Class ExternalAccountCredential.Initializer

Initializer for ExternalAccountCredential.

Inheritance

object

ServiceCredential.Initializer

ExternalAccountCredential.Initializer

ProgrammaticExternalAccountCredential.Initializer

Inherited Members

ServiceCredential.Initializer.TokenServerUrl

ServiceCredential.Initializer.Clock

ServiceCredential.Initializer.AccessMethod

ServiceCredential.Initializer.HttpClientFactory

ServiceCredential.Initializer.DefaultExponentialBackOffPolicy

ServiceCredential.Initializer.QuotaProject

ServiceCredential.Initializer.Scopes

object.Equals(object)

object.Equals(object, object)

object.GetHashCode()

object.GetType()

object.MemberwiseClone()

object.ReferenceEquals(object, object)

object.ToString()

Namespace: Google.Apis.Auth.OAuth2

Assembly: Google.Apis.Auth.dll

Syntax

public class ExternalAccountCredential.Initializer : ServiceCredential.Initializer

Properties

Audience

The STS audience which contains the resource name for the workload identity pool or the workforce pool and the provider identifier in that pool.

Declaration

public string Audience { get; }

Property Value

Type	Description
string

ClientId

The Client ID.

Declaration

public string ClientId { get; set; }

Property Value

Type	Description
string

Remarks

Client ID and client secret are currently only required if the token info endpoint needs to be called with the generated GCP access token. When provided, STS will be called with additional basic authentication using ClientId as username and ClientSecret as password.

ClientSecret

The client secret.

Declaration

public string ClientSecret { get; set; }

Property Value

Type	Description
string

Remarks

Client ID and client secret are currently only required if the token info endpoint needs to be called with the generated GCP access token. When provided, STS will be called with additional basic authentication using ClientId as username and ClientSecret as password.

ServiceAccountImpersonationUrl

This is the URL for the service account impersonation request. If this is not set, the STS-returned access token should be directly used without impersonation.

Declaration

public string ServiceAccountImpersonationUrl { get; set; }

Property Value

Type	Description
string

SubjectTokenType

The STS subject token type based on the OAuth 2.0 token exchange spec.

Declaration

public string SubjectTokenType { get; }

Property Value

Type	Description
string

UniverseDomain

The universe domain this credential belongs to. May be null, in which case the default universe domain will be used.

Declaration

public string UniverseDomain { get; set; }

Property Value

Type	Description
string

WorkforcePoolUserProject

The GCP project number to be used for Workforce Identity Pools external credentials.

Declaration

public string WorkforcePoolUserProject { get; set; }

Property Value

Type	Description
string

Remarks

If this external account credential represents a Workforce Identity Pool enabled identity and this values is not specified, then an API key needs to be used alongside this credential to call Google APIs.