In my earlier article on how to test Google OAuth 2.0 flows from the command line I showed how to generate Google OAuth 2.0 Access Token, Refresh Token, and ID Token.

In this article, I will show how to refresh an Access Token.

You will need your Client ID, Client Secret and Refresh Token.

In this example, the Client ID and Client Secret are stored in the Google secrets file /config/client_secrets.json. The Refresh Token is stored in the file refresh.token. The refresh.token file was created by curl_oauth.bat from my previous article.

Download Git Repository

I have published the files for this article on GitHub.

https://github.com/jhanley-com/google-oauth-2-0-testing-with-curl

License: MIT License

Clone my repository to your system. The code in this article is in directory v3.

Windows Batch Script:

The output from https://www.googleapis.com/oauth2/v4/token looks like this:

Notice the new Access Token and ID Token.

In summary to refresh a Google OAuth 2.0 Access Token requires three items:

  1. Client ID
  2. Client Secret
  3. Refresh Token

However, to obtain a Refresh Token the original OAuth 2.0 authentication must have requested access_type=offline or access_type=consent.