Pass the token in your request to your authorized API endpoints.
Make a note of the Client ID and Client Secret provided by Google. Inside your Google Cloud Console, go the APIs & Services section, click on Credentials and click on Create credentials > OAuth Client Id to create a new client ID.ĭuring development, you can put as the redirect URI since the Firebase emulator, by default, will run the web application locally on port 5001. Step 1: Create the Google OAuth 2.0 ClientĬreate a new OAuth 2.0 client inside your Google Cloud project as described in this step by step guide. We are not using Google Sign-in with Firebase Authentication since it does not provide the refresh token that is required to run background API tasks unattended. We’ll thus store the refresh token in Cloud Firestore, and use it to generate a new access token whenever the application needs to access Google APIs on behalf of the user. The access token will expire after an hour but the refresh token will be valid indefinitely (unless manually revoked by the user).
The application then exchanges the authorization code for an access token and a refresh token. The user is asked to grant access to the application. When the user signs in, Google redirects the user to the Google OAuth 2.0 authorization page. The user can sign-in with their Google account and authorize the application to access their Google Drive or any other Google service. Let’s build a simple web application that uses Google OAuth 2.0 to access Google APIs. This tutorial explains how you can sign-in with Google OAuth 2.0, store the refresh token in database and access the various Google APIs with the access token generated from the refresh token.