
+    paddingBottom: 50,
    gap: 10,
  },
  subTitle: {
@@ -43,5 +48,6 @@ const styles = StyleSheet.create({
  codeScrollView: {
    backgroundColor: 'white',
    borderRadius: 10,
+    padding: 10,
  },
 });
--- a/examples/vue-apollo/CHANGELOG.md
+++ b/examples/vue-apollo/CHANGELOG.md
@@ -1,5 +1,14 @@
 # @nhost-examples/vue-apollo

+## 0.7.1
+
+### Patch Changes
+
+- Updated dependencies [14e6100]
+  - @nhost/vue@2.8.0
+  - @nhost/nhost-js@3.2.1
+  - @nhost/apollo@8.0.1
+
 ## 0.7.0

 ### Minor Changes
--- a/examples/vue-apollo/package.json
+++ b/examples/vue-apollo/package.json
@@ -1,7 +1,7 @@
 {
  "name": "@nhost-examples/vue-apollo",
  "private": true,
-  "version": "0.7.0",
+  "version": "0.7.1",
  "scripts": {
    "dev": "vite",
    "build": "vite build",
--- a/examples/vue-quickstart/CHANGELOG.md
+++ b/examples/vue-quickstart/CHANGELOG.md
@@ -1,5 +1,13 @@
 # @nhost-examples/vue-quickstart

+## 0.2.15
+
+### Patch Changes
+
+- Updated dependencies [14e6100]
+  - @nhost/vue@2.8.0
+  - @nhost/apollo@8.0.1
+
 ## 0.2.14

 ### Patch Changes
--- a/examples/vue-quickstart/package.json
+++ b/examples/vue-quickstart/package.json
@@ -1,6 +1,6 @@
 {
  "name": "@nhost-examples/vue-quickstart",
-  "version": "0.2.14",
+  "version": "0.2.15",
  "private": true,
  "scripts": {
    "build": "vite build",
--- a/integrations/apollo/CHANGELOG.md
+++ b/integrations/apollo/CHANGELOG.md
@@ -1,5 +1,11 @@
 # @nhost/apollo

+## 8.0.1
+
+### Patch Changes
+
+- @nhost/nhost-js@3.2.1
+
 ## 8.0.0

 ### Patch Changes
--- a/integrations/apollo/package.json
+++ b/integrations/apollo/package.json
@@ -1,6 +1,6 @@
 {
  "name": "@nhost/apollo",
-  "version": "8.0.0",
+  "version": "8.0.1",
  "description": "Nhost Apollo Client library",
  "license": "MIT",
  "keywords": [
--- a/integrations/react-apollo/CHANGELOG.md
+++ b/integrations/react-apollo/CHANGELOG.md
@@ -1,5 +1,13 @@
 # @nhost/react-apollo

+## 15.0.0
+
+### Patch Changes
+
+- Updated dependencies [14e6100]
+  - @nhost/react@3.8.0
+  - @nhost/apollo@8.0.1
+
 ## 14.0.0

 ### Patch Changes
--- a/integrations/react-apollo/package.json
+++ b/integrations/react-apollo/package.json
@@ -1,6 +1,6 @@
 {
  "name": "@nhost/react-apollo",
-  "version": "14.0.0",
+  "version": "15.0.0",
  "description": "Nhost React Apollo client",
  "license": "MIT",
  "keywords": [
--- a/integrations/react-urql/CHANGELOG.md
+++ b/integrations/react-urql/CHANGELOG.md
@@ -1,5 +1,12 @@
 # @nhost/react-urql

+## 12.0.0
+
+### Patch Changes
+
+- Updated dependencies [14e6100]
+  - @nhost/react@3.8.0
+
 ## 11.0.0

 ### Patch Changes
--- a/integrations/react-urql/package.json
+++ b/integrations/react-urql/package.json
@@ -1,6 +1,6 @@
 {
  "name": "@nhost/react-urql",
-  "version": "11.0.0",
+  "version": "12.0.0",
  "description": "Nhost React URQL client",
  "license": "MIT",
  "keywords": [
--- a/packages/hasura-auth-js/CHANGELOG.md
+++ b/packages/hasura-auth-js/CHANGELOG.md
@@ -1,5 +1,11 @@
 # @nhost/hasura-auth-js

+## 2.8.0
+
+### Minor Changes
+
+- 14e6100: feat: add support for ID token sign-in from authentication providers
+
 ## 2.7.0

 ### Minor Changes
--- a/packages/hasura-auth-js/package.json
+++ b/packages/hasura-auth-js/package.json
@@ -1,6 +1,6 @@
 {
  "name": "@nhost/hasura-auth-js",
-  "version": "2.7.0",
+  "version": "2.8.0",
  "description": "Hasura-auth client",
  "license": "MIT",
  "keywords": [
--- a/packages/hasura-auth-js/src/hasura-auth-client.ts
+++ b/packages/hasura-auth-js/src/hasura-auth-client.ts
@@ -37,6 +37,8 @@ import {
  verifyEmailOTPPromise
 } from './promises'
 import { createPATPromise } from './promises/createPAT'
+import { linkIdTokenPromise } from './promises/linkIdToken'
+import { signInIdTokenPromise } from './promises/signInIdToken'
 import {
  AuthChangedFunction,
  AuthErrorPayload,
@@ -51,6 +53,7 @@ import {
  EmailOTPOptions,
  JWTClaims,
  JWTHasuraClaims,
+  LinkIdTokenParams,
  NhostAuthConstructorParams,
  NhostSessionResponse,
  OnTokenChangedFunction,
@@ -59,6 +62,7 @@ import {
  SecurityKey,
  SendVerificationEmailParams,
  SendVerificationEmailResponse,
+  SignInIdTokenParams,
  SignInParams,
  SignInPATResponse,
  SignInResponse,
@@ -175,6 +179,48 @@ export class HasuraAuthClient {
    return { providerUrl }
  }

