As this guide was mainly centered around using the Google OAuth2 stuff I will note a few things that are specific to the Google OAuth which i struggled to make work, please keep in mind everything i did was using Server Connect, there is not much App Connect work in my app.
Please note the screenshots from the post above show 2 server actions, the first server action token-handling-login uses 2 different OAuth Providers, neither of those are “linked” providers, as they are only used in that one server action initially for login, one “Self Maintain” for existing users and the other “Session” provider for new users.
The second server action uses the “Self Maintain” provider that IS “linked” and used on the rest of the application.
The refresh token can be used to fetch a new access token by using the following URL, obviously I have used * for you to replace with your own Client secret and client id.
https://oauth2.googleapis.com/token?client_secret=8JsK****7gFR&grant_type=refresh_token&refresh_token={{queryIfEmailExists.tok_refresh_token.urlencode()}}&client_id=9913****2o1ra.apps.googleusercontent.com
Here is what it mine looks like, with a lot more stuff than you may need but it shows the API Action itself.
For some reason I could not get the Google OAuth2 to give me the users email address easily, and therefore to save the users email address into the database record which keeps that users tokens I had to call the users profile information which is shown in the first post I did in this thread.