Getting OAuth2 Token for Google Drive in Android App - Authorization Issue

DancingFox · June 15, 2025, 2:44am

I’m building an Android app that needs to upload files to Google Drive using OAuth2 authentication. I can get the authorization token successfully, but when I try to exchange it for an access token, I get an “unauthorized_client” error.

Step 1 works fine - getting auth token:

String SCOPE = "oauth2:https://www.googleapis.com/auth/drive";

accManager.getAuthToken(
    userAccount,
    SCOPE,
    null,
    this,
    new TokenCallback(),
    new Handler(new ErrorHandler()));

class TokenCallback implements AccountManagerCallback<Bundle> {
    @Override
    public void run(AccountManagerFuture<Bundle> future) {
        try {
            Bundle data = future.getResult();
            String token = data.getString(AccountManager.KEY_AUTHTOKEN);
            Log.d("Auth", "Got token: " + token);
            
            new TokenExchange().execute();
        } catch (Exception ex) {
            ex.printStackTrace();
        }
    }
}

Step 2 fails - exchanging for access token:

class TokenExchange extends AsyncTask<Void, Void, Void> {
    @Override
    protected Void doInBackground(Void... args) {
        HttpTransport httpTransport = new NetHttpTransport();
        JsonFactory factory = new GsonFactory();
        String APP_ID = "123456789.apps.googleusercontent.com";
        String APP_SECRET = "mySecretKey123";
        
        try {
            GoogleTokenResponse response = new GoogleAuthorizationCodeTokenRequest(
                httpTransport, factory, APP_ID, APP_SECRET, authToken, REDIRECT_URI
            ).execute();
            
            String finalToken = response.getAccessToken();
            Log.d("Final", "Access token: " + finalToken);
        } catch (IOException ex) {
            ex.printStackTrace();
        }
        return null;
    }
}

Error I’m getting:

com.google.api.client.auth.oauth2.TokenResponseException: 400 Bad Request
{
  "error": "unauthorized_client"
}

I can access Google Drive normally on my device, so my account should be fine. What could be causing this unauthorized_client error? Am I using the wrong approach to exchange the token?

charlottew · June 26, 2025, 8:46pm

You’re misunderstanding how OAuth2 works here. The token from AccountManager.getAuthToken() is already an access token - you don’t need to exchange it for anything else. I made this same mistake when I started using Google APIs on Android. AccountManager does all the OAuth2 work behind the scenes and gives you a ready-to-use access token. When you try feeding that token to GoogleAuthorizationCodeTokenRequest, Google rejects it because it’s expecting an authorization code, not a token that’s already been issued. Just use your token directly in the Drive API calls - set it as a Bearer token in your HTTP headers. Ditch the TokenExchange class completely and start making authenticated requests with what you’ve got.

alexj · June 24, 2025, 2:52pm

Hit this exact issue yesterday lol. Your redirect_uri is either wrong or missing from Google Console. Double-check that the redirect URI in your code matches what’s in your OAuth client settings - it has to be exact. Also make sure you’re using the Android client ID, not the web one. Unauthorized_client means Google doesn’t recognize your app credentials.

Hazel_27Yoga · June 24, 2025, 9:24am

I hit the same issue before. You’re mixing two different auth flows - that’s your problem. AccountManager.getAuthToken() is for installed apps, but GoogleAuthorizationCodeTokenRequest is for web apps. They don’t play nice together. Google throws unauthorized_client because it sees your client trying to use the wrong flow. Since you’re on Android, just stick with AccountManager all the way through. Get your token from getAuthToken(), then wrap it in a GoogleCredential like this: GoogleCredential credential = new GoogleCredential().setAccessToken(token). Use that credential when you build your Drive service and you’ll be good to go.