+  /**
+   * Use `nhost.auth.signInIdToken` to sign in a user with the provider's account using an ID token
+   *
+   * @example
+   * ### Sign in a user with an id token
+   * ```ts
+   * nhost.auth.signInIdToken({
+   *   provider: 'google', // The provider name, e.g., 'google', 'apple', etc.
+   *   idToken: '...', // The ID token issued by the provider.
+   *   nonce: '...', // Optional: The nonce used during token generation.
+   * });
+   * ```
+   *
+   * @docs https://docs.nhost.io/reference/javascript/auth/sign-in-idtoken
+   */
+  async signInIdToken(params: SignInIdTokenParams) {
+    const interpreter = await this.waitUntilReady()
+
+    const res = await signInIdTokenPromise(interpreter, params)
+
+    return { ...getAuthenticationResult(res), mfa: null }
+  }
+
+  /**
+   * Use `nhost.auth.linkIdToken` to link a user account with the provider's account using an ID token
+   *
+   * @example
+   * ### Link a user account with the provider's account using an id token
+   * ```ts
+   * nhost.auth.linkIdToken({
+   *   provider: 'google', // The provider name, e.g., 'google', 'apple', etc.
+   *   idToken: '...', // The ID token issued by the provider.
+   *   nonce: '...', // Optional: The nonce used during token generation.
+   * })
+   * ```
+   *
+   * @docs https://docs.nhost.io/reference/javascript/auth/link-idtoken
+   */
+  async linkIdToken(params: LinkIdTokenParams) {
+    return linkIdTokenPromise(this._client, params)
+  }
+
  /**
   * Use `nhost.auth.signIn` to sign in a user using email and password, passwordless (email or sms) or an external provider. `signIn` can be used to sign in a user in various ways depending on the parameters.
   *
--- a/packages/hasura-auth-js/src/machines/authentication/events.ts
+++ b/packages/hasura-auth-js/src/machines/authentication/events.ts
@@ -45,3 +45,4 @@ export type AuthEvents =
  | { type: 'SIGNED_OUT' }
  | { type: 'TOKEN_CHANGED' }
  | { type: 'AWAIT_EMAIL_VERIFICATION' }
+  | { type: 'SIGNIN_ID_TOKEN'; provider: string; idToken: string; nonce?: string }
--- a/packages/hasura-auth-js/src/machines/authentication/machine.ts
+++ b/packages/hasura-auth-js/src/machines/authentication/machine.ts
@@ -73,6 +73,7 @@ type AuthServices = {
  passwordlessEmail: { data: PasswordlessEmailResponse | DeanonymizeResponse }
  signInAnonymous: { data: SignInAnonymousResponse }
  signInPAT: { data: SignInPATResponse }
+  signInIdToken: { data: SignInResponse }
  signInMfaTotp: { data: SignInMfaTotpResponse }
  signInSecurityKeyEmail: { data: SignInResponse }
  refreshToken: { data: NhostSessionResponse }
@@ -191,7 +192,8 @@ export const createAuthMachine = ({
                SIGNIN_ANONYMOUS: 'authenticating.anonymous',
                SIGNIN_SECURITY_KEY_EMAIL: 'authenticating.securityKeyEmail',
                SIGNIN_MFA_TOTP: 'authenticating.mfa.totp',
-                SIGNIN_PAT: 'authenticating.pat'
+                SIGNIN_PAT: 'authenticating.pat',
+                SIGNIN_ID_TOKEN: 'authenticating.idToken'
              }
            },
            authenticating: {
@@ -241,6 +243,20 @@ export const createAuthMachine = ({
                    }
                  }
                },
+                idToken: {
+                  invoke: {
+                    src: 'signInIdToken',
+                    id: 'authenticateWithIdToken',
+                    onDone: {
+                      actions: ['saveSession', 'reportTokenChanged'],
+                      target: '#nhost.authentication.signedIn'
+                    },
+                    onError: {
+                      actions: 'saveAuthenticationError',
+                      target: '#nhost.authentication.signedOut.failed'
+                    }
+                  }
+                },
                anonymous: {
                  invoke: {
                    src: 'signInAnonymous',
@@ -831,6 +847,13 @@ export const createAuthMachine = ({
            personalAccessToken: pat
          })
        },
+        signInIdToken: (_context, { provider, idToken, nonce }) => {
+          return postRequest<SignInResponse>('/signin/idtoken', {
+            provider,
+            idToken,
+            ...(nonce && { nonce })
+          })
+        },
        passwordlessSms: (context, { phoneNumber, options }) => {
          if (!isValidPhoneNumber(phoneNumber)) {
            return Promise.reject({ error: INVALID_PHONE_NUMBER_ERROR })
--- a/packages/hasura-auth-js/src/machines/authentication/machine.typegen.ts
+++ b/packages/hasura-auth-js/src/machines/authentication/machine.typegen.ts
@@ -1,475 +1,133 @@
-// This file was automatically generated. Edits will be overwritten

