AI-generated Key Takeaways
-
UserSession provides a short-lived token for interacting with Google Payments Reseller Platform web endpoints.
-
The UserSession token should be dynamically generated for authenticated users and not shared directly in unauthenticated contexts.
-
New UserSession tokens can be repeatedly re-generated for the same request, regardless of previous token expiration.
-
The token contains encrypted user intent and request information, used when redirecting users to Google.
-
The
generatemethod replaces previous OAuth consent-based APIs for user authorization.
Resource: UserSession
A user session contains a short-lived token that includes information required to interact with Google Payments Reseller Platform using the following web endpoints.
- A user session token should be generated dynamically for an authenticated user. You should refrain from sharing a token directly with a user in an unauthenticated context, such as SMS, or email.
- You can re-generate new session tokens repeatedly for same
generaterequest if necessary, regardless of the previous tokens being expired or not. You don't need to worry about multiple sessions resulting in duplicate fulfillments as guaranteed by the same subscription id.
Please refer to the Google Managed Signup documentation for additional integration details.
| JSON representation |
|---|
{ "token": string, "expireTime": string } |
| Fields | |
|---|---|
token |
Output only. The encrypted token of the user session, including the information of the user's intent and request. This token should be provided when redirecting the user to Google. |
expireTime |
Output only. The time at which the user session expires. Uses RFC 3339, where generated output will always be Z-normalized and use 0, 3, 6 or 9 fractional digits. Offsets other than "Z" are also accepted. Examples: |
Methods |
|
|---|---|
|
This API replaces user authorized OAuth consent based APIs (Create, Entitle). |