Google only returns ID and picture of user

Question

I am authenticating users through oAuth against Google as the IdP. I cannot, for the life of me, get Google to return anything but the ID and the picture url. I have requested the proper fields (email family_name, given_name, id), but I still only get back the ID and picture field.

I am using the "https://www.googleapis.com/userinfo" endpoint in a get request with the following query string values:

• state
• access_token
• fields(which are: email family_name given_name id)
• key

What I get back is the unique ID and the path to the user's thumbnail photo, but I do not get the other scope items.

Get Request:

https://www.googleapis.com/userinfo?state=MyUniqueValue&key=MyAPIKey&fields=email%2Cfamily_name%2Cgiven_name%2Cid&access_token=y26.bigrandomstring

I have also tried:

https://www.googleapis.com/userinfo?state=MyUniqueValue&key=MyAPIKey&fields=email,family_name,given_name,id&access_token=y26.bigrandomstring

I even tried the deprecated, then de-deprecated endpoint with formfields:

https://accounts.google.com/o/oauth2/v2/auth?access_token=y26.bigrandomstring&scope=https://www.googleapis.com/auth/plus.me

No matter what I use, I still get back the same thing every time:

{
  "id": "1067xxxxxxxx50",
  "picture": "https://lh6.googleusercontent.com/-7RzMk8xmlAg/AAAAAAAAAAI/AAAAAAAAAAA/SfdfsdfsdfYaBtg/photo.jpg"
}

I even get the "200 OK" response. Any ideas?

Answer 1

When the openid scope is requested as part of the OAuth flow, it will return the sub id and the picture link associated with that user.

If you want additional fields returned associated with the user profile, request the additional oauth scopes of https://www.googleapis.com/auth/userinfo.profile or https://www.googleapis.com/auth/userinfo.email,

which return the profile fields of "email email_verified, family_name, given_name, locale, name, picture, sub"

and "email, email_verified, picture, sub", respectively.

Answer 2

I found the issue. I was using the wrong endpoint and scope. The correct endpoint and scope were:

https://people.googleapis.com/v1/people/me?personFields=names,emailAddresses

As part of the request I have formfields of access_token and key (api key).