I already wrote a post explaining how to sign-in to Google+ from an Android app. Now I want to be able to match all requests my app makes with the user associated with those requests.
Google uses the OpenID protocol and ID Tokens to make this possible. An ID Token consists of two JSON objects, base64 encoded, concatenated and cryptographically signed. This token can be attached to your requests so your server knows who is the user it should associate the request with. This token must be kept secret because anybody using it will be able to identify themselves as the user. To keep the token safe always use HTTPS and transfer it as an HTTP header.