keaton
Reputation: 177
How does "auth code and access/refresh token" exchange happens in Google oAuth flow
Sorry, for what I am asking might be obvious. I've been thinking, is this the Client Library (for php, python, etc) that generates the access token itself based on the Auth code we receive after a user fulfills the consent screen OR the client library requests the Google server for the access token.
Upvotes: 1
Views: 393
Answers (1)
Jay Lee
Reputation: 13528
As explained in step 5 of the flow, it's an HTTPS call to Google.
To exchange an authorization code for an access token, call the https://www.googleapis.com/oauth2/v4/token endpoint
Upvotes: 2
Related Questions
- How do refresh tokens work in an OAuth flow?
- Understanding Google OAuth2 Refresh tokens
- Want to understand OAuth Code flow where Application passes the Access_Token on user's behalf to the API to get the resources
- Understanding OAuth2 flow
- How does GoogleCredential token refresh work?
- Why Google OAuth2 needs client secret and refresh token to get access token?
- Google Api Refresh Token Clarification
- OAuth 2.0 Access Tokens and Refresh Tokens
- Is a refresh token same as a request token?
- Trying to understand the OAuth2 flow