I am not able to differentiate between these two: requestIdToken and requestServerAuthCode, when we signin with google api from android device.
My requirement is to provide option for users to login in android device, and after login sync data to my server.
Server need to validate logged in user request from android device. I am thinking to use “requestIdToken”.
On the server side i am using google client library to fetch user info from requestIdToken.
requestIdToken (String serverClientId)
Specifies that an ID token for authenticated users is requested.
Requesting an ID token requires that the server client ID be
and there is
requestServerAuthCode (String serverClientId)
Specifies that offline access is requested. Requesting offline access
requires that the server client ID be specified.
You don’t need to use requestIdToken(String) when you use this option.
When your server exchanges the code for tokens, an ID token will be
returned together (as long as you either use requestEmail() or
requestProfile() along with your configuration).
The first time you retrieve a code, a refresh_token will be granted
automatically. Subsequent requests will only return codes that can be
exchanged for access token.
From the docs.
As you can read here,
requestServerAuthCode() is specifically for requesting offline access. If you do not need it,