Develop Reference

Google Oauth2.0 endpoint returns 404 Error

I'm trying to get the access token using an http request.
According to the Oauth guide:
https://developers.google.com/identity/protocols/oauth2/web-server#incrementalAuth
the endpoint for exchanging authorization code to access token is https://oauth2.googleapis.com/token but it gives a page can't be found HTTP 404 error
Here's my entire url (I've replaced the code, client id, and secrets)
https://oauth2.googleapis.com/token?
code=xxxxx&
client_id=xxxxx&
client_secret=xxxxx&
redirect_uri=http://localhost&
grant_type=authorization_code

It looks like you are passing in the required fields as query parameters, but you need to put them in the post body and send an HTTPS POST request to https://oauth2.googleapis.com/token. You can find this information further down in the documentation you were referring to: https://developers.google.com/identity/protocols/oauth2/web-server#httprest_7.

Not able to get access token from refresh token

i am getting this error while requesting for a new token from a refresh token in graph API.
can any i suggest please.
Thanks

It seems like you are forgetting to pass the grant_type, which tells the token service what it should be doing.
You should pass: grant_type=refresh_token
This information can be found in our documentation: Refreshing the access tokens
// Line breaks for legibility only
POST /{tenant}/oauth2/v2.0/token HTTP/1.1
Host: https://login.microsoftonline.com
Content-Type: application/x-www-form-urlencoded
client_id=6731de76-14a6-49ae-97bc-6eba6914391e
&scope=https%3A%2F%2Fgraph.microsoft.com%2Fmail.read
&refresh_token=OAAABAAAAiL9Kn2Z27UubvWFPbm0gLWQJVzCTE9UkP3pSx1aXxUjq...
&redirect_uri=http%3A%2F%2Flocalhost%2Fmyapp%2F
&grant_type=refresh_token
&client_secret=JqQX2PNo9bpM0uEihUPzyrh // NOTE: Only required for web apps

Google OAuth 2.0 redirect_uri_mismatch error for cross-client single-sign on

We are trying to implement Google's OAuth 2.0 cross-client sign-on functionality so that our server keeps the tokens and associates them with users, as shown in the diagram for the flow here: Google OAuth 2.0 Server-Side Flow
I am able to successfully retrieve a one-time access code on the client app. I then send that code to the server via a post to "http://example.com/oauth2callback/code="
It gets to the server just fine. The server then attempts a POST to Google that looks like this:
POST /o/oauth2/token HTTP/1.1
Host: accounts.google.com
Content-Type: application/x-www-form-urlencoded
code={My Code}&
client_id={My Client ID}&
client_secret={My Client Secret}&
redirect_uri="http://example.com/oauth2callback"&
grant_type=authorization_code
However, each time the server is returning "Error: redirect_uri_mismatch."
We have tried everything. We double-checked the redirect_uri matches EXACTLY in the Google console and the client ID and client secret are correct. It still doesn't work. Any ideas?

In the "server-side" flow your redirect_uri should be set to postmessage. Unfortunately that is not clearly documented by Google. See also Google OAuth 2.0 "error" : "redirect_uri_mismatch" and related questions/answers.

We figured this out eventually, but I wanted to post this here so that others can find it. It turns out that you should NOT specify a redirect URI if you are exchanging a one-time access code for an access token via communicating with Google's servers from your own server. Instead, it should look like this:
POST /o/oauth2/token HTTP/1.1
Host: accounts.google.com
Content-Type: application/x-www-form-urlencoded
code={My Code}&
client_id={My Client ID}&
client_secret={My Client Secret}&
redirect_uri=''&
grant_type=authorization_code

