How can I verify a Google authentication API access token?

by

For user check, just post
get the access token as accessToken and post it and get the response

https://www.googleapis.com/oauth2/v1/tokeninfo?access_token=accessToken

you can try in address bar in browsers too, use httppost and response in java also

response will be like 

{
     "issued_to": "xxxxxxxxxxxxx-xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx.apps.googleusercontent.com",
     "audience": "xxxxxxxxxxxxxxx-xxxxxxxxxxxxxxxxxxxxxxxxxx.apps.googleusercontent.com",
     "user_id": "xxxxxxxxxxxxxxxxxxxxxxx",
     "scope": "https://www.googleapis.com/auth/userinfo.profile https://gdata.youtube.com",
     "expires_in": 3340,
     "access_type": "offline"
    }

The scope is the given permission of the accessToken. you can check the scope ids in this link

Update:
New API
post as below

https://oauth2.googleapis.com/tokeninfo?id_token=XYZ123

Response will be as

 {
 // These six fields are included in all Google ID Tokens.
 "iss": "https://accounts.google.com",
 "sub": "110169484474386276334",
 "azp": "1008719970978-hb24n2dstb40o45d4feuo2ukqmcc6381.apps.googleusercontent.com",
 "aud": "1008719970978-hb24n2dstb40o45d4feuo2ukqmcc6381.apps.googleusercontent.com",
 "iat": "1433978353",
 "exp": "1433981953",

 // These seven fields are only included when the user has granted the "profile" and
 // "email" OAuth scopes to the application.
 "email": "[email protected]",
 "email_verified": "true",
 "name" : "Test User",
 "picture": "https://lh4.googleusercontent.com/-kYgzyAWpZzJ/ABCDEFGHI/AAAJKLMNOP/tIXL9Ir44LE/s99-c/photo.jpg",
 "given_name": "Test",
 "family_name": "User",
 "locale": "en"
}

For more info, https://developers.google.com/identity/sign-in/android/backend-auth

More Related Contents:

  1. How to secure RESTful web services?
  2. Can a single Web Domain have multiple passwords? [closed]
  3. Understanding REST: Verbs, error codes, and authentication
  4. Timezone lookup from latitude longitude [closed]
  5. Is There a JSON Parser for VB6 / VBA?
  6. How do I upload a file with metadata using a REST web service?
  7. Secure Web Services: REST over HTTPS vs SOAP + WS-Security. Which is better? [closed]
  8. Patterns for handling batch operations in REST web services?
  9. How to obtain longitude and latitude for a street address programmatically (and legally)
  10. How to consume a web service from VB6?
  11. How to specify the scope of Google API to get the birthday
  12. Spring, Jackson and Customization (e.g. CustomDeserializer)
  13. Sign in with Google temporarily disabled for this app
  14. What are REST API error handling best practices? [closed]
  15. What is a web service endpoint?
  16. How to use Google Login API with Cordova/Phonegap
  17. Can a WSDL indicate the SOAP version (1.1 or 1.2) of the web service?
  18. How to change Google consent screen email?
  19. Rest vs. Soap. Has REST a better performance?
  20. Why do we need RESTful Web Services?
  21. Log4Net “Could not find schema information” messages
  22. REST web service WSDL? [duplicate]
  23. CXF web service client: “Cannot create a secure XMLInputFactory”
  24. Calling REST web services from a classic asp page
  25. encoding of query string parameters in IE10
  26. Generate WSDL for existing SOAP Service using captured traffic
  27. Google API OAuth2, Service Account, “error” : “invalid_grant”
  28. Adding Custom Http Headers to Web Service Proxy
  29. How can I get a Kerberos ticket with Delphi?
  30. Jersey client exception: A message body writer was not found

Leave a Comment