I'd like to use users' Google accounts to authenticate (not authorize) them from a web application and to uniquely identify their Android device[s] that run a companion app. Communications between the platforms will be done via Google Cloud Messaging.
The web service can obtain an auth token when users authenticate their Google accounts via the Google OAuth 2.0 implementation. The Android app obtains an auth token via the AccountManager.
Is the token returned by each platform identical such that it can be used as a reliable ID? If not, am I forced to ask permission to view the user's email address just to accomplish this?
I don't want to access the user's email address for identification--it's an extra permission and responsibility to secure it.
All tokens are unique -- that way, you can withdraw authentication for one device/platform while retaining it for another. Utilize the user_id, which is intended exactly to associate the same user across platforms.