Method: projects.locations.authorizations.acquireUserAuthorization

Uses the stored refresh token for the user identified by their end-user credentials and the given resource, and returns the generated access token and its details. Takes the access token from cache if available. Rotates the stored refresh token if needed.

HTTP request

POST https://discoveryengine.googleapis.com/v1alpha/{name=projects/*/locations/*/authorizations/*}:acquireUserAuthorization

The URL uses gRPC Transcoding syntax.

Path parameters

Parameters
name

string

Required. Resource name of the Authorization. Format: projects/{project}/locations/{location}/authorizations/{authorization}

Request body

The request body must be empty.

Response body

Response message for the AuthorizationService.AcquireUserAuthorization method.

If successful, the response body contains data with the following structure:

JSON representation 
{
  "refreshTokenInfo": {
    object (RefreshTokenInfo)
  },
  "accessToken": string,
  "authorizationUri": string
}
Fields
refreshTokenInfo

object (RefreshTokenInfo)

Info about the stored refresh token used to create the access token.
accessToken

string

The created access token.
authorizationUri

string

A URI, that triggers the authorization flow. Set when the user needs to be (re)authorized.

Authorization scopes

Requires one of the following OAuth scopes:

  • https://www.googleapis.com/auth/cloud-platform
  • https://www.googleapis.com/auth/discoveryengine.readwrite

For more information, see the Authentication Overview.

IAM Permissions

Requires the following IAM permission on the name resource:

  • discoveryengine.authorizations.storeUserAuthorization

For more information, see the IAM documentation.

RefreshTokenInfo

Describes a refresh token.

JSON representation 
{
  "scopes": [
    string
  ]
}
Fields
scopes[]

string

The list of scopes for this token.