For accessing a service, the application typically needs to present credentials. The application can request the credentials via GOA. First the application should invoke the Account.EnsureCredentials() method on the account object. If this succeeds, the application can request the credentials using e.g. OAuthBased.GetAccessToken() or OAuth2Based.GetAccessToken() depending on what kind of credentials the account is using. If the service returns an authorization error (say, the access token expired), the application should call Account.EnsureCredentials() again to e.g. renew the credentials.

On the other hand, if Account.EnsureCredentials() ever fails, then the user will get notified that there is a problem with the account so he can take actions to fix it. Applications can listen to changes on the Account.AttentionNeeded property to get notified when it's time to try accessing the account again.

Note that the implementation for a provider may switch from e.g. OAuth to OAuth2 in a newer release of GNOME Online Accounts. Therefore, applications must never assume that the GoaObject for an account implements a fixed set of interfaces.