-export interface Typegen0 {
-  '@@xstate/typegen': true
-  internalEvents: {
-    '': { type: '' }
-    'done.invoke.authenticateAnonymously': {
-      type: 'done.invoke.authenticateAnonymously'
-      data: unknown
-      __tip: 'See the XState TS docs to learn how to strongly type this.'
-    }
-    'done.invoke.authenticateUserWithPassword': {
-      type: 'done.invoke.authenticateUserWithPassword'
-      data: unknown
-      __tip: 'See the XState TS docs to learn how to strongly type this.'
-    }
-    'done.invoke.authenticateUserWithSecurityKey': {
-      type: 'done.invoke.authenticateUserWithSecurityKey'
-      data: unknown
-      __tip: 'See the XState TS docs to learn how to strongly type this.'
-    }
-    'done.invoke.authenticateWithPAT': {
-      type: 'done.invoke.authenticateWithPAT'
-      data: unknown
-      __tip: 'See the XState TS docs to learn how to strongly type this.'
-    }
-    'done.invoke.authenticateWithToken': {
-      type: 'done.invoke.authenticateWithToken'
-      data: unknown
-      __tip: 'See the XState TS docs to learn how to strongly type this.'
-    }
-    'done.invoke.importRefreshToken': {
-      type: 'done.invoke.importRefreshToken'
-      data: unknown
-      __tip: 'See the XState TS docs to learn how to strongly type this.'
-    }
-    'done.invoke.passwordlessEmail': {
-      type: 'done.invoke.passwordlessEmail'
-      data: unknown
-      __tip: 'See the XState TS docs to learn how to strongly type this.'
-    }
-    'done.invoke.passwordlessSms': {
-      type: 'done.invoke.passwordlessSms'
-      data: unknown
-      __tip: 'See the XState TS docs to learn how to strongly type this.'
-    }
-    'done.invoke.passwordlessSmsOtp': {
-      type: 'done.invoke.passwordlessSmsOtp'
-      data: unknown
-      __tip: 'See the XState TS docs to learn how to strongly type this.'
-    }
-    'done.invoke.refreshToken': {
-      type: 'done.invoke.refreshToken'
-      data: unknown
-      __tip: 'See the XState TS docs to learn how to strongly type this.'
-    }
-    'done.invoke.signInEmailOTP': {
-      type: 'done.invoke.signInEmailOTP'
-      data: unknown
-      __tip: 'See the XState TS docs to learn how to strongly type this.'
-    }
-    'done.invoke.signInMfaTotp': {
-      type: 'done.invoke.signInMfaTotp'
-      data: unknown
-      __tip: 'See the XState TS docs to learn how to strongly type this.'
-    }
-    'done.invoke.signUpEmailPassword': {
-      type: 'done.invoke.signUpEmailPassword'
-      data: unknown
-      __tip: 'See the XState TS docs to learn how to strongly type this.'
-    }
-    'done.invoke.signUpSecurityKey': {
-      type: 'done.invoke.signUpSecurityKey'
-      data: unknown
-      __tip: 'See the XState TS docs to learn how to strongly type this.'
-    }
-    'done.invoke.signingOut': {
-      type: 'done.invoke.signingOut'
-      data: unknown
-      __tip: 'See the XState TS docs to learn how to strongly type this.'
-    }
-    'done.invoke.verifyEmailOTP': {
-      type: 'done.invoke.verifyEmailOTP'
-      data: unknown
-      __tip: 'See the XState TS docs to learn how to strongly type this.'
-    }
-    'error.platform.authenticateAnonymously': {
-      type: 'error.platform.authenticateAnonymously'
-      data: unknown
-    }
-    'error.platform.authenticateUserWithPassword': {
-      type: 'error.platform.authenticateUserWithPassword'
-      data: unknown
-    }
-    'error.platform.authenticateUserWithSecurityKey': {
-      type: 'error.platform.authenticateUserWithSecurityKey'
-      data: unknown
-    }
-    'error.platform.authenticateWithPAT': {
-      type: 'error.platform.authenticateWithPAT'
-      data: unknown
-    }
-    'error.platform.authenticateWithToken': {
-      type: 'error.platform.authenticateWithToken'
-      data: unknown
-    }
-    'error.platform.importRefreshToken': {
-      type: 'error.platform.importRefreshToken'
-      data: unknown
-    }
-    'error.platform.passwordlessEmail': { type: 'error.platform.passwordlessEmail'; data: unknown }
-    'error.platform.passwordlessSms': { type: 'error.platform.passwordlessSms'; data: unknown }
-    'error.platform.passwordlessSmsOtp': {
-      type: 'error.platform.passwordlessSmsOtp'
-      data: unknown
-    }
-    'error.platform.refreshToken': { type: 'error.platform.refreshToken'; data: unknown }
-    'error.platform.signInEmailOTP': { type: 'error.platform.signInEmailOTP'; data: unknown }
-    'error.platform.signInMfaTotp': { type: 'error.platform.signInMfaTotp'; data: unknown }
-    'error.platform.signUpEmailPassword': {
-      type: 'error.platform.signUpEmailPassword'
-      data: unknown
-    }
-    'error.platform.signUpSecurityKey': { type: 'error.platform.signUpSecurityKey'; data: unknown }
-    'error.platform.signingOut': { type: 'error.platform.signingOut'; data: unknown }
-    'error.platform.verifyEmailOTP': { type: 'error.platform.verifyEmailOTP'; data: unknown }
-    'xstate.after(1000)#nhost.authentication.signedIn.refreshTimer.running.pending': {
-      type: 'xstate.after(1000)#nhost.authentication.signedIn.refreshTimer.running.pending'
-    }
-    'xstate.after(RETRY_IMPORT_TOKEN_DELAY)#nhost.authentication.retryTokenImport': {
-      type: 'xstate.after(RETRY_IMPORT_TOKEN_DELAY)#nhost.authentication.retryTokenImport'
-    }
-    'xstate.init': { type: 'xstate.init' }
-    'xstate.stop': { type: 'xstate.stop' }
-  }
-  invokeSrcNameMap: {
-    importRefreshToken: 'done.invoke.importRefreshToken'
-    passwordlessEmail: 'done.invoke.passwordlessEmail'
-    passwordlessSms: 'done.invoke.passwordlessSms'
-    passwordlessSmsOtp: 'done.invoke.passwordlessSmsOtp'
-    refreshToken: 'done.invoke.authenticateWithToken' | 'done.invoke.refreshToken'
-    signInAnonymous: 'done.invoke.authenticateAnonymously'
-    signInEmailOTP: 'done.invoke.signInEmailOTP'
-    signInMfaTotp: 'done.invoke.signInMfaTotp'
-    signInPAT: 'done.invoke.authenticateWithPAT'
-    signInPassword: 'done.invoke.authenticateUserWithPassword'
-    signInSecurityKeyEmail: 'done.invoke.authenticateUserWithSecurityKey'
-    signUpEmailPassword: 'done.invoke.signUpEmailPassword'
-    signUpSecurityKey: 'done.invoke.signUpSecurityKey'
-    signout: 'done.invoke.signingOut'
-    verifyEmailOTP: 'done.invoke.verifyEmailOTP'
-  }
-  missingImplementations: {
-    actions: never
-    delays: never
-    guards: never
-    services: never
-  }
-  eventsCausingActions: {
