Here is the detailed explanation for your StackOverflow post:
Google OAuth2 Refresh Token: Invalid Grant Error and Calendar API Authentication Issues
Issue:
I am working on integrating Google OAuth2 with my application. I can successfully sign in and receive a working access token and refresh token. I can use the access token to create events in Google Calendar. However, I encounter issues when trying to refresh the access token.
Details:
Initial Sign-In:
Refreshing the Access Token:
First Refresh Token Request and Response:
Initial sign-in and obtaining access token and refresh token:
curl -X POST \ 'https://securetoken.googleapis.com/v1/token?key=MY_API_KEY' \ -H 'Content-Type: application/json' \ -d '{ "grant_type": "refresh_token", "refresh_token": "MY_REFRESH_TOKEN" }' # Response: { "access_token": "NEW_ACCESS_TOKEN", "expires_in": "3600", "token_type": "Bearer", "refresh_token": "NEW_REFRESH_TOKEN", "id_token": "ID_TOKEN", "user_id": "USER_ID", "project_id": "PROJECT_ID" }
Using the New Access Token:
Attempting to create a calendar event with the new access token:
curl -X POST \ 'https://www.googleapis.com/calendar/v3/calendars/primary/events' \ -H 'Authorization: Bearer NEW_ACCESS_TOKEN' \ -H 'Content-Type: application/json' \ -d '{ "summary": "Test Meeting", "description": "This is a test meeting created via cURL", "start": { "dateTime": "2024-05-28T14:00:00+01:00" }, "end": { "dateTime": "2024-05-28T15:00:00+01:00" }, "attendees": [ { "email": "email@domain.com", "responseStatus": "accepted" } ], "conferenceData": { "createRequest": { "requestId": "unique-request-id-123", "conferenceSolutionKey": { "type": "hangoutsMeet" } } } }'
Error:
{ "error": { "code": 401, "message": "Request had invalid authentication credentials. Expected OAuth 2 access token, login cookie or other valid authentication credential. See https://developers.google.com/identity/sign-in/web/devconsole-project.", "errors": [ { "message": "Invalid Credentials", "domain": "global", "reason": "authError", "location": "Authorization", "locationType": "header" } ], "status": "UNAUTHENTICATED" } }
Trying to Refresh the Token via https://oauth2.googleapis.com/token:
curl -X POST \ 'https://oauth2.googleapis.com/token' \ -H 'Content-Type: application/x-www-form-urlencoded' \ -d 'client_id=YOUR_CLIENT_ID&client_secret=YOUR_CLIENT_SECRET&refresh_token=YOUR_REFRESH_TOKEN&grant_type=refresh_token'
Error:
{ "error": "invalid_grant", "error_description": "Bad Request" }
Summary:
Tried also getting a token from Google in parallel. It gives me the same token and won't refresh.
Any insights or solutions to resolve this would be greatly appreciated!
I want to acquire a new access token.