OAuth
Getting Started
1) Create Credential
- Go to APIs & Services On Enabled APIs & Services Click ENABLE APIS AND SERVICES
- Find your API that want to authorize Click ENABLE
- On Credentials Click CREATE CREDENTIALS and select OAuth client ID
- Drop down and select Web Application Pass a credential
name like
app-bigquery-server - On Authorized redirect URIs Pass
http://localhost:8080Click ADD URI and then CREATE - Copy Client ID and Client Secret ID from this creation process
2) Client Authenticate
-
Get Authorization Code
-
Request Access and Refresh tokens
POST /token HTTP/1.1 Host: oauth2.googleapis.com Content-Type: application/x-www-form-urlencoded code={authorization-code}& client_id={client-id}.apps.googleusercontent.com& client_secret={client-secret}& redirect_uri=https://oauth2-login.appclient.com/code& grant_type=authorization_codeAbstract
When does a refresh token expire?:
Refresh tokens do not expire, unless there are few special conditions:
- The user has removed your Google application.
- The refresh token has not been used for six months.
- The user changed password and the refresh token contained Gmail scopes. This means that the refresh token will be invalidated only when he had previously given the permisions for managing his Gmail, and then later changed his password. For the rest of Google services like Youtube, Calendar etc, a changed password will not invalidate the refresh token.
- The application generated a new refresh token for the user for more than 50 times.
-
Re-generate Access Token
-
Varify Access Token
How Can I Verify a Google Authentication API Access Token?
Note
Revoke: