Google OAuth2: Why don’t I get refresh token | Free Online Tutorials

Google OAuth2: Why don’t I get refresh token

phptuts June 25, 2022

Example google authorization url:

https://accounts.google.com/o/oauth2/v2/auth?
scope=https%3A//www.googleapis.com/auth/userinfo.email%20https%3A//www.googleapis.com/auth/drive&
access_type=offline&include_granted_scopes=true&response_type=code&state=1&
redirect_uri=https%3A//tutorialspots.com/auth/google&
client_id=49811111111-hn5s1tvnd5211111115doc2p5q1op7k.apps.googleusercontent.com

We dont get refresh token:

{
  "access_token": "ya29.A0ARrdaM8DhqEqA-PNfN1111zd2UvBcn_SKJrwda3RV1m_b6caWW1rtphRqWk-J1j3idG5gnaCvVhxFB7-3UtNY1wZ_7iWZ-G8_FkXQ0Sflq2zPDyGidVaserXcMrC2UOqqOb_1_N3j_ZSJ_xZLcPlpBANAXrGrwYUNnWUtBVEFTQVRBU0ZRR1111jFWaWRRcmhMVW1wREdnV0Rmd2lPTDRyQQ0165",
  "expires_in": 3599,
  "scope": "openid https://www.googleapis.com/auth/userinfo.email https://www.googleapis.com/auth/drive",
  "token_type": "Bearer",
  "id_token": "eyJhbGciOiJSUzI1NiIsImtpZCI6IjJi1111NzQ0ZDU4Yzk5NTVkNGYyNDBiNmE5MmY3YjM3ZmVhZDJmZjgiLCJ0eXAiOiJKV1QifQ.eyJpc3MiOiJodHRwczovL2FjY291bnRzLmdvb2dsZS5jb20iLCJhenAiOiI0OTg5NDc1MDk4MjctaG41czF0dm5kNTJpMmc1MThrdDVkb2MycDVxMW9wN2suYXBwcy5nb29nbGV1c2VyY29udGVudC5jb20iLCJhdWQiOiI0OTg5NDc1MDk4MjctaG41czF0dm5kNTJpMmc1MThrdDVkb2MycDVxMW9wN2suYXBwcy5nb29nbGV1c2VyY29udGVudC5jb20iLCJzdWIiOiIxMDEwMzk4NTIyODQxMDgxNjc2NzEiLCJlbWFpbCI6ImJvaXZpZXQubmV0QGdtYWlsLmNvbSIsImVtYWlsX3ZlcmlmaWVkIjp0cnVlLCJhdF9oYXNoIjoibnA1UkNNWnZIVFI5UG04V1NjQmZtdyIsImlhdCI6MTY1NjE3MzU3NiwiZXhwIjoxNjU2MTc3MTc2fQ.E03g1PBRj42UkwvKQfw7_HACANLwoBwS8LHWtG9bsr_0k5QpP5P1qrTNuA5frPqmvVDjLMFqzPpeIwef2SEshFJt8kWJeHNBxPbvmX63aFh-2WqxTl-Zfy5khp4adlryuYJcqi1g9omLJAaL2zHpqsbchc44Au6fd2dsVEwnXKr6b6owombpPU03n0fOkY8B-SUl2iOczMC9hLbJ1XUpHULDUUN68i77M0xk62pFGaEI_tn-16KuCUwVyovTw8Usml1CND0gV3fNSFJnUitVmbLcYxFIiAfI5t84_JtjIaz8_YScr6WvyfDcG9IPMe1111b9uG-VPEIZlSarJpGgKw"
}

The refresh_token is only provided on the first authorization from the user. Subsequent authorizations, such as the kind you make while testing an OAuth2 integration, will not return the refresh_token again.

1. Go to the page showing Apps with access to your account: https://myaccount.google.com/u/0/permissions.
2. Under the Third-party apps menu, choose your app.
3. Click Remove access and then click Ok to confirm
4. The next OAuth2 request you make will return a refresh_token

phptuts

Leave a Reply Cancel reply

You must be logged in to post a comment.