Options
All
  • Public
  • Public/Protected
  • All
Menu

Interface PluggableAuthClientOptions

Defines the credential source portion of the configuration for PluggableAuthClient.

Command is the only required field. If timeout_millis is not specified, the library will default to a 30-second timeout. 

Sample credential source for Pluggable Auth Client:
{
  ...
  "credential_source": {
    "executable": {
      "command": "/path/to/get/credentials.sh --arg1=value1 --arg2=value2",
      "timeout_millis": 5000,
      "output_file": "/path/to/generated/cached/credentials"
    }
  }
}

Hierarchy

Index

Properties

Properties

audience

audience: string

Optional client_id

client_id?: string

Optional client_secret

client_secret?: string

credential_source

credential_source: { executable: { command: string; output_file?: string; timeout_millis?: number } }

Type declaration

  • executable: { command: string; output_file?: string; timeout_millis?: number }
    • command: string

      The command used to retrieve the 3rd party token.

    • Optional output_file?: string

      An optional output file location that will be checked for a cached response from a previous run of the executable.

    • Optional timeout_millis?: number

      The timeout for executable to run in milliseconds. If none is provided it will be set to the default timeout of 30 seconds.

Optional credentials

credentials?: Credentials

Optional eagerRefreshThresholdMillis

eagerRefreshThresholdMillis?: number

The expiration threshold in milliseconds before forcing token refresh of unexpired tokens.

Optional forceRefreshOnFailure

forceRefreshOnFailure?: boolean

Whether to attempt to refresh tokens on status 401/403 responses even if an attempt is made to refresh the token preemptively based on the expiry_date.

projectId

projectId: undefined | null | string

project_id

project_id: undefined | null | string

quotaProjectId

quotaProjectId: undefined | string

quota_project_id

quota_project_id: undefined | string

Optional service_account_impersonation

service_account_impersonation?: { token_lifetime_seconds?: number }

Type declaration

  • Optional token_lifetime_seconds?: number

Optional service_account_impersonation_url

service_account_impersonation_url?: string

subject_token_type

subject_token_type: string

Optional token_info_url

token_info_url?: string

token_url

token_url: string

Optional transporter

transporter?: Transporter | Gaxios

A Gaxios or Transporter instance to use for AuthClient requests.

Optional transporterOptions

transporterOptions?: GaxiosOptions

Provides default options to the transporter, such as agent or retryConfig.

type

type: string

universeDomain

universeDomain: undefined | string

universe_domain

universe_domain: undefined | string

Optional workforce_pool_user_project

workforce_pool_user_project?: string