0

thanks to take time and give me some help

This is my situation: I have a web application that use google calendar api, but the user let say userA only have access to read the calendars, to create an event in the calendar I have to impersonate the request to the google api and send an auth_token with write grant, let say UserB (the userb exist in the database, and I save there access_token and refresh token) provided by firebase

My question is, can I use, the refresh token firebase response to refresh the access_token? or that refresh token will not work with the google oath api?

Thanks for your help any comment is welcome.

Diego Curbelo
  • 11
  • 1
  • 3

1 Answers1

0

No, you cannot use the refresh token from one token to refresh another token.

The refresh token must be requested when the OAuth 2.0 flow is started. The returned OAuth 2.0 Token will include a number of items, which include the Access Token and optionally the Refresh Token.

John Hanley
  • 74,467
  • 6
  • 95
  • 159
  • Thanks for answer, I will not try to cross refresh token, what I need is refresh an access token out side of firebase but using the refresh token firebase provide me when the user made the login I save his/her refresh token then i will Call this endpoint https://www.googleapis.com/oauth2/v4/token using the refresh token firebase give me. I try a lot of and always give me invalid grant access. – Diego Curbelo Nov 18 '18 at 23:51