Maybe I'm just being dense, but I'm using this documentation to use Google OAuth 2 login.

I'm able to successfully retrieve a JSON array that consists of the access_token, id_token, etc. The id_token is encrypted in what google calls a JWT (JSON Web Token). From what I understand, they're base 64 encoded, but base64_decode() in PHP is just giving me gibberish.

What am I doing wrong??

5 Years
Discussion Span
Last Post by Dani

OK so I figured out that if I use the JWT Decoder then it gives me all the information I want. But if I just do base64_decode() it gives me the header but not the claims part.


According to your first link, that token is cryptographically signed, and then base64 encoded. Found some code here which may help.


OK so this is really wacky, but I figured out that I actually didn't need it after all :) I was able to use the access_token with the API requests I need without validating it, whatever that means. I'm really confused why the documentation was insisting I go through those steps if it works without it???? Am I missing something??

Maybe someone with experience with Google's API can clue me in.

This topic has been dead for over six months. Start a new discussion instead.
Have something to contribute to this discussion? Please be thoughtful, detailed and courteous, and be sure to adhere to our posting rules.