Skip to content

Instantly share code, notes, and snippets.

Embed
What would you like to do?
Curl bash script for getting a Google Oauth2 Access token
# Client id from Google Developer console
# Client Secret from Google Developer console
# Scope this is a space seprated list of the scopes of access you are requesting.
# Authorization link. Place this in a browser and copy the code that is returned after you accept the scopes.
https://accounts.google.com/o/oauth2/auth?client_id=[Application Client Id]&redirect_uri=urn:ietf:wg:oauth:2.0:oob&scope=[Scopes]&response_type=code
# Exchange Authorization code for an access token and a refresh token.
curl \
--request POST \
--data "code=[Authentcation code from authorization link]&client_id=[Application Client Id]&client_secret=[Application Client Secret]&redirect_uri=urn:ietf:wg:oauth:2.0:oob&grant_type=authorization_code" \
https://accounts.google.com/o/oauth2/token
# Exchange a refresh token for a new access token.
curl \
--request POST \
--data 'client_id=[Application Client Id]&client_secret=[Application Client Secret]&refresh_token=[Refresh token granted by second step]&grant_type=refresh_token' \
https://accounts.google.com/o/oauth2/token
@bmsrox

This comment has been minimized.

Copy link

commented Nov 6, 2017

Hi ... I've been trying to use that, but show an error
{ "error" : "invalid_request", "error_description" : "Required parameter is missing: grant_type" }

@contributorpw

This comment has been minimized.

Copy link

commented Nov 15, 2017

@bmsrox
Maybe you use another auth flow?
Try setup

grant_type=client_credentials

https://tools.ietf.org/html/rfc6749#section-4

@ChanakyaSrinivas

This comment has been minimized.

Copy link

commented Nov 29, 2017

Hi All,

How to authenticate gmail user for google calendar using curl statements?

can you please help me out

@LindaLawton

This comment has been minimized.

Copy link
Owner Author

commented Jul 17, 2018

Note it also works using

curl -d client_id=vpdthl4ms0soutcrpe036ckqn7rfpn.apps.googleusercontent.com -d client_secret=uxpj6hx1H2N5BFqdnaNhIbie -d grant_type=authorization_code -d redirect_uri=urn:ietf:wg:oauth:2.0:oob -d code=4/AABvK4EPc__nckJBK9UGFIhhls_69SBAyidj8J_o3Zz5-VJN6nz54ew https://accounts.google.com/o/oauth2/token

now links to How to connect to the Google Drive API using cURL?

@eruffaldi

This comment has been minimized.

Copy link

commented Sep 25, 2018

Similar but with all the steps and macro replacements
https://gist.github.com/eruffaldi/98cfb6cc5b11a3778ac9dcb507ac75f4

@ghost

This comment has been minimized.

Copy link

commented Mar 26, 2019

Hi All,
I was tried the script, but I am getting the
{
"error": "invalid_grant",
"error_description": "Bad Request"
}

Then I changed the grant_type=client_credentials and tried. But again get the error that pasted below.

curl
--request POST
--data "code=4/GQEg70zaxHAuRhhd6A1RB_6LIxwwBV8ak5xRP-nZIBTjuvt4g3fTWyU&client_id=954040553015-bphgid2596t65i91827omteq778cp7gj.apps.googleusercontent.com&client_secret=Sn3giYFFPMCNteKC--938xsP&redirect_uri=urn:ietf:wg:oauth:2.0:oob&grant_type=client_credentials"
https://accounts.google.com/o/oauth2/token

Respose:
{
"error": "unsupported_grant_type",
"error_description": "Invalid grant_type: client_credentials"
}

Also, tried LindaLawton's curl command that pasted below and getting the error.

curl -d client_id=954040553015-bphgid2596t65i91827omteq778cp7gj.apps.googleusercontent.com -d client_secret=Sn3giYFFPMCNteKC--938xsP -d grant_type=authorization_code -d redirect_uri=urn:ietf:wg:oauth:2.0:oob -d code=4/GQEg70zaxHAuRhhd6A1RB_6LIxwwBV8ak5xRP-nZIBTjuvt4g3fTWyU https://accounts.google.com/o/oauth2/token

Response:
{
"error": "invalid_grant",
"error_description": "Bad Request"
}

@viniciusd

This comment has been minimized.

Copy link

commented Aug 12, 2019

Got invalid_grant as well. The reason is that the given authorization code can only be used once.

If one performs a malformed request with the code, it is now lost and you should retrive a new one.

I am performing those steps using httpie, so it looks like:

http 'https://accounts.google.com/o/oauth2/auth' 'client_id==[Application Client Id]' redirect_uri==urn:ietf:wg:oauth:2.0:oob 'scope==[Scopes]' 'response_type==code'
# This is gonna give you a Redirect, you should open that location on your browser and accept it manually
http -f POST 'https://accounts.google.com/o/oauth2/token' 'client_id=[Application Client Id]' client_secret=[Application Client Secret] 'code=[Authentcation code from authorization link]' grant_type=authorization_code redirect_uri=urn:ietf:wg:oauth:2.0:oob
@prdpjngd

This comment has been minimized.

Copy link

commented Aug 18, 2019

curl -d client_id=vpdthl4ms0soutcrpe036ckqn7rfpn.apps.googleusercontent.com -d client_secret=uxpj6hx1H2N5BFqdnaNhIbie -d grant_type=authorization_code -d redirect_uri=urn:ietf:wg:oauth:2.0:oob -d code=4/AABvK4EPc__nckJBK9UGFIhhls_69SBAyidj8J_o3Zz5-VJN6nz54ew https://accounts.google.com/o/oauth2/token

TRYED IT WORKed

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.