AssertionType
Stay organized with collections
Save and categorize content based on your preferences.
Assertion types that the app can support at the token endpoint.
| Enums |
UNKNOWN_ASSERTION_TYPE |
Unknown assertion type for backwards compatability. Rejected. |
ID_TOKEN |
OpenIDConnect ID token. This is JWT token with grantType set to urn:ietf:params:oauth:grant-type:jwt-bearer. This is the same token as produced by Google Sign-In libraries, and its verification is documented at https://developers.google.com/identity/sign-in/web/backend-auth. For more information on JWT tokens, see https://tools.ietf.org/html/rfc7523#section-2.1 This token will include the non-standard key-value pair intent=get when the user attempts to link to an existing account. The response should be as per https://tools.ietf.org/html/rfc6749#section-4.1.4 in the event of success, and as per https://tools.ietf.org/html/rfc6749#section-4.2.2.1 in the event of error. |
ACCOUNT_CREATION |
This is the same as ID_TOKEN, except that a non-standard key "intent" will be set to "create" indicating that the user is atempting to create a new account that should be associated with the Google ID in the sub field of the JWT, as with other usage of Google Sign-In. The responses are as with ID_TOKEN. |
Except as otherwise noted, the content of this page is licensed under the Creative Commons Attribution 4.0 License, and code samples are licensed under the Apache 2.0 License. For details, see the Google Developers Site Policies. Java is a registered trademark of Oracle and/or its affiliates.
Last updated 2024-09-18 UTC.
[[["Easy to understand","easyToUnderstand","thumb-up"],["Solved my problem","solvedMyProblem","thumb-up"],["Other","otherUp","thumb-up"]],[["Missing the information I need","missingTheInformationINeed","thumb-down"],["Too complicated / too many steps","tooComplicatedTooManySteps","thumb-down"],["Out of date","outOfDate","thumb-down"],["Samples / code issue","samplesCodeIssue","thumb-down"],["Other","otherDown","thumb-down"]],["Last updated 2024-09-18 UTC."],[[["\u003cp\u003eThe app supports OpenIDConnect ID tokens (\u003ccode\u003eID_TOKEN\u003c/code\u003e) and a custom assertion type for account creation (\u003ccode\u003eACCOUNT_CREATION\u003c/code\u003e), both based on JWTs and utilizing Google Sign-In.\u003c/p\u003e\n"],["\u003cp\u003e\u003ccode\u003eID_TOKEN\u003c/code\u003e assertions are used for standard authentication flows, including linking to existing accounts, while \u003ccode\u003eACCOUNT_CREATION\u003c/code\u003e assertions specifically indicate new account creation intent.\u003c/p\u003e\n"],["\u003cp\u003eResponses to token requests using these assertions adhere to OAuth 2.0 standards for success and error handling as outlined in RFC6749.\u003c/p\u003e\n"],["\u003cp\u003eAn unknown assertion type (\u003ccode\u003eUNKNOWN_ASSERTION_TYPE\u003c/code\u003e) exists for backward compatibility but is rejected by the application.\u003c/p\u003e\n"]]],[],null,["# AssertionType\n\nAssertion types that the app can support at the token endpoint.\n\n| Enums ||\n|--------------------------|--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|\n| `UNKNOWN_ASSERTION_TYPE` | Unknown assertion type for backwards compatability. Rejected. |\n| `ID_TOKEN` | OpenIDConnect ID token. This is JWT token with `grantType` set to `urn:ietf:params:oauth:grant-type:jwt-bearer`. This is the same token as produced by Google Sign-In libraries, and its verification is documented at \u003chttps://developers.google.com/identity/sign-in/web/backend-auth\u003e. For more information on JWT tokens, see \u003chttps://tools.ietf.org/html/rfc7523#section-2.1\u003e This token will include the non-standard key-value pair `intent=get` when the user attempts to link to an existing account. The response should be as per \u003chttps://tools.ietf.org/html/rfc6749#section-4.1.4\u003e in the event of success, and as per \u003chttps://tools.ietf.org/html/rfc6749#section-4.2.2.1\u003e in the event of error. |\n| `ACCOUNT_CREATION` | This is the same as `ID_TOKEN`, except that a non-standard key \"intent\" will be set to \"create\" indicating that the user is atempting to create a new account that should be associated with the Google ID in the `sub` field of the JWT, as with other usage of Google Sign-In. The responses are as with `ID_TOKEN`. |"]]
