Decode Google OpenID Connect id_token


How to decode the id_token value received from Google OpenID Connect authentication response?



According to the "RFC 7519 - JWT (JSON Web Token)" standard, the "id_token" value received from Google OpenID Connect authentication response should be decoded as below:

  • Splitting the encoded string into 3 components: Header, Body, and Signature by the dot "." delimiter: headerEncoded.bodyEncoded.signatureEncoded
  • Get the header in JSON string as headerJSON = base64url_decode(headerEncoded).
  • Get the body in JSON string as bodyJSON = base64url_decode(bodyEncoded).
  • Get the signature in JSON string as signatureJSON = base64url_decode(signatureEncoded).

Here is an example of an "id_token" value returned from Google OpenID Connect after Base64URL decoded:

Header =
{ "alg": "RS256",
  "kid": "08d3245c62f86b6362afcbbffe1d069826dd1dc1",
  "typ": "JWT"

Body =
{ "iss":"",
  "nonce": "0394852-3190485-2490358",
Signature = 

Detail description of each field can be found in Google article: "OpenID Connect".


Validate Google OpenID Connect id_token

Build Implicit Flow with Google OpenID Connect

Google OpenID Connect Integration

⇑⇑ OpenID Tutorials

2019-02-10, 453👍, 0💬