Google OAuth invalid_grant / Bad Request - Solution in description

Question

According to the authentication code flow, I am trying to get an access token from Google.

As it does not work from my backend, I tried to curl/postman it but this does not work either.

curl -d "&code=4/IkYUPa4FNw_-o6bd4v5dLqVx4ssGfyPJRBQFzy9aNQ&client_id=807080008535-9ji0g54v0lt9b6ukn19rp807k3j2t0uj.apps.googleusercontent.com&client_secret=SOMESECRET&redirect_uri=com.fitisfit.app:/googlefit&grant_type=authorization_code" https://www.googleapis.com/oauth2/v4/token

This is the error I get:

{
    "error": "invalid_grant",
    "error_description": "Bad Request"
}

If I do this curl many times (3 or 4) in a row, I get an error saying that the code is already redeemed. So there might be something happening on Google's site.

I did some research, but none of the suggestions helped (spelling, checking server time, adding access_type=offline to the first OAuth step url, etc.)

UPDATE: I just found the issue. I had to set up curl parameters like:

curl \
  -d code=4/LjNMkGqqQvJAB96Z6F-U52u4kqo5RHkqLp0LJYZ-zAw \
  -d client_id=807080008535-9ji0g54v0lt9b6ukn19rp807k3j2t0uj.apps.googleusercontent.com \
  -d client_secret=SOMESECRET \
  -d redirect_uri=http://localhost \
  -d grant_type=authorization_code https://www.googleapis.com/oauth2/v4/token

Answer 1

While generating the code, please don't write access_type = 'offline'

Generate code using postman: API: https://accounts.google.com/o/oauth2/v2/auth Params:

1. client_id = 'Your Client ID'
2. response_type = 'code'
3. scope = 'https://www.googleapis.com/auth/blogger'
4. redirect_uri = 'Your URL like my is: https://trybotics.com'

Using this you will get the code then call https://www.googleapis.com/oauth2/v4/token API with the same parameter that you are using for curl.