7

In Google's OIDC guide, section Exchange code for access token and ID token states that I must provide a client_secret.

If I select the relevant client ID from the API console, I do indeed get a JSON file named client_secret_.... However, none of the fields of the JSON object are named secret or anything similar. (The fields are named client_id, project_id, auth_uri, token_uri, auth_provider_x509_cert_url, and redirect_uris.)

So, where do I get this client_secret?

Linda Lawton - DaImTo
  • 106,405
  • 32
  • 180
  • 449
Jon Smark
  • 2,528
  • 24
  • 31

1 Answers1

7

I think the secrete used to be in the file but alternatively you can also find it by looking at the page were you downloaded your json file and you can also click the button to reset said secret.

enter image description here

I would make sure that the credentials are looking at are under OAuth 2.0 client IDs and not Service account keys or API keys only the first one needs a secret I believe.

Update from comments: Creating Oauth Client Id for android will not give you a secret because its not needed in android application should should probably be following Add google sign-in to your android App

Linda Lawton - DaImTo
  • 106,405
  • 32
  • 180
  • 449
  • 4
    Thanks for your reply. If it were that obvious I wouldn't be asking... ;-) Seriously, That page lists only the "Client ID" and the "Creation Date". No "Client secret"... – Jon Smark Jan 30 '17 at 12:08
  • 1
    Take a screen shot of it please. I think you have created the wrong type of credentials. – Linda Lawton - DaImTo Jan 30 '17 at 12:09
  • 1
    @DaImTo, that is good answer, but add this link, please `https://console.developers.google.com/apis/credentials/` and say, that we need to click on our OAuth string, to get that window – zayn1991 Nov 17 '17 at 14:56