-    broadcastToken:
-      | ''
-      | 'SESSION_UPDATE'
-      | 'done.invoke.authenticateAnonymously'
-      | 'done.invoke.authenticateUserWithPassword'
-      | 'done.invoke.authenticateUserWithSecurityKey'
-      | 'done.invoke.authenticateWithPAT'
-      | 'done.invoke.authenticateWithToken'
-      | 'done.invoke.importRefreshToken'
-      | 'done.invoke.passwordlessSmsOtp'
-      | 'done.invoke.signInMfaTotp'
-      | 'done.invoke.signUpEmailPassword'
-      | 'done.invoke.signUpSecurityKey'
-      | 'done.invoke.verifyEmailOTP'
-    cleanUrl:
-      | ''
-      | 'SESSION_UPDATE'
-      | 'done.invoke.authenticateAnonymously'
-      | 'done.invoke.authenticateUserWithPassword'
-      | 'done.invoke.authenticateUserWithSecurityKey'
-      | 'done.invoke.authenticateWithPAT'
-      | 'done.invoke.authenticateWithToken'
-      | 'done.invoke.importRefreshToken'
-      | 'done.invoke.passwordlessSmsOtp'
-      | 'done.invoke.signInMfaTotp'
-      | 'done.invoke.signUpEmailPassword'
-      | 'done.invoke.signUpSecurityKey'
-      | 'done.invoke.verifyEmailOTP'
-    clearContext:
-      | 'done.invoke.passwordlessEmail'
-      | 'done.invoke.passwordlessSms'
-      | 'done.invoke.signInEmailOTP'
-      | 'done.invoke.signUpEmailPassword'
-      | 'done.invoke.signUpSecurityKey'
-    clearContextExceptTokens: 'SIGNOUT'
-    destroyAccessToken:
-      | 'SESSION_UPDATE'
-      | 'SIGNIN_ANONYMOUS'
-      | 'SIGNIN_MFA_TOTP'
-      | 'SIGNIN_PASSWORD'
-      | 'SIGNIN_PAT'
-      | 'SIGNIN_SECURITY_KEY_EMAIL'
-      | 'done.invoke.signingOut'
-      | 'error.platform.signingOut'
-      | 'xstate.stop'
-    destroyRefreshToken:
-      | 'SESSION_UPDATE'
-      | 'SIGNIN_ANONYMOUS'
-      | 'SIGNIN_MFA_TOTP'
-      | 'SIGNIN_PASSWORD'
-      | 'SIGNIN_PAT'
-      | 'SIGNIN_SECURITY_KEY_EMAIL'
-      | 'done.invoke.signingOut'
-      | 'error.platform.signingOut'
-      | 'xstate.stop'
-    incrementTokenImportAttempts: 'error.platform.importRefreshToken'
-    reportSignedIn:
-      | ''
-      | 'SESSION_UPDATE'
-      | 'done.invoke.authenticateAnonymously'
-      | 'done.invoke.authenticateUserWithPassword'
-      | 'done.invoke.authenticateUserWithSecurityKey'
-      | 'done.invoke.authenticateWithPAT'
-      | 'done.invoke.authenticateWithToken'
-      | 'done.invoke.importRefreshToken'
-      | 'done.invoke.passwordlessSmsOtp'
-      | 'done.invoke.signInMfaTotp'
-      | 'done.invoke.signUpEmailPassword'
-      | 'done.invoke.signUpSecurityKey'
-      | 'done.invoke.verifyEmailOTP'
-    reportSignedOut:
-      | 'SIGNOUT'
-      | 'done.invoke.authenticateUserWithPassword'
-      | 'done.invoke.importRefreshToken'
-      | 'done.invoke.passwordlessEmail'
-      | 'done.invoke.passwordlessSms'
-      | 'done.invoke.signInEmailOTP'
-      | 'done.invoke.signUpEmailPassword'
-      | 'done.invoke.signUpSecurityKey'
-      | 'error.platform.authenticateAnonymously'
-      | 'error.platform.authenticateUserWithPassword'
-      | 'error.platform.authenticateUserWithSecurityKey'
-      | 'error.platform.authenticateWithPAT'
-      | 'error.platform.authenticateWithToken'
-      | 'error.platform.importRefreshToken'
-      | 'error.platform.refreshToken'
-      | 'error.platform.signInMfaTotp'
-    reportTokenChanged:
-      | 'SESSION_UPDATE'
-      | 'SIGNIN_ANONYMOUS'
-      | 'SIGNIN_MFA_TOTP'
-      | 'SIGNIN_PASSWORD'
-      | 'SIGNIN_PAT'
-      | 'SIGNIN_SECURITY_KEY_EMAIL'
-      | 'done.invoke.authenticateAnonymously'
-      | 'done.invoke.authenticateUserWithPassword'
-      | 'done.invoke.authenticateUserWithSecurityKey'
-      | 'done.invoke.authenticateWithPAT'
-      | 'done.invoke.authenticateWithToken'
-      | 'done.invoke.importRefreshToken'
-      | 'done.invoke.passwordlessSmsOtp'
-      | 'done.invoke.refreshToken'
-      | 'done.invoke.signInMfaTotp'
-      | 'done.invoke.signUpEmailPassword'
-      | 'done.invoke.signUpSecurityKey'
-      | 'done.invoke.signingOut'
-      | 'done.invoke.verifyEmailOTP'
-      | 'error.platform.signingOut'
-      | 'xstate.stop'
-    resetErrors:
-      | ''
-      | 'PASSWORDLESS_EMAIL'
-      | 'PASSWORDLESS_SMS'
-      | 'PASSWORDLESS_SMS_OTP'
-      | 'SESSION_UPDATE'
-      | 'SIGNIN_ANONYMOUS'
-      | 'SIGNIN_EMAIL_OTP'
-      | 'SIGNIN_MFA_TOTP'
-      | 'SIGNIN_PASSWORD'
-      | 'SIGNIN_PAT'
-      | 'SIGNIN_SECURITY_KEY_EMAIL'
-      | 'SIGNUP_EMAIL_PASSWORD'
-      | 'SIGNUP_SECURITY_KEY'
-      | 'VERIFY_EMAIL_OTP'
-      | 'done.invoke.authenticateAnonymously'
-      | 'done.invoke.authenticateUserWithPassword'
-      | 'done.invoke.authenticateUserWithSecurityKey'
-      | 'done.invoke.authenticateWithPAT'
-      | 'done.invoke.authenticateWithToken'
-      | 'done.invoke.importRefreshToken'
-      | 'done.invoke.passwordlessSmsOtp'
-      | 'done.invoke.signInMfaTotp'
-      | 'done.invoke.signUpEmailPassword'
-      | 'done.invoke.signUpSecurityKey'
-      | 'done.invoke.verifyEmailOTP'
-    resetTimer: '' | 'SESSION_UPDATE' | 'done.invoke.refreshToken'
-    saveAuthenticationError:
-      | 'error.platform.authenticateAnonymously'
-      | 'error.platform.authenticateUserWithPassword'
-      | 'error.platform.authenticateUserWithSecurityKey'
-      | 'error.platform.authenticateWithPAT'
-      | 'error.platform.authenticateWithToken'
-      | 'error.platform.importRefreshToken'
-      | 'error.platform.signInMfaTotp'
-      | 'error.platform.signingOut'
-    saveMfaTicket: 'done.invoke.authenticateUserWithPassword'
-    savePATSession: 'done.invoke.authenticateWithPAT'
-    saveRefreshAttempt: 'error.platform.refreshToken'
-    saveRegistrationError:
-      | 'error.platform.passwordlessEmail'
-      | 'error.platform.passwordlessSms'
-      | 'error.platform.passwordlessSmsOtp'
-      | 'error.platform.signInEmailOTP'
-      | 'error.platform.signUpEmailPassword'
-      | 'error.platform.signUpSecurityKey'
-      | 'error.platform.verifyEmailOTP'
-    saveSession:
-      | 'SESSION_UPDATE'
-      | 'done.invoke.authenticateAnonymously'
-      | 'done.invoke.authenticateUserWithPassword'
-      | 'done.invoke.authenticateUserWithSecurityKey'
-      | 'done.invoke.authenticateWithToken'
-      | 'done.invoke.importRefreshToken'
-      | 'done.invoke.passwordlessSmsOtp'
-      | 'done.invoke.refreshToken'
-      | 'done.invoke.signInMfaTotp'
-      | 'done.invoke.signUpEmailPassword'
-      | 'done.invoke.signUpSecurityKey'
-      | 'done.invoke.verifyEmailOTP'
