When you've stored an OAuth2 access/refresh token couple for a long time, you might not be sure what scopes it was giving access to.

In that case, just pass the access token to the tokeninfo endpoint :


The output looks like this :

"issued_to": "407408718192.apps.googleusercontent.com",
"audience": "407408718192.apps.googleusercontent.com",
"user_id": "1170123456778279183758",
"scope": "https://www.googleapis.com/auth/userinfo.email",
"expires_in": 3585,
"email": "[email protected]",
"verified_email": true,
"access_type": "offline"

Of course you can also do this with a library. In Java :

Oauth2 oauth2 = new Oauth2.Builder(new NetHttpTransport(), new JacksonFactory(), null)
return oauth2.tokeninfo().setAccessToken(yourAccessToken).execute();

You'll need the following dependency :