Browse the knowledge base

Sign in with Apple or Google

Sign in with Apple and Sign in with Google are both available on web and in the mobile apps. We receive only your basic identity (email, name) — never your password or any other provider data. If a TaxItEasy account already exists under the same verified email, the sign-in links to it; the first link triggers a security email. 2FA still applies after social sign-in.

What's available

Both providers work everywhere:

  • WebSign in with Apple and Sign in with Google buttons sit next to the email + password form, on both the login and register pages.
  • Mobile — the iOS and Android apps use the native sheets: Apple's system sign-in sheet and native Google sign-in. No browser round-trip.

Social sign-in behaves exactly like password login, including the 2FA challenge if you've enabled it. It's a convenience, not a weaker (or stronger) security mode.

What the provider shares with us

Only your basic identity: your email address and name. We never get your Apple or Google password, and we don't request anything beyond identity — no Drive, no Calendar, no contacts. (Reading your Gmail inbox for invoices is a completely separate, opt-in connection with its own consent screen — see connect Gmail, Outlook, or IMAP.)

How account linking works

Three cases, decided automatically:

  • You've signed in with this provider before — the provider identity wins; you land on your existing account. This keeps working even if you later change the email at the provider.
  • First social sign-in, and a TaxItEasy account exists under the same email — the sign-in links to that account, but only if the account's email is verified. This is a deliberate guard against account pre-hijacking: nobody can register an unverified account under your address and wait for you to "link into" it. The first successful link triggers a security email to the account, so you'd notice a link you didn't make.
  • No account under that email — a fresh account is created and you go through onboarding, minus the email-verification step (the provider has already verified the address).

Social-only accounts and sensitive actions

If you signed up via Apple or Google and never set a password, sensitive actions — deleting your account, disabling 2FA — are confirmed with a fresh provider sign-in instead of a password prompt. You're never locked out of security-critical flows just because you have no password.

Want a password as a second path anyway? Run the Forgot password flow on the login page; it works regardless of how you originally signed up.

Does social sign-in skip 2FA?

No. If 2FA is enabled on your TaxItEasy account, the code prompt still appears after Apple or Google sign-in. The provider proves you control the email; 2FA proves you're the same person who set up TaxItEasy on it. Two independent factors — a phished provider password alone doesn't open your tax data.

(On iPhone, after one successful code entry your device pairs cryptographically and later logins skip the code prompt — the paired device plus Face ID/Touch ID acts as the second factor. Paired devices are listed and revocable in Settings.)

What happens on account deletion

Deleting your TaxItEasy account also cleans up on the provider side: Apple sign-in tokens are revoked at Apple before your encryption keys are destroyed. See delete your account and export your data.

Troubleshooting

I have work and personal Google accounts — which one signs in? Whichever your browser is signed into. If you land on the wrong one, sign out of Google or use a private window; Chrome with multiple profiles lets you pick on the consent screen.

My Workspace admin blocks third-party OAuth. Some Google Workspace tenants restrict which apps users can authorise. Ask your admin to allow TaxItEasy, or sign up with email + password — you lose nothing; social sign-in is a convenience.

Sign-in says my email doesn't match my existing account. Usually an alias: your TaxItEasy account uses [email protected] but Google returns the canonical [email protected]. Sign in with email + password using the alias, change your account email to the canonical address, then use Google sign-in.

I want to revoke TaxItEasy's access at the provider. Google: myaccount.google.com → Security → Third-party connections → Remove access. Apple: Settings → [your name] → Sign-In & Security → Sign in with Apple. Your TaxItEasy account is unaffected — set a password first (via Forgot password) if you don't have one, so you keep a way in.

Never set a password and revoked the provider link. Use Forgot password on the login page — the reset email works no matter how you originally signed up.

Related

Didn't answer your question? Write to [email protected] · the AI chat in the bottom-right corner answers most common questions.