Menu
I just got the following result when I tried to do oauth2 to googleapi. Only one thing: I couldn't find what is id_token used for in documentation.
{ "access_token": "xxxx", "token_type": "Bearer", "expires_in": 3600, "id_token": "veryverylongstring", "refresh_token": "abcdefg" } 
364
ID tokens are issued by the authorization server and contain claims that carry information about the user. They can be sent alongside or instead of an access token. Information in ID Tokens allows the client to verify that a user is who they claim to be.
Access tokens are what the OAuth client uses to make requests to an API. The access token is meant to be read and validated by the API. An ID token contains information about what happened when a user authenticated, and is intended to be read by the OAuth client.
OAuth client ID – Use this credential to authenticate as an end user and access their data. Requires your app to request and receive consent from the user.
id_token is a JSON Web Token (JWT). If you decode it, you'll see it contains multiple assertions, including the ID of the user. See this answer for more details.
192
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
