Loads credentials from a file identified via a search strategy known as
Application Default Credentials (ADC). The hope is to make auth "just work"
for someone working on Google-provided infrastructure or who has used Google
tooling to get started. A sequence of paths is consulted, which we describe
here, with some abuse of notation. ALL_CAPS represents the value of an
environment variable and %||% is used in the spirit of a null coalescing operator.
GOOGLE_APPLICATION_CREDENTIALS CLOUDSDK_CONFIG/application_default_credentials.json # on Windows: (APPDATA %||% SystemDrive %||% C:)\gcloud\application_default_credentials.json # on not-Windows: ~/.config/gcloud/application_default_credentials.json
If the above search successfully identifies a JSON file, it is parsed and ingested either as a service account token or a user OAuth2 credential.
credentials_app_default(scopes = NULL, ..., subject = NULL)A character vector of scopes to request. Pick from those listed at https://developers.google.com/identity/protocols/oauth2/scopes.
For certain token flows, the
"https://www.googleapis.com/auth/userinfo.email" scope is unconditionally
included. This grants permission to retrieve the email address associated
with a token; gargle uses this to index cached OAuth tokens. This grants no
permission to view or send email. It is considered a low value scope and
does not appear on the consent screen.
Additional arguments passed to all credential functions.
An optional subject claim. Use for a service account which has
been granted domain-wide authority by an administrator. Such delegation of
domain-wide authority means that the service account is permitted to act on
behalf of users, without their consent. Identify the user to impersonate
via their email, e.g. subject = "user@example.com".
An httr::TokenServiceAccount or an
httr::Token2.0 or NULL.
https://cloud.google.com/docs/authentication/production#providing_credentials_to_your_application
https://cloud.google.com/sdk/docs/
Other credential functions:
credentials_byo_oauth2(),
credentials_gce(),
credentials_service_account(),
credentials_user_oauth2(),
token_fetch()
# NOT RUN {
credentials_app_default()
# }
Run the code above in your browser using DataLab