How to obtain a Google ID

Jasper Duizendstra
2 min readSep 7, 2019
The ID token is used to identify the user accessing the application

Google Cloud Endpoints can be used to develop, deploy, protect, and monitor your APIs. I use the Cloud Endpoints for OpenAPI with an App Engine standard environment backend app in Python.

The architecture and how to set up the environment is described in the How-to guide Getting Started with Endpoints for App Engine standard environment.

Setting up this environment on a local development machine involves Docker and is described in the Running ESP locally or on another platform How-to guide.

For the authentication I use the Google ID token authentication. This involves creating the client ID and client secret and adding it to the the security definition in your OpenAPI document.

Once all is up and running you would like to test the whole setup. To do this you fire up an REST client, in my case Postman. Now you are faced with adding the ID token to the request as shown in the screenshot.

Add the token here in Postman

This seems trivial, but it took me some time to figure it out, hence this article. These are the steps to take to obtain an ID token

Go to the OAuth 2.0 Playground and add your client id and secret.

Add the client ID and secret

In the Google Cloud Project add the url “” to the authorized redirect URIs.

Back in the OAuth 2.0 Playground select the Google OAuth2 API v2 scopes. I use email and profile so the fields are included in the id token.

Then, authorize the API and Exchange the authorization code for tokens.

If all went well, you should now have an id token that is used to test the API running on Cloud Endpoints for OpenAPI.

Jasper Duizendstra

Freelance Google Cloud Platform Architect, Google Workspace GDE