-  }
-  eventsCausingDelays: {
-    RETRY_IMPORT_TOKEN_DELAY: 'error.platform.importRefreshToken'
-  }
-  eventsCausingGuards: {
-    hasMfaTicket: 'done.invoke.authenticateUserWithPassword'
-    hasRefreshToken: ''
-    hasSession:
-      | 'SESSION_UPDATE'
-      | 'done.invoke.importRefreshToken'
-      | 'done.invoke.signUpEmailPassword'
-      | 'done.invoke.signUpSecurityKey'
-    isAnonymous: 'SIGNED_IN'
-    isAutoRefreshDisabled: ''
-    isRefreshTokenPAT: ''
-    isSignedIn: '' | 'error.platform.authenticateWithToken'
-    isUnauthorizedError: 'error.platform.refreshToken'
-    noToken: ''
-    refreshTimerShouldRefresh: ''
-    shouldRetryImportToken: 'error.platform.importRefreshToken'
-    unverified:
-      | 'error.platform.authenticateUserWithPassword'
-      | 'error.platform.authenticateUserWithSecurityKey'
-      | 'error.platform.signUpEmailPassword'
-      | 'error.platform.signUpSecurityKey'
-  }
-  eventsCausingServices: {
-    importRefreshToken:
-      | 'done.invoke.authenticateWithToken'
-      | 'done.invoke.passwordlessEmail'
-      | 'done.invoke.passwordlessSms'
-      | 'done.invoke.passwordlessSmsOtp'
-      | 'done.invoke.signInEmailOTP'
-      | 'done.invoke.signUpEmailPassword'
-      | 'done.invoke.signUpSecurityKey'
-      | 'done.invoke.verifyEmailOTP'
-      | 'error.platform.authenticateWithToken'
-      | 'xstate.after(RETRY_IMPORT_TOKEN_DELAY)#nhost.authentication.retryTokenImport'
-      | 'xstate.init'
-    passwordlessEmail: 'PASSWORDLESS_EMAIL'
-    passwordlessSms: 'PASSWORDLESS_SMS'
-    passwordlessSmsOtp: 'PASSWORDLESS_SMS_OTP'
-    refreshToken: '' | 'TRY_TOKEN'
-    signInAnonymous: 'SIGNIN_ANONYMOUS'
-    signInEmailOTP: 'SIGNIN_EMAIL_OTP'
-    signInMfaTotp: 'SIGNIN_MFA_TOTP'
-    signInPAT: 'SIGNIN_PAT'
-    signInPassword: 'SIGNIN_PASSWORD'
-    signInSecurityKeyEmail: 'SIGNIN_SECURITY_KEY_EMAIL'
-    signUpEmailPassword: 'SIGNUP_EMAIL_PASSWORD'
-    signUpSecurityKey: 'SIGNUP_SECURITY_KEY'
-    signout: 'SIGNOUT'
-    verifyEmailOTP: 'VERIFY_EMAIL_OTP'
-  }
-  matchesStates:
-    | 'authentication'
-    | 'authentication.authenticating'
-    | 'authentication.authenticating.anonymous'
-    | 'authentication.authenticating.mfa'
-    | 'authentication.authenticating.mfa.totp'
-    | 'authentication.authenticating.password'
-    | 'authentication.authenticating.pat'
-    | 'authentication.authenticating.securityKeyEmail'
-    | 'authentication.retryTokenImport'
-    | 'authentication.signedIn'
-    | 'authentication.signedIn.refreshTimer'
-    | 'authentication.signedIn.refreshTimer.disabled'
-    | 'authentication.signedIn.refreshTimer.idle'
-    | 'authentication.signedIn.refreshTimer.running'
-    | 'authentication.signedIn.refreshTimer.running.pending'
-    | 'authentication.signedIn.refreshTimer.running.refreshing'
-    | 'authentication.signedIn.refreshTimer.stopped'
-    | 'authentication.signedOut'
-    | 'authentication.signedOut.failed'
-    | 'authentication.signedOut.needsMfa'
-    | 'authentication.signedOut.needsSmsOtp'
-    | 'authentication.signedOut.noErrors'
-    | 'authentication.signedOut.signingOut'
-    | 'authentication.signedOut.success'
-    | 'authentication.starting'
-    | 'registration'
-    | 'registration.complete'
-    | 'registration.emailPassword'
-    | 'registration.incomplete'
-    | 'registration.incomplete.failed'
-    | 'registration.incomplete.needsEmailVerification'
-    | 'registration.incomplete.needsOtp'
-    | 'registration.incomplete.noErrors'
-    | 'registration.passwordlessEmail'
-    | 'registration.passwordlessSms'
-    | 'registration.passwordlessSmsOtp'
-    | 'registration.securityKey'
-    | 'registration.signInEmailOTP'
-    | 'registration.verifyEmailOTP'
-    | 'token'
-    | 'token.idle'
-    | 'token.idle.error'
-    | 'token.idle.noErrors'
-    | 'token.running'
-    | {
-        authentication?:
-          | 'authenticating'
-          | 'retryTokenImport'
-          | 'signedIn'
-          | 'signedOut'
-          | 'starting'
-          | {
-              authenticating?:
-                | 'anonymous'
-                | 'mfa'
-                | 'password'
-                | 'pat'
-                | 'securityKeyEmail'
-                | { mfa?: 'totp' }
-              signedIn?:
-                | 'refreshTimer'
-                | {
-                    refreshTimer?:
-                      | 'disabled'
-                      | 'idle'
-                      | 'running'
-                      | 'stopped'
-                      | { running?: 'pending' | 'refreshing' }
-                  }
-              signedOut?:
-                | 'failed'
-                | 'needsMfa'
-                | 'needsSmsOtp'
-                | 'noErrors'
-                | 'signingOut'
-                | 'success'
-            }
-        registration?:
-          | 'complete'
-          | 'emailPassword'
-          | 'incomplete'
-          | 'passwordlessEmail'
-          | 'passwordlessSms'
-          | 'passwordlessSmsOtp'
-          | 'securityKey'
-          | 'signInEmailOTP'
-          | 'verifyEmailOTP'
-          | { incomplete?: 'failed' | 'needsEmailVerification' | 'needsOtp' | 'noErrors' }
-        token?: 'idle' | 'running' | { idle?: 'error' | 'noErrors' }
+  // This file was automatically generated. Edits will be overwritten
+
+  export interface Typegen0 {
+        '@@xstate/typegen': true;
+        internalEvents: {
+          "": { type: "" };
+"done.invoke.authenticateAnonymously": { type: "done.invoke.authenticateAnonymously"; data: unknown; __tip: "See the XState TS docs to learn how to strongly type this." };
+"done.invoke.authenticateUserWithPassword": { type: "done.invoke.authenticateUserWithPassword"; data: unknown; __tip: "See the XState TS docs to learn how to strongly type this." };
+"done.invoke.authenticateUserWithSecurityKey": { type: "done.invoke.authenticateUserWithSecurityKey"; data: unknown; __tip: "See the XState TS docs to learn how to strongly type this." };
+"done.invoke.authenticateWithIdToken": { type: "done.invoke.authenticateWithIdToken"; data: unknown; __tip: "See the XState TS docs to learn how to strongly type this." };
+"done.invoke.authenticateWithPAT": { type: "done.invoke.authenticateWithPAT"; data: unknown; __tip: "See the XState TS docs to learn how to strongly type this." };
+"done.invoke.authenticateWithToken": { type: "done.invoke.authenticateWithToken"; data: unknown; __tip: "See the XState TS docs to learn how to strongly type this." };
