I'm planning to authenticate users using AccountManager. I can get oauth token. Using a secure http connection I pass it to my webserver where I use it. On documentation ( https://developers.google.com/accounts/docs/OAuth2Login#validatingtoken) I read that I need to verify token, and check if my app was the intendend target.
I built a simple android app that create an oauth token. This url: https://www.googleapis.com/oauth2/v1/tokeninfo?access_token={accessToken} gives me an "audience" field filled with a value. How can I check on my webserver if it's the right one? If I'm right I should check that "audience" field == "client_id" of my android app. Where can I read my app client_id? -- You received this message because you are subscribed to the Google Groups "Android Developers" group. To post to this group, send email to android-developers@googlegroups.com To unsubscribe from this group, send email to android-developers+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/android-developers?hl=en