Google Oauth 2.0 authentication for limited input device not working

I am trying to use a custom java application of mine to upload videos to my youtube account via an access limited device like a Raspberry pi running as a server.
For this I am using the Google Oauth 2.0 for limited input device as a reference.
Here I am facing following problem:
After getting the Device code via following similar call (Step 2 from the link):
POST /o/oauth2/device/code HTTP/1.1
Host: accounts.google.com
Content-Type: application/x-www-form-urlencoded
client_id=1084945748469-eg34imk572gdhu83gj5p0an9fut6urp5.apps.googleusercontent.com&
scope=https://www.googleapis.com/auth/youtube
Google Oauth server responds with 'user_code' and 'verification_url' (Step 3 from the link):
{ "device_code" : "4/L9fTtLrhY96442SEuf1Rl3KLFg3y", "user_code" :
"a9xfwk9c", "verification_url" : "http://www.google.com/device",
"expires_in" : "1800" "interval" : 5, }
Now I am giving the requisite permission by opening the url as responded by google server.
Finally I am trying to get the access token from Google server (Step 4 from the link) by posting similar request:
POST /o/oauth2/token HTTP/1.1
Host: accounts.google.com
Content-Type: application/x-www-form-urlencoded
client_id=1084945748469-eg34imk572gdhu83gj5p0an9fut6urp5.apps.googleusercontent.com&
client_secret=hDBmMRhz7eJRsM9Z2q1oFBSem&
code=4/YMSlR3fSCC1NtUh073DuZKTJJ3ss&
grant_type=http://oauth.net/grant_type/device/1.0
but instead of getting the 'access_token' as response I am getting the following :
Status Code:400 Response: { "error" : "invalid_request",
"error_description" : "Required parameter is missing: grant_type" }
Note : With or without url encoding, my problem stays the same.
Can someone please help me as to whether it's the Google Oauth 2.0 api is buggy or my request is faulty?
***************************************UPDATE*************************************
I tried the same steps with some alternative tools instead of my custom java application, so I tried Fiddler and curl, the surprise is as follows:
All of the calls worked right as mentioned by Google Oauth 2.0 for limited input device for curl.
Same issue was observed with Fiddler as was with my custom java app.
I am still unable to figure out the difference yet, still need help.
************UPDATE#2**************
Fiddler request:
(url encoded, obscured client secret)
(One can get oauth credentials (client_id and client_secret) by following this)
POST HTTP/1.1
https://accounts.google.com/o/oauth2/token?client_id=308065994473-ur9dd7003ajs6mvr5s4kqnugr6j8tsf2.apps.googleusercontent.com&client_secret=XXXXXXXXXXXXXXX&code=4%2FWR-qiTquqB0e4-0LCy0-7rZ2kkE2&grant_type=http%3A%2F%2Foauth.net%2Fgrant_type%2Fdevice%2F1.0
Content-Type: application/x-www-form-urlencoded
(non url encoded, obscured client secret)
POST HTTP/1.1
https://accounts.google.com/o/oauth2/token?client_id=308065994473-ur9dd7003ajs6mvr5s4kqnugr6j8tsf2.apps.googleusercontent.com&client_secret=XXXXXXXXXXXXXX&code=4/WR-qiTquqB0e4-0LCy0-7rZ2kkE2&grant_type=http://oauth.net/grant_type/device/1.0
Java code project is available at (maven project, check the test case for the Oauth calls):
https://docs.google.com/file/d/0B8ltWBtPF-DVMDZFNHNMZXpCQlk

The value is wrong, you should use grant_type=authorization_code as this says.

Can't get access token google drive sdk

I want to use Google drive api in my application, that's why I'm using OAuth 2.0 for Installed Applications. But I have a problem - I can't get an access token. At first I successfully get the authorization code using the following request:
https://accounts.google.com/o/oauth2/auth?
scope=https://www.googleapis.com/auth/drive.file&
redirect_uri=[my redirect_uri from from Developers Console]&
response_type=code&
client_id=[My client ID for native application from Developers Console]
Then I try to get an access token using received authorization code using the following request:
POST /o/oauth2/token HTTP/1.1
Host: accounts.google.com
Content-Type: application/x-www-form-urlencoded
code={My uthorization code}&
client_id=[My client Id]&
client_secret=[My clien secret]&
redirect_uri=[my redirect_uri from from Developers Console]&
grant_type=authorization_code
All the time server returns 400. Can you tell me what could be the problem?

Trace the http request
Go to OAuth2 Playground and do the same
Spot the difference
It may be that you aren't urlencoding the params