+"done.invoke.importRefreshToken": { type: "done.invoke.importRefreshToken"; data: unknown; __tip: "See the XState TS docs to learn how to strongly type this." };
+"done.invoke.passwordlessEmail": { type: "done.invoke.passwordlessEmail"; data: unknown; __tip: "See the XState TS docs to learn how to strongly type this." };
+"done.invoke.passwordlessSms": { type: "done.invoke.passwordlessSms"; data: unknown; __tip: "See the XState TS docs to learn how to strongly type this." };
+"done.invoke.passwordlessSmsOtp": { type: "done.invoke.passwordlessSmsOtp"; data: unknown; __tip: "See the XState TS docs to learn how to strongly type this." };
+"done.invoke.refreshToken": { type: "done.invoke.refreshToken"; data: unknown; __tip: "See the XState TS docs to learn how to strongly type this." };
+"done.invoke.signInEmailOTP": { type: "done.invoke.signInEmailOTP"; data: unknown; __tip: "See the XState TS docs to learn how to strongly type this." };
+"done.invoke.signInMfaTotp": { type: "done.invoke.signInMfaTotp"; data: unknown; __tip: "See the XState TS docs to learn how to strongly type this." };
+"done.invoke.signUpEmailPassword": { type: "done.invoke.signUpEmailPassword"; data: unknown; __tip: "See the XState TS docs to learn how to strongly type this." };
+"done.invoke.signUpSecurityKey": { type: "done.invoke.signUpSecurityKey"; data: unknown; __tip: "See the XState TS docs to learn how to strongly type this." };
+"done.invoke.signingOut": { type: "done.invoke.signingOut"; data: unknown; __tip: "See the XState TS docs to learn how to strongly type this." };
+"done.invoke.verifyEmailOTP": { type: "done.invoke.verifyEmailOTP"; data: unknown; __tip: "See the XState TS docs to learn how to strongly type this." };
+"error.platform.authenticateAnonymously": { type: "error.platform.authenticateAnonymously"; data: unknown };
+"error.platform.authenticateUserWithPassword": { type: "error.platform.authenticateUserWithPassword"; data: unknown };
+"error.platform.authenticateUserWithSecurityKey": { type: "error.platform.authenticateUserWithSecurityKey"; data: unknown };
+"error.platform.authenticateWithIdToken": { type: "error.platform.authenticateWithIdToken"; data: unknown };
+"error.platform.authenticateWithPAT": { type: "error.platform.authenticateWithPAT"; data: unknown };
+"error.platform.authenticateWithToken": { type: "error.platform.authenticateWithToken"; data: unknown };
+"error.platform.importRefreshToken": { type: "error.platform.importRefreshToken"; data: unknown };
+"error.platform.passwordlessEmail": { type: "error.platform.passwordlessEmail"; data: unknown };
+"error.platform.passwordlessSms": { type: "error.platform.passwordlessSms"; data: unknown };
+"error.platform.passwordlessSmsOtp": { type: "error.platform.passwordlessSmsOtp"; data: unknown };
+"error.platform.refreshToken": { type: "error.platform.refreshToken"; data: unknown };
+"error.platform.signInEmailOTP": { type: "error.platform.signInEmailOTP"; data: unknown };
+"error.platform.signInMfaTotp": { type: "error.platform.signInMfaTotp"; data: unknown };
+"error.platform.signUpEmailPassword": { type: "error.platform.signUpEmailPassword"; data: unknown };
+"error.platform.signUpSecurityKey": { type: "error.platform.signUpSecurityKey"; data: unknown };
+"error.platform.signingOut": { type: "error.platform.signingOut"; data: unknown };
+"error.platform.verifyEmailOTP": { type: "error.platform.verifyEmailOTP"; data: unknown };
+"xstate.after(1000)#nhost.authentication.signedIn.refreshTimer.running.pending": { type: "xstate.after(1000)#nhost.authentication.signedIn.refreshTimer.running.pending" };
+"xstate.after(RETRY_IMPORT_TOKEN_DELAY)#nhost.authentication.retryTokenImport": { type: "xstate.after(RETRY_IMPORT_TOKEN_DELAY)#nhost.authentication.retryTokenImport" };
+"xstate.init": { type: "xstate.init" };
+"xstate.stop": { type: "xstate.stop" };
+        };
+        invokeSrcNameMap: {
+          "importRefreshToken": "done.invoke.importRefreshToken";
+"passwordlessEmail": "done.invoke.passwordlessEmail";
+"passwordlessSms": "done.invoke.passwordlessSms";
+"passwordlessSmsOtp": "done.invoke.passwordlessSmsOtp";
+"refreshToken": "done.invoke.authenticateWithToken" | "done.invoke.refreshToken";
+"signInAnonymous": "done.invoke.authenticateAnonymously";
+"signInEmailOTP": "done.invoke.signInEmailOTP";
+"signInIdToken": "done.invoke.authenticateWithIdToken";
+"signInMfaTotp": "done.invoke.signInMfaTotp";
+"signInPAT": "done.invoke.authenticateWithPAT";
+"signInPassword": "done.invoke.authenticateUserWithPassword";
+"signInSecurityKeyEmail": "done.invoke.authenticateUserWithSecurityKey";
+"signUpEmailPassword": "done.invoke.signUpEmailPassword";
+"signUpSecurityKey": "done.invoke.signUpSecurityKey";
+"signout": "done.invoke.signingOut";
+"verifyEmailOTP": "done.invoke.verifyEmailOTP";
+        };
+        missingImplementations: {
+          actions: never;
+          delays: never;
+          guards: never;
+          services: never;
+        };
+        eventsCausingActions: {
+          "broadcastToken": "" | "SESSION_UPDATE" | "done.invoke.authenticateAnonymously" | "done.invoke.authenticateUserWithPassword" | "done.invoke.authenticateUserWithSecurityKey" | "done.invoke.authenticateWithIdToken" | "done.invoke.authenticateWithPAT" | "done.invoke.authenticateWithToken" | "done.invoke.importRefreshToken" | "done.invoke.passwordlessSmsOtp" | "done.invoke.signInMfaTotp" | "done.invoke.signUpEmailPassword" | "done.invoke.signUpSecurityKey" | "done.invoke.verifyEmailOTP";
+"cleanUrl": "" | "SESSION_UPDATE" | "done.invoke.authenticateAnonymously" | "done.invoke.authenticateUserWithPassword" | "done.invoke.authenticateUserWithSecurityKey" | "done.invoke.authenticateWithIdToken" | "done.invoke.authenticateWithPAT" | "done.invoke.authenticateWithToken" | "done.invoke.importRefreshToken" | "done.invoke.passwordlessSmsOtp" | "done.invoke.signInMfaTotp" | "done.invoke.signUpEmailPassword" | "done.invoke.signUpSecurityKey" | "done.invoke.verifyEmailOTP";
+"clearContext": "done.invoke.passwordlessEmail" | "done.invoke.passwordlessSms" | "done.invoke.signInEmailOTP" | "done.invoke.signUpEmailPassword" | "done.invoke.signUpSecurityKey";
+"clearContextExceptTokens": "SIGNOUT";
+"destroyAccessToken": "SESSION_UPDATE" | "SIGNIN_ANONYMOUS" | "SIGNIN_ID_TOKEN" | "SIGNIN_MFA_TOTP" | "SIGNIN_PASSWORD" | "SIGNIN_PAT" | "SIGNIN_SECURITY_KEY_EMAIL" | "done.invoke.signingOut" | "error.platform.signingOut" | "xstate.stop";
