public class ExternalAccountCredential.Initializer : ServiceCredential.InitializerInitializer for ExternalAccountCredential.
Derived Types
Namespace
Google.Apis.Auth.OAuth2Assembly
Google.Apis.Auth.dll
Properties
Audience
public string Audience { get; }The STS audience which contains the resource name for the workload identity pool or the workforce pool and the provider identifier in that pool.
| Property Value | |
|---|---|
| Type | Description |
string |
|
ClientId
public string ClientId { get; set; }The Client ID.
| Property Value | |
|---|---|
| Type | Description |
string |
|
Client ID and client secret are currently only required if the token info endpoint needs to be called with the generated GCP access token. When provided, STS will be called with additional basic authentication using ClientId as username and ClientSecret as password.
ClientSecret
public string ClientSecret { get; set; }The client secret.
| Property Value | |
|---|---|
| Type | Description |
string |
|
Client ID and client secret are currently only required if the token info endpoint needs to be called with the generated GCP access token. When provided, STS will be called with additional basic authentication using ClientId as username and ClientSecret as password.
ServiceAccountImpersonationUrl
public string ServiceAccountImpersonationUrl { get; set; }This is the URL for the service account impersonation request. If this is not set, the STS-returned access token should be directly used without impersonation.
| Property Value | |
|---|---|
| Type | Description |
string |
|
SubjectTokenType
public string SubjectTokenType { get; }The STS subject token type based on the OAuth 2.0 token exchange spec.
| Property Value | |
|---|---|
| Type | Description |
string |
|
UniverseDomain
public string UniverseDomain { get; set; }The universe domain this credential belongs to. May be null, in which case the default universe domain will be used.
| Property Value | |
|---|---|
| Type | Description |
string |
|
WorkforcePoolUserProject
public string WorkforcePoolUserProject { get; set; }The GCP project number to be used for Workforce Identity Pools external credentials.
| Property Value | |
|---|---|
| Type | Description |
string |
|
If this external account credential represents a Workforce Identity Pool enabled identity and this values is not specified, then an API key needs to be used alongside this credential to call Google APIs.