Actually, the "access_token" parameter is only one way to send the access token. The preferred approach is to send it in the Authorization header...and that's what Spring Social does.
So, if the Authorization header is not being sent, then that's clearly a problem. This works almost all the time, but the wildcard here is that you're doing this on Android. And that makes me wonder which connection factory is in play. My guess is that whatever connection factory that's in play is preventing the header from being added to the request.
A few basic questions:
(1) Are you using Spring for Android along with this? If not, then that may be the first thing to do. Spring's regular RestTemplate won't work well in Android, but Spring for Android gives an Android-ready RestTemplate that will work.
(2) Which version of Android are you using?
Let me know these things and that will go a long way toward debugging this.
Spring Social Project Lead