DEV Community

Justin Poehnelt
Justin Poehnelt

Posted on • Originally published at justin.poehnelt.com on

Verify a Google access token

A Google access token can be verified using the following command to an Oauth2 endpoint:

curl "https://www.googleapis.com/oauth2/v1/tokeninfo?access_token=$GOOGLE_ACCESS_TOKEN"
Enter fullscreen mode Exit fullscreen mode

The response will include the scope and additional information about the access token similar to the following for a service account access token:

{
  "issued_to": "1068863916064001234",
  "audience": "1068863916064001234",
  "user_id": "1068863916064001234",
  "scope": "https://www.googleapis.com/auth/userinfo.email openid",
  "expires_in": 3555,
  "email": "my-service-account@my-project.iam.gserviceaccount.com",
  "verified_email": true,
  "access_type": "online"
}
Enter fullscreen mode Exit fullscreen mode

Top comments (3)

Collapse
 
dileepamabulage profile image
Dileepa Mabulage

Isn't there an inbuilt function in google-auth-library in nodejs

Collapse
 
jpoehnelt profile image
Justin Poehnelt

Possibly, not everyone wants to pull in those libraries though.

Collapse
 
dileepamabulage profile image
Dileepa Mabulage • Edited

After 3 or 4 token info API requests it throws 400 responses. But the Google APIs are working with the same access token.

Read next

rithmschool profile image

One year later: Rithm's behavioral interviews

Brittany Lee-Still -

jamescantor38 profile image

How to Create a Winning Test Automation Strategy

Jamescarton -

rubensibon profile image

Install Arch Linux in WSL2 on a managed device

Ruben Sibon -

anabujan profile image

In-App Subscription Testing with Google Play Sandbox

Ana Bujan -