cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Help

OAuth2 access token for report state session

Go to answer
debugging
Community Member

3 weeks ago - last edited 3 weeks ago

According to this article an access token need to be created. I have done this. however, how to refresh this token or is it valid forever ? I wish to get an access token and refresh token using a normal oauth2 client instead of the oauth2L tool

1. Is there a Google report state  oauth2 authorization endpoint ? if yes, it this called via implicit ? how to call this ?

2. Is there Google  report state oauth2 token endpoint for getting the token for a new session or refresh ?

Why is report state implement via this custom tool instead of a normal oauth2 client  ?

https://developers.home.google.com/cloud-to-cloud/integration/report-state?authuser=0

 

0 Kudos
1 Recommended Answer

Go to answer
arm_dpe
Solutions Expert
Solutions Expert

2 weeks ago

Thanks for sharing.

You don't need a separate OAuth2 authorization endpoint for the Report State API. Instead, your cloud service should already be managing access and refresh tokens for each user through the initial account linking process. The Report State API simply reuses these existing tokens.

If an access token expires, your service needs to use the standard OAuth2 refresh token flow that you've already implemented. Google doesn't have a special endpoint for refreshing tokens for the Report State API—your own OAuth2 server handles the entire token lifecycle.

The reason for this design is that the Report State API isn't a user-facing process; it's a way for your cloud service to proactively update Google about device state changes. Reusing the existing OAuth2 infrastructure ensures consistent and secure authorization without forcing users to re-authenticate.

View Recommended Answer in original post

0 Kudos
2 REPLIES 2

Go to answer
arm_dpe
Solutions Expert
Solutions Expert

2 weeks ago

Thanks for sharing.

You don't need a separate OAuth2 authorization endpoint for the Report State API. Instead, your cloud service should already be managing access and refresh tokens for each user through the initial account linking process. The Report State API simply reuses these existing tokens.

If an access token expires, your service needs to use the standard OAuth2 refresh token flow that you've already implemented. Google doesn't have a special endpoint for refreshing tokens for the Report State API—your own OAuth2 server handles the entire token lifecycle.

The reason for this design is that the Report State API isn't a user-facing process; it's a way for your cloud service to proactively update Google about device state changes. Reusing the existing OAuth2 infrastructure ensures consistent and secure authorization without forcing users to re-authenticate.

0 Kudos

Go to answer
debugging
Community Member

2 weeks ago

Many thanks. So I need to change my access token  for sending report state after google refreshes the token to my OAUTH service?

 

0 Kudos