Is there easy way to find list of authorised scopes for Google Access Token

Question

If I have a valid Google Access token, is there an easy way to find out what scopes this token is valid for? This issue has arisen because the scopes were not saved when the user initially authorised the token.

Answer 1

The only way you can find the scope of a token is to validate this token by this API:

https://www.googleapis.com/oauth2/v1/tokeninfo?access_token=YOUR_TOKEN

And you'll get a response which includes the scope and other pieces of information like this:

{
  "audience":"8819957365.apps.googleusercontent.com",
  "user_id":"123456789",
  "scope":"https://www.googleapis.com/auth/userinfo.profile https://www.googleapis.com/auth/userinfo.email",
  "expires_in":3500
}

See the Google Developer documentation for more info.