Get refresh token google api

Question

I can t get my refresh token with my code  I can only get my access token  token type etc   I have followed some tutorials like putting access type offline on my login URL   echo   lt a href  https   accounts google com o oauth2 auth           access type offline amp client id 123345555 apps googleusercontent com amp           scope https   www googleapis com auth calendar https   www googleapis com auth plus me amp response type code amp           redirect uri http   www sample com sample php amp state  profile  gt Google lt  a gt      and my fields in getting the access token    fields array       code   gt   urlencode  authcode        client id   gt  urlencode  clientid        client secret   gt  urlencode  clientsecret        redirect uri   gt  urlencode  redirecturi        grant type   gt   authorization code        but I can t get refresh token  just the access token  token type  id token and expires in

User · Answer

For those using the Google API Client Library for PHP and seeking offline access and refresh tokens beware as of the time of this writing the docs are showing incorrect examples.

currently it's showing:

$client = new Google_Client();
$client->setAuthConfig('client_secret.json');
$client->addScope(Google_Service_Drive::DRIVE_METADATA_READONLY);
$client->setRedirectUri('http://' . $_SERVER['HTTP_HOST'] . '/oauth2callback.php');
// offline access will give you both an access and refresh token so that
// your app can refresh the access token without user interaction.
$client->setAccessType('offline');
// Using "consent" ensures that your application always receives a refresh token.
// If you are not using offline access, you can omit this.
$client->setApprovalPrompt("consent");
$client->setIncludeGrantedScopes(true);   // incremental auth

source: https://developers.google.com/identity/protocols/OAuth2WebServer#offline

All of this works great - except ONE piece

$client->setApprovalPrompt("consent");

After a bit of reasoning I changed this line to the following and EVERYTHING WORKED

$client->setPrompt("consent");

It makes sense since using the HTTP requests it was changed from approval_prompt=force to prompt=consent. So changing the setter method from setApprovalPrompt to setPrompt follows natural convention - BUT IT'S NOT IN THE DOCS!!! That I found at least.

User · Answer

If I may expand on user987361 s answer   From the offline access portion of the OAuth2 0 docs      When your application receives a refresh token  it is   important to store that refresh token for future use  If your   application loses the refresh token  it will have to re-prompt the   user for consent before obtaining another refresh token  If you need   to re-prompt the user for consent  include the approval prompt   parameter in the authorization code request  and set the value to   force    So  when you have already granted access  subsequent requests for a grant type of authorization code will not return the refresh token  even if access type was set to offline in the query string of the consent page   As stated in the quote above  in order to obtain a new refresh token after already receiving one  you will need to send your user back through the prompt  which you can do by setting approval prompt to force   Cheers   PS This change was announced in a blog post as well

User · Answer

OAuth  has  two  scenarios  in real mode  The normal and default style of access is called online  In some cases  your application may need to access a Google API when the user is not present It s  offline  scenarios     a refresh token is obtained in offline scenarios during the first authorization code exchange   So  you can get  refersh token  is some scenarios  not all   you can have the content in https   developers google com identity protocols OAuth2WebServer offline

User · Answer

Since March 2016  use prompt consent to regenerate Google API refresh token   As mentioned in https   github com googleapis oauth2client issues 453       approval prompt force has been replaced with prompt none consent select account

User · Answer

It is access type offline that you want    This will return the refresh token the first time the user authorises the app  Subsequent calls do not force you to re-approve the app  approval prompt force    See further detail  https   developers google com accounts docs OAuth2WebServer offline

User · Answer

Found out by adding this to your url parameters  approval prompt force  Update   Use access type offline amp prompt consent instead   approval prompt force no longer works https   github com googleapis oauth2client issues 453

User · Answer

For our app we had to use both these parameters access type offline amp prompt consent   approval prompt force did not work for us

User · Answer

Hi I followed following steps and I had been able to get the refresh token    Authorization flow has two steps    Is to obtain the authorization code using https   accounts google com o oauth2 auth  URL   For that a post request is sent providing following parameters   scope     SCOPE     amp client id     CLIENTID     amp redirect uri     REDIRECT     amp response type     TYPE     amp access type offline  Providing above will receive a authorization code  Retrieving AcessToken and RefreshToken using https   accounts google com o oauth2 token  URL  For that a post request is sent providing following parameters     code    code   client id    CID       client secret    CSECRET       redirect uri    REDIRECT       grant type     authorization code     So in your first attempt once you authorize the permissions you will be able to get the Refresh token  Subsequent attempts will not provide the refresh token  If you want the token again the revoke the access in you application   Hope this will help someone cheers

User · Answer

This is complete code in PHP using google official SDK   client   new Google Client       some need parameter  client- gt setApplicationName  your application name     client- gt setClientId                       client- gt setClientSecret                   client- gt setRedirectUri  http   your website tld complete url2redirect     client- gt setScopes  https   www googleapis com auth userinfo email       these two lines is important to get refresh token from google api  client- gt setAccessType  offline     client- gt setApprovalPrompt  force      this line is important when you revoke permission from your app  it will prompt google approval dialogue box forcefully to user to grant offline access

[google-calendar-api] Get refresh token google api

Examples related to google-calendar-api

Examples related to token

Examples related to access-token

Examples related to gdata