On documentation (https://developers.google.com/accounts/docs/OAuth2Login#validatingtoken) I read that I need to verify token, and check if my app was the intendend target.
I built a simple android app that create an oauth token. This url: https://www.googleapis.com/oauth2/v1/tokeninfo?access_token={accessToken} gives me an "audience" field filled with a value. How can I check on my webserver if it's the right one? If I'm right I should check that "audience" field == "client_id" of my android app. Where can I read my app client_id?
You received this message because you are subscribed to the Google
Groups "Android Developers" group.
To post to this group, send email to android-developers@googlegroups.com
To unsubscribe from this group, send email to
android-developers+unsubscribe@googlegroups.com
For more options, visit this group at
http://groups.google.com/group/android-developers?hl=en
No comments:
Post a Comment