Skip to content

Instantly share code, notes, and snippets.

Embed
What would you like to do?
Curl bash script for getting a Google Oauth2 Access token
# Client id from Google Developer console
# Client Secret from Google Developer console
# Scope this is a space seprated list of the scopes of access you are requesting.
# Authorization link. Place this in a browser and copy the code that is returned after you accept the scopes.
https://accounts.google.com/o/oauth2/auth?client_id=[Application Client Id]&redirect_uri=urn:ietf:wg:oauth:2.0:oob&scope=[Scopes]&response_type=code
# Exchange Authorization code for an access token and a refresh token.
curl \
--request POST \
--data "code=[Authentcation code from authorization link]&client_id=[Application Client Id]&client_secret=[Application Client Secret]&redirect_uri=urn:ietf:wg:oauth:2.0:oob&grant_type=authorization_code" \
https://accounts.google.com/o/oauth2/token
# Exchange a refresh token for a new access token.
curl \
--request POST \
--data 'client_id=[Application Client Id]&client_secret=[Application Client Secret]&refresh_token=[Refresh token granted by second step]&grant_type=refresh_token' \
https://accounts.google.com/o/oauth2/token
@bmsrox

This comment has been minimized.

Copy link

@bmsrox bmsrox commented Nov 6, 2017

Hi ... I've been trying to use that, but show an error
{ "error" : "invalid_request", "error_description" : "Required parameter is missing: grant_type" }

@contributorpw

This comment has been minimized.

Copy link

@contributorpw contributorpw commented Nov 15, 2017

@bmsrox
Maybe you use another auth flow?
Try setup

grant_type=client_credentials

https://tools.ietf.org/html/rfc6749#section-4

@ChanakyaSrinivas

This comment has been minimized.

Copy link

@ChanakyaSrinivas ChanakyaSrinivas commented Nov 29, 2017

Hi All,

How to authenticate gmail user for google calendar using curl statements?

can you please help me out

@LindaLawton

This comment has been minimized.

Copy link
Owner Author

@LindaLawton LindaLawton commented Jul 17, 2018

Note it also works using

curl -d client_id=vpdthl4ms0soutcrpe036ckqn7rfpn.apps.googleusercontent.com -d client_secret=uxpj6hx1H2N5BFqdnaNhIbie -d grant_type=authorization_code -d redirect_uri=urn:ietf:wg:oauth:2.0:oob -d code=4/AABvK4EPc__nckJBK9UGFIhhls_69SBAyidj8J_o3Zz5-VJN6nz54ew https://accounts.google.com/o/oauth2/token

now links to How to connect to the Google Drive API using cURL?

@eruffaldi

This comment has been minimized.

Copy link

@eruffaldi eruffaldi commented Sep 25, 2018

Similar but with all the steps and macro replacements
https://gist.github.com/eruffaldi/98cfb6cc5b11a3778ac9dcb507ac75f4

@ghost

This comment has been minimized.

Copy link

@ghost ghost commented Mar 26, 2019

Hi All,
I was tried the script, but I am getting the
{
"error": "invalid_grant",
"error_description": "Bad Request"
}

Then I changed the grant_type=client_credentials and tried. But again get the error that pasted below.

curl
--request POST
--data "code=4/GQEg70zaxHAuRhhd6A1RB_6LIxwwBV8ak5xRP-nZIBTjuvt4g3fTWyU&client_id=954040553015-bphgid2596t65i91827omteq778cp7gj.apps.googleusercontent.com&client_secret=Sn3giYFFPMCNteKC--938xsP&redirect_uri=urn:ietf:wg:oauth:2.0:oob&grant_type=client_credentials"
https://accounts.google.com/o/oauth2/token

Respose:
{
"error": "unsupported_grant_type",
"error_description": "Invalid grant_type: client_credentials"
}

Also, tried LindaLawton's curl command that pasted below and getting the error.

curl -d client_id=954040553015-bphgid2596t65i91827omteq778cp7gj.apps.googleusercontent.com -d client_secret=Sn3giYFFPMCNteKC--938xsP -d grant_type=authorization_code -d redirect_uri=urn:ietf:wg:oauth:2.0:oob -d code=4/GQEg70zaxHAuRhhd6A1RB_6LIxwwBV8ak5xRP-nZIBTjuvt4g3fTWyU https://accounts.google.com/o/oauth2/token

Response:
{
"error": "invalid_grant",
"error_description": "Bad Request"
}

@viniciusd

This comment has been minimized.

Copy link

@viniciusd viniciusd commented Aug 12, 2019

Got invalid_grant as well. The reason is that the given authorization code can only be used once.

If one performs a malformed request with the code, it is now lost and you should retrive a new one.

I am performing those steps using httpie, so it looks like:

http 'https://accounts.google.com/o/oauth2/auth' 'client_id==[Application Client Id]' redirect_uri==urn:ietf:wg:oauth:2.0:oob 'scope==[Scopes]' 'response_type==code'
# This is gonna give you a Redirect, you should open that location on your browser and accept it manually
http -f POST 'https://accounts.google.com/o/oauth2/token' 'client_id=[Application Client Id]' client_secret=[Application Client Secret] 'code=[Authentcation code from authorization link]' grant_type=authorization_code redirect_uri=urn:ietf:wg:oauth:2.0:oob
@prdpjngd

This comment has been minimized.

Copy link

@prdpjngd prdpjngd commented Aug 18, 2019

curl -d client_id=vpdthl4ms0soutcrpe036ckqn7rfpn.apps.googleusercontent.com -d client_secret=uxpj6hx1H2N5BFqdnaNhIbie -d grant_type=authorization_code -d redirect_uri=urn:ietf:wg:oauth:2.0:oob -d code=4/AABvK4EPc__nckJBK9UGFIhhls_69SBAyidj8J_o3Zz5-VJN6nz54ew https://accounts.google.com/o/oauth2/token

TRYED IT WORKed

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.