oauth_external_token: Generate OAuth token for an external account.

Description Usage Arguments

View source: R/credentials_external_account.R

Description

Generate OAuth token for an external account.

Usage

1
2
3
4
oauth_external_token(
  path = "",
  scopes = "https://www.googleapis.com/auth/cloud-platform"
)

Arguments

path

JSON containing the workload identity configuration for the external account, in one of the forms supported for the txt argument of jsonlite::fromJSON() (probably, a file path, although it could be a JSON string). The instructions for generating this configuration are given at Automatically generate credentials.

Note that external account tokens are a natural fit for use as Application Default Credentials, so consider storing the configuration file in one of the standard locations consulted for ADC, instead of providing path explicitly. See credentials_app_default() for more.

scopes

A character vector of scopes to request. Pick from those listed at https://developers.google.com/identity/protocols/oauth2/scopes.

For certain token flows, the "https://www.googleapis.com/auth/userinfo.email" scope is unconditionally included. This grants permission to retrieve the email address associated with a token; gargle uses this to index cached OAuth tokens. This grants no permission to view or send email and is generally considered a low-value scope.


gargle documentation built on July 2, 2021, 5:07 p.m.