8

When you create credentials on Google Developer console You can create several different types of credentials depending upon which type is created you could have any of the following

  • Public API key
  • Client ID
  • Client Secret
  • Service account email address

They all have different formats. I have deleted the ones I am posting.

  • Public API key: AIzaSyAcMvMr_bk91qRKZ5SGYEvF5HWjXVE7Xkk
  • Client Id : 1046123799103-d0vpdthl4ms0soutcrpe036ckqn7rfpn.apps.googleusercontent.com
  • Client secret: G5QtTuBDp6ejKraR0XodNwaW
  • Service account email address: 1046123799103-6v9cj8jbub068jgmss54m9gkuk4q2qu8@developer.gserviceaccount.com

Is there any way to validate these in my application. What kind of keys are they?

I am using C# but any info on what kind of keys the are would be of help.

I could probably come up with some kind of RegEx check for client id and service account email. But there must be a way of validating them better then that.

Update:

Google lets you validate the access token why is there no way to validate the credentials TokenInfo validation

Not working. 

Convert.FromBase64String("AIzaSyAcMvMr_bk91qRKZ5SGYEvF5HWjXVE7Xkk");
Linda Lawton - DaImTo
  • 106,405
  • 32
  • 180
  • 449

1 Answers1

6

The only way to verify if the credentials are valid is try and use them and see if the server accepts them.

There is no checksum or algorithm you can check, Google did not specify a format for those tokens so they are allowed to change it at any time. You can only treat them as opaque blobs and just pass them off and see what the server responds.

Scott Chamberlain
  • 124,994
  • 33
  • 282
  • 431
  • Thank you for your anwser, it looks like i am just going to have to test if the strings where passed as null and hope. I will add a catch as well in the code to catch the error if it was invalid. – Linda Lawton - DaImTo Nov 26 '15 at 08:02