1

I'm doing some integration tests with the Google authentication API (https://accounts.google.com/o/oauth2/auth) I know it uses Auth2.0. Through my Client_id and client_secret I get a new access token. However, the complete response to the request does not consist of just the access token, it must also come with the refresh_token. I don't know where Postman is storing this value, and I need to find it for my task.

IMAGE 1

IMAGE 2

AndrasPataki
  • 11
  • 3
  • It's been awhile, but I believe the refresh-token is given to you by the Google API itself. Did you read the documentation? -https://developers.google.com/identity/protocols/oauth2 – ryanwebjackson Jun 01 '22 at 00:08
  • I read the entire documentation about the oAuth2.0, I know the refresh-token come together with the access_token, to perform the refresh. Before using postman, I was testing using google-playground and a Flask-Application (web); – AndrasPataki Jun 01 '22 at 07:23
  • The refresh-token is used to get a new access token when necessary - you need to manage it. Are you seeing it on the response when authenticating the first time? – ryanwebjackson Jun 01 '22 at 19:53
  • This post should have all the detail you need: https://stackoverflow.com/questions/35070891/how-to-persist-an-oauth2-token-or-use-a-refresh-token-in-postman-collections – ryanwebjackson Jun 01 '22 at 19:57
  • You send the refresh_token in the POST body when necessary. Only the way variables are managed is unique to Postman. – ryanwebjackson Jun 01 '22 at 19:58
  • 1
    Pretty sure it's because you have received it once and you have to revoke the permissions in order to get a new one. You can check out this post here https://stackoverflow.com/questions/8942340/get-refresh-token-google-api – beckersense Sep 20 '22 at 06:09

0 Answers0