+"destroyRefreshToken": "SESSION_UPDATE" | "SIGNIN_ANONYMOUS" | "SIGNIN_ID_TOKEN" | "SIGNIN_MFA_TOTP" | "SIGNIN_PASSWORD" | "SIGNIN_PAT" | "SIGNIN_SECURITY_KEY_EMAIL" | "done.invoke.signingOut" | "error.platform.signingOut" | "xstate.stop";
+"incrementTokenImportAttempts": "error.platform.importRefreshToken";
+"reportSignedIn": "" | "SESSION_UPDATE" | "done.invoke.authenticateAnonymously" | "done.invoke.authenticateUserWithPassword" | "done.invoke.authenticateUserWithSecurityKey" | "done.invoke.authenticateWithIdToken" | "done.invoke.authenticateWithPAT" | "done.invoke.authenticateWithToken" | "done.invoke.importRefreshToken" | "done.invoke.passwordlessSmsOtp" | "done.invoke.signInMfaTotp" | "done.invoke.signUpEmailPassword" | "done.invoke.signUpSecurityKey" | "done.invoke.verifyEmailOTP";
+"reportSignedOut": "SIGNOUT" | "done.invoke.authenticateUserWithPassword" | "done.invoke.importRefreshToken" | "done.invoke.passwordlessEmail" | "done.invoke.passwordlessSms" | "done.invoke.signInEmailOTP" | "done.invoke.signUpEmailPassword" | "done.invoke.signUpSecurityKey" | "error.platform.authenticateAnonymously" | "error.platform.authenticateUserWithPassword" | "error.platform.authenticateUserWithSecurityKey" | "error.platform.authenticateWithIdToken" | "error.platform.authenticateWithPAT" | "error.platform.authenticateWithToken" | "error.platform.importRefreshToken" | "error.platform.refreshToken" | "error.platform.signInMfaTotp";
+"reportTokenChanged": "SESSION_UPDATE" | "SIGNIN_ANONYMOUS" | "SIGNIN_ID_TOKEN" | "SIGNIN_MFA_TOTP" | "SIGNIN_PASSWORD" | "SIGNIN_PAT" | "SIGNIN_SECURITY_KEY_EMAIL" | "done.invoke.authenticateAnonymously" | "done.invoke.authenticateUserWithPassword" | "done.invoke.authenticateUserWithSecurityKey" | "done.invoke.authenticateWithIdToken" | "done.invoke.authenticateWithPAT" | "done.invoke.authenticateWithToken" | "done.invoke.importRefreshToken" | "done.invoke.passwordlessSmsOtp" | "done.invoke.refreshToken" | "done.invoke.signInMfaTotp" | "done.invoke.signUpEmailPassword" | "done.invoke.signUpSecurityKey" | "done.invoke.signingOut" | "done.invoke.verifyEmailOTP" | "error.platform.signingOut" | "xstate.stop";
+"resetErrors": "" | "PASSWORDLESS_EMAIL" | "PASSWORDLESS_SMS" | "PASSWORDLESS_SMS_OTP" | "SESSION_UPDATE" | "SIGNIN_ANONYMOUS" | "SIGNIN_EMAIL_OTP" | "SIGNIN_ID_TOKEN" | "SIGNIN_MFA_TOTP" | "SIGNIN_PASSWORD" | "SIGNIN_PAT" | "SIGNIN_SECURITY_KEY_EMAIL" | "SIGNUP_EMAIL_PASSWORD" | "SIGNUP_SECURITY_KEY" | "VERIFY_EMAIL_OTP" | "done.invoke.authenticateAnonymously" | "done.invoke.authenticateUserWithPassword" | "done.invoke.authenticateUserWithSecurityKey" | "done.invoke.authenticateWithIdToken" | "done.invoke.authenticateWithPAT" | "done.invoke.authenticateWithToken" | "done.invoke.importRefreshToken" | "done.invoke.passwordlessSmsOtp" | "done.invoke.signInMfaTotp" | "done.invoke.signUpEmailPassword" | "done.invoke.signUpSecurityKey" | "done.invoke.verifyEmailOTP";
+"resetTimer": "" | "SESSION_UPDATE" | "done.invoke.refreshToken";
+"saveAuthenticationError": "error.platform.authenticateAnonymously" | "error.platform.authenticateUserWithPassword" | "error.platform.authenticateUserWithSecurityKey" | "error.platform.authenticateWithIdToken" | "error.platform.authenticateWithPAT" | "error.platform.authenticateWithToken" | "error.platform.importRefreshToken" | "error.platform.signInMfaTotp" | "error.platform.signingOut";
+"saveMfaTicket": "done.invoke.authenticateUserWithPassword";
+"savePATSession": "done.invoke.authenticateWithPAT";
+"saveRefreshAttempt": "error.platform.refreshToken";
+"saveRegistrationError": "error.platform.passwordlessEmail" | "error.platform.passwordlessSms" | "error.platform.passwordlessSmsOtp" | "error.platform.signInEmailOTP" | "error.platform.signUpEmailPassword" | "error.platform.signUpSecurityKey" | "error.platform.verifyEmailOTP";
+"saveSession": "SESSION_UPDATE" | "done.invoke.authenticateAnonymously" | "done.invoke.authenticateUserWithPassword" | "done.invoke.authenticateUserWithSecurityKey" | "done.invoke.authenticateWithIdToken" | "done.invoke.authenticateWithToken" | "done.invoke.importRefreshToken" | "done.invoke.passwordlessSmsOtp" | "done.invoke.refreshToken" | "done.invoke.signInMfaTotp" | "done.invoke.signUpEmailPassword" | "done.invoke.signUpSecurityKey" | "done.invoke.verifyEmailOTP";
+        };
+        eventsCausingDelays: {
+          "RETRY_IMPORT_TOKEN_DELAY": "error.platform.importRefreshToken";
+        };
+        eventsCausingGuards: {
+          "hasMfaTicket": "done.invoke.authenticateUserWithPassword";
+"hasRefreshToken": "";
+"hasSession": "SESSION_UPDATE" | "done.invoke.importRefreshToken" | "done.invoke.signUpEmailPassword" | "done.invoke.signUpSecurityKey";
+"isAnonymous": "SIGNED_IN";
+"isAutoRefreshDisabled": "";
+"isRefreshTokenPAT": "";
+"isSignedIn": "" | "error.platform.authenticateWithToken";
+"isUnauthorizedError": "error.platform.refreshToken";
+"noToken": "";
+"refreshTimerShouldRefresh": "";
+"shouldRetryImportToken": "error.platform.importRefreshToken";
+"unverified": "error.platform.authenticateUserWithPassword" | "error.platform.authenticateUserWithSecurityKey" | "error.platform.signUpEmailPassword" | "error.platform.signUpSecurityKey";
+        };
+        eventsCausingServices: {
+          "importRefreshToken": "done.invoke.authenticateWithToken" | "done.invoke.passwordlessEmail" | "done.invoke.passwordlessSms" | "done.invoke.passwordlessSmsOtp" | "done.invoke.signInEmailOTP" | "done.invoke.signUpEmailPassword" | "done.invoke.signUpSecurityKey" | "done.invoke.verifyEmailOTP" | "error.platform.authenticateWithToken" | "xstate.after(RETRY_IMPORT_TOKEN_DELAY)#nhost.authentication.retryTokenImport" | "xstate.init";
+"passwordlessEmail": "PASSWORDLESS_EMAIL";
+"passwordlessSms": "PASSWORDLESS_SMS";
+"passwordlessSmsOtp": "PASSWORDLESS_SMS_OTP";
+"refreshToken": "" | "TRY_TOKEN";
+"signInAnonymous": "SIGNIN_ANONYMOUS";
+"signInEmailOTP": "SIGNIN_EMAIL_OTP";
+"signInIdToken": "SIGNIN_ID_TOKEN";
+"signInMfaTotp": "SIGNIN_MFA_TOTP";
+"signInPAT": "SIGNIN_PAT";
+"signInPassword": "SIGNIN_PASSWORD";
+"signInSecurityKeyEmail": "SIGNIN_SECURITY_KEY_EMAIL";
+"signUpEmailPassword": "SIGNUP_EMAIL_PASSWORD";
+"signUpSecurityKey": "SIGNUP_SECURITY_KEY";
+"signout": "SIGNOUT";
+"verifyEmailOTP": "VERIFY_EMAIL_OTP";
+        };
