Update OAuth2.md

OAuth2.md

@@ -97,3 +97,43 @@ client_secret=YOUR_GOOGLE_CLIENT_SECRET
     - refresh_token: (Optional) The refresh token used to obtain a new access token when the current one expires.
     - scope: The scope of access granted (e.g., email, profile).
 
+
+# 6. Access Protected Resources (Fetching User Profile Data)
+
+With the access token obtained in the previous step, 
+
+your platform can now use it to fetch the user's Google profile and email information. 
+
+The token is included in the Authorization header of the request.
+
+```json
+URL: https://www.googleapis.com/oauth2/v3/userinfo
+HTTP Method: GET
+Headers:
+Authorization: Bearer {access_token}: The access token obtained in step 5.
+```
+
+**Request:**
+
+```sh
+GET https://www.googleapis.com/oauth2/v3/userinfo
+Authorization: Bearer ya29.a0AfH6SMC8Op6zXZkHi2XITkDoOVzYXt3hTY6sny54UlWlxrnKlX5Xv78is7BEHekVX-VoA
+```
+
+**Response**
+
+```json
+{
+    "sub": "1234567890",
+    "name": "John Doe",
+    "given_name": "John",
+    "family_name": "Doe",
+    "profile": "https://plus.google.com/1234567890",
+    "picture": "https://lh3.googleusercontent.com/a-/AOh14GgIXXl5JXzW0c1Szbl-e1Jch1vhl5rHhH65vlK6J5g5PqkGjj1O0p3t8bgVEOykQ6ykFSQ=s96",
+    "email": "john.doe@example.com",
+    "email_verified": true,
+    "locale": "en"
+}
+```
+
+