Search code examples
oauthyoutubeoauth-2.0youtube-apiyoutube-data-api

Not getting refresh token in YouTube OAuth

I am doing server side OAuth following this guide.

I successfully completed the OAuth, but am not getting a refresh_token in the step Exchange authorization code for refresh and access tokens:

Request:

POST /o/oauth2/token HTTP/1.1
HOST: accounts.google.com
content-type: application/x-www-form-urlencoded
content-length: 260

code=4/KEOuzih9jwfnHj7Rl1DeqHhcJF0goKPwtwR5IQ09ieg&
client_id=****.apps.googleusercontent.com&
client_secret=****&
redirect_uri=http%3A%2F%2Flocalhost%3A8000%2FsSignIn.html&
grant_type=authorization_code

Response:

{
  "access_token" : "****",
  "expires_in" : 3580,
  "token_type" : "Bearer"
}

Am I missing something?

Solution

  • Two things needed to be done:

    1. To get refresh token, you have to pass access_type=offline as query parameter to the oauth start request. This will make sure you get the refresh token when doing the oauth for the first time for the account.
    2. To get the refresh token on doing the oauth again and again for the same account, you have to pass prompt=consent as query parameter to the oauth start request.

    Reference: https://developers.google.com/identity/protocols/OAuth2WebServer#offline