+        matchesStates: "authentication" | "authentication.authenticating" | "authentication.authenticating.anonymous" | "authentication.authenticating.idToken" | "authentication.authenticating.mfa" | "authentication.authenticating.mfa.totp" | "authentication.authenticating.password" | "authentication.authenticating.pat" | "authentication.authenticating.securityKeyEmail" | "authentication.retryTokenImport" | "authentication.signedIn" | "authentication.signedIn.refreshTimer" | "authentication.signedIn.refreshTimer.disabled" | "authentication.signedIn.refreshTimer.idle" | "authentication.signedIn.refreshTimer.running" | "authentication.signedIn.refreshTimer.running.pending" | "authentication.signedIn.refreshTimer.running.refreshing" | "authentication.signedIn.refreshTimer.stopped" | "authentication.signedOut" | "authentication.signedOut.failed" | "authentication.signedOut.needsMfa" | "authentication.signedOut.needsSmsOtp" | "authentication.signedOut.noErrors" | "authentication.signedOut.signingOut" | "authentication.signedOut.success" | "authentication.starting" | "registration" | "registration.complete" | "registration.emailPassword" | "registration.incomplete" | "registration.incomplete.failed" | "registration.incomplete.needsEmailVerification" | "registration.incomplete.needsOtp" | "registration.incomplete.noErrors" | "registration.passwordlessEmail" | "registration.passwordlessSms" | "registration.passwordlessSmsOtp" | "registration.securityKey" | "registration.signInEmailOTP" | "registration.verifyEmailOTP" | "token" | "token.idle" | "token.idle.error" | "token.idle.noErrors" | "token.running" | { "authentication"?: "authenticating" | "retryTokenImport" | "signedIn" | "signedOut" | "starting" | { "authenticating"?: "anonymous" | "idToken" | "mfa" | "password" | "pat" | "securityKeyEmail" | { "mfa"?: "totp"; };
+"signedIn"?: "refreshTimer" | { "refreshTimer"?: "disabled" | "idle" | "running" | "stopped" | { "running"?: "pending" | "refreshing"; }; };
+"signedOut"?: "failed" | "needsMfa" | "needsSmsOtp" | "noErrors" | "signingOut" | "success"; };
+"registration"?: "complete" | "emailPassword" | "incomplete" | "passwordlessEmail" | "passwordlessSms" | "passwordlessSmsOtp" | "securityKey" | "signInEmailOTP" | "verifyEmailOTP" | { "incomplete"?: "failed" | "needsEmailVerification" | "needsOtp" | "noErrors"; };
+"token"?: "idle" | "running" | { "idle"?: "error" | "noErrors"; }; };
+        tags: "loading";
      }
-  tags: 'loading'
-}
+  
--- a/packages/hasura-auth-js/src/promises/index.ts
+++ b/packages/hasura-auth-js/src/promises/index.ts
@@ -17,4 +17,6 @@ export * from './signOut'
 export * from './signUpEmailPassword'
 export * from './signUpEmailSecurityKey'
 export * from './signInEmailOTP'
+export * from './signInIdToken'
+export * from './linkIdToken'
 export * from './types'
--- a/packages/hasura-auth-js/src/promises/linkIdToken.ts
+++ b/packages/hasura-auth-js/src/promises/linkIdToken.ts
@@ -0,0 +1,34 @@
+import { AuthClient } from '../internal-client'
+import { AuthErrorPayload, Provider } from '../types'
+import { postFetch } from '../utils/fetch'
+import { AuthActionErrorState, AuthActionSuccessState } from './types'
+
+export interface LinkIdTokenHandlerParams {
+  provider: Provider
+  idToken: string
+  nonce?: string
+}
+
+export interface LinkIdTokenHandlerResult extends AuthActionErrorState, AuthActionSuccessState {}
+
+export const linkIdTokenPromise = async (
+  { backendUrl, interpreter }: AuthClient,
+  { provider, idToken, nonce }: LinkIdTokenHandlerParams
+): Promise<LinkIdTokenHandlerResult> => {
+  try {
+    await postFetch<string>(
+      `${backendUrl}/link/idtoken`,
+      { provider, idToken, ...(nonce && { nonce }) },
+      interpreter?.getSnapshot().context.accessToken.value
+    )
+
+    return {
+      isError: false,
+      error: null,
+      isSuccess: true
+    }
+  } catch (e) {
+    const { error } = e as { error: AuthErrorPayload }
+    return { isError: true, error, isSuccess: false }
+  }
+}
--- a/packages/hasura-auth-js/src/promises/signInIdToken.ts
+++ b/packages/hasura-auth-js/src/promises/signInIdToken.ts
@@ -0,0 +1,61 @@
+import { USER_ALREADY_SIGNED_IN } from '../errors'
+import { AuthInterpreter } from '../machines'
+import { Provider } from '../types'
+
+import { AuthActionLoadingState, SessionActionHandlerResult } from './types'
+
+export interface SignInIdTokenHandlerParams {
+  provider: Provider
+  idToken: string
+  nonce?: string
+}
+
+export interface SignInIdTokenHandlerResult extends SessionActionHandlerResult {}
+export interface SignInIdTokenState extends SignInIdTokenHandlerResult, AuthActionLoadingState {}
+
+export const signInIdTokenPromise = (
+  interpreter: AuthInterpreter,
+  { provider, idToken, nonce }: SignInIdTokenHandlerParams
+): Promise<SignInIdTokenHandlerResult> =>
+  new Promise((resolve) => {
+    const { changed } = interpreter.send('SIGNIN_ID_TOKEN', {
+      provider,
+      idToken,
+      ...(nonce && { nonce })
+    })
+
+    if (!changed) {
+      resolve({
+        isSuccess: false,
+        isError: true,
+        error: USER_ALREADY_SIGNED_IN,
+        user: null,
+        accessToken: null,
+        refreshToken: null
+      })
+    }
+
+    interpreter.onTransition((state) => {
+      if (state.matches({ authentication: { signedOut: 'failed' } })) {
+        return resolve({
+          accessToken: null,
+          refreshToken: null,
+          user: null,
+          error: state.context.errors.authentication || null,
+          isError: true,
+          isSuccess: false
+        })
+      }
+
+      if (state.matches({ authentication: 'signedIn' })) {
+        return resolve({
+          accessToken: state.context.accessToken.value,
+          refreshToken: state.context.refreshToken.value,
+          user: state.context.user,
+          error: null,
+          isError: false,
+          isSuccess: true
+        })
+      }
+    })
+  })
--- a/packages/hasura-auth-js/src/types/client.ts
+++ b/packages/hasura-auth-js/src/types/client.ts
@@ -69,6 +69,9 @@ export type SignInWithProviderParams =

 export type ConnectProviderParams = SignInWithProviderParams

+export type LinkIdTokenParams = { provider: Provider; idToken: string; nonce?: string }
+export type SignInIdTokenParams = { provider: Provider; idToken: string; nonce?: string }
+
 export type SignInParams =
  | SignInEmailPasswordParams
  | SignInEmailPasswordOtpParams
--- a/Show More
+++ b/Show More