Using AccountManager for Google Drive API Authentication on Android

Hermione_Book · July 21, 2025, 6:28pm

I’m building an Android app that needs to connect to Google Drive documents. I keep getting a “401 Cannot parse AuthSub token” error when trying to authenticate.

I think the issue is that Android’s AccountManager is returning the wrong type of access token. Is there a proper way to get a valid access token using AccountManager for Google Drive access, or should I use a different authentication method?

Here’s my current implementation:

import com.google.api.client.googleapis.extensions.android.accounts.GoogleAccountManager;
import com.google.api.services.drive.DriveClient;
import com.google.api.services.drive.DriveUrl;
import com.google.api.services.drive.model.FileEntry;
import com.google.api.services.drive.model.FileFeed;

public class MainActivity extends ListActivity{
    private static final String TOKEN_SCOPE = "https://www.googleapis.com/auth/drive";
    private static final HttpTransport TRANSPORT = new NetHttpTransport();
    protected DriveClient driveClient;
    String userAccount;

    GoogleAccountManager manager;

    protected void onCreate(Bundle savedInstanceState) {
        super.onCreate(savedInstanceState);
        driveClient = new DriveClient(TRANSPORT.createRequestFactory(authCredential));
        manager = new GoogleAccountManager(this);
        handleAccount();
    }

    void handleAccount() {
        manager.getAccountManager().getAuthToken(selectedAccount, TOKEN_SCOPE, true, new AccountManagerCallback<Bundle>() {

          public void run(AccountManagerFuture<Bundle> result) {
            try {
              Bundle data = result.getResult();
              if (data.containsKey(AccountManager.KEY_INTENT)) {
                Intent authIntent = data.getParcelable(AccountManager.KEY_INTENT);
                authIntent.setFlags(authIntent.getFlags() & ~Intent.FLAG_ACTIVITY_NEW_TASK);
                startActivityForResult(authIntent, AUTH_REQUEST_CODE);
              } else if (data.containsKey(AccountManager.KEY_AUTHTOKEN)) {
                updateAuthToken(data.getString(AccountManager.KEY_AUTHTOKEN));
                processToken();
              }
            } catch (Exception ex) {
              Log.e(LOG_TAG, ex.getMessage(), ex);
            }
          }
        }, null);
  }

void updateAuthToken(String token) {
    authCredential.setAccessToken(token);
  }

 void processToken() {
    List<String> fileList = new ArrayList<String>();
    FileFeed documents = driveClient.executeGetFileFeed(DriveUrl.forDefaultPrivateFiles());
    for (FileEntry file : documents.files) {
            fileList.add(file.name);
          }
    //Process the file list
  }
}

Luna23 · July 31, 2025, 8:51pm

yeah, that 401 error often happens if u r not using the latest auth methods. u should try switching to OAuth 2.0 with Google Drive API v3. it’s much more secure and the googleapiclient handles tokens for u, making life easier.

Nate_91Surf · July 30, 2025, 5:10am

Your problem is mixing old gdata libraries with AccountManager auth - they don’t play nice together. Been there with an enterprise app using those deprecated APIs, total headache. The gdata library wants AuthSub tokens but AccountManager gives you OAuth2 tokens that are formatted differently. Don’t try bridging this gap. Scrap the gdata approach entirely and use Google Sign-In with the REST API instead. Get your credentials through GoogleSignInAccount, then hit the Drive REST endpoints directly with HTTP requests. You’ll dodge all those token parsing errors since everything uses OAuth2 from start to finish. Takes some work upfront but you’ll save tons of debugging time later.

Emma_Galaxy · July 29, 2025, 11:04am

That AuthSub token error means you’re using deprecated authentication libraries. Those GoogleAccountManager and DriveClient classes are from the old gdata library - Google killed that years ago. I’ve hit the same issue maintaining legacy Android apps with those outdated dependencies. You need to migrate to Google Drive REST API v3 with GoogleSignIn and proper OAuth2 credentials. Replace those imports with the current Google Play Services Auth library and rebuild your auth flow. The token scopes and request patterns changed completely since gdata.