Multi-tenancy authentication API reference - get google access token

Get Google Access Token

GEThttps://test.stytch.com/v1/b2b/organizations/{organization_id}/members/{member_id}/oauth_providers/google

Retrieve the saved Google access token and ID token for a member. After a successful OAuth login, Stytch will save the issued access token and ID token from the identity provider. If a refresh token has been issued, Stytch will refresh the access token automatically.

Google One Tap does not return access tokens. If the member has only authenticated through Google One Tap and not through a regular Google OAuth flow, this endpoint will not return any tokens.

Note: Google does not issue a refresh token on every login, and refresh tokens may expire if unused. To force a refresh token to be issued, pass the ?provider_prompt=consent query param into the Start Google OAuth flow endpoint.

Path parameters

organization_id* string

member_id* string

Query parameters

include_refresh_token boolean

Response fields

request_id string

status_code int

provider_type string

provider_subject string

access_token string

access_token_expires_in number

id_token string

refresh_token string

scopes array

curl --request GET \
  --url https://test.stytch.com/v1/b2b/organizations/organization-test-07971b06-ac8b-4cdb-9c15-63b17e653931/members/member-test-32fc5024-9c09-4da3-bd2e-c9ce4da9375f/oauth_providers/google \
  -u 'PROJECT_ID:SECRET' \
  -H 'Content-Type: application/json'

RESPONSE

{
	"request_id": "request-id-test-b05c992f-ebdc-489d-a754-c7e70ba13141",
	"status_code": 200,
	"provider_type": "Google",
	"provider_subject": "10769150350006150715113082367",
	"access_token": "eyJ...",
	"access_token_expires_in": 3600,
	"id_token":  "eyJ...",
	"scopes": ["read:users", "write:users"]
}

Common Error Types

missing_oauth_refresh_token