is it possible to only receive the serverAuthCode with the Credential Manager [1] in an Android App written in Java ?

Our backend expects only this information so it may make the request to Google to receive info about the user thats trying to login.

My current implementation is:

CredentialManager manager = CredentialManager.create(getApplicationContext());
            GetGoogleIdOption googleIdOption = new GetGoogleIdOption.Builder()
                    .setFilterByAuthorizedAccounts(true) // only existing google accounts, no "create new google account" screen
                    .setAutoSelectEnabled(true)
                    .setServerClientId("web_client_id")
                    .build();
            GetCredentialRequest request = new GetCredentialRequest.Builder()
                    .addCredentialOption(googleIdOption)
                    .build();

CredentialManagerCallback<GetCredentialResponse, GetCredentialException> credentialManagerCallback = new CredentialManagerCallback<GetCredentialResponse, GetCredentialException>() {
                @Override
                public void onResult(GetCredentialResponse result) {
                    // result here has all the data of the user, like email, name

                    // wanted: only serverAuthToken to send over to the backend which is then makeing the google api request
                }

                @Override
                public void onError(@NonNull GetCredentialException error) {
                    // handle error
                }
            };
            manager.getCredentialAsync(
                    _activity_instance,
                    request,
                    null,
                    Executors.newSingleThreadExecutor(),
                    credentialManagerCallback
            );

[1]

is it possible to only receive the serverAuthCode with the Credential Manager [1] in an Android App written in Java ?

Our backend expects only this information so it may make the request to Google to receive info about the user thats trying to login.

My current implementation is:

CredentialManager manager = CredentialManager.create(getApplicationContext());
            GetGoogleIdOption googleIdOption = new GetGoogleIdOption.Builder()
                    .setFilterByAuthorizedAccounts(true) // only existing google accounts, no "create new google account" screen
                    .setAutoSelectEnabled(true)
                    .setServerClientId("web_client_id")
                    .build();
            GetCredentialRequest request = new GetCredentialRequest.Builder()
                    .addCredentialOption(googleIdOption)
                    .build();

CredentialManagerCallback<GetCredentialResponse, GetCredentialException> credentialManagerCallback = new CredentialManagerCallback<GetCredentialResponse, GetCredentialException>() {
                @Override
                public void onResult(GetCredentialResponse result) {
                    // result here has all the data of the user, like email, name

                    // wanted: only serverAuthToken to send over to the backend which is then makeing the google api request
                }

                @Override
                public void onError(@NonNull GetCredentialException error) {
                    // handle error
                }
            };
            manager.getCredentialAsync(
                    _activity_instance,
                    request,
                    null,
                    Executors.newSingleThreadExecutor(),
                    credentialManagerCallback
            );

[1] https://developer.android/identity/sign-in/credential-manager

• java
• android
• mobile
• android-credential-manager

1 Answer 1

No, that is not possible. You can only receive an auth code if you use the Authorization APIs; Credential Manager is aimed at authentication and not authorization.