Skip to content

This function does very little when called directly with a token:

  • If input has class request, i.e. it is a token that has been prepared with httr::config(), the auth_token component is extracted. For example, such input could be produced by googledrive::drive_token() or bigrquery::bq_token().

  • Checks that the input appears to be a Google OAuth token, based on the embedded oauth_endpoint.

  • Refreshes the token, if it's refreshable.

  • Returns its input.

There is no point providing scopes. They are ignored because the scopes associated with the token have already been baked in to the token itself and gargle does not support incremental authorization. The main point of credentials_byo_oauth2() is to allow token_fetch() (and packages that wrap it) to accommodate a "bring your own token" workflow.

This also makes it possible to obtain a token with one package and then register it for use with another package. For example, the default scope requested by googledrive is also sufficient for operations available in googlesheets4. You could use a shared token like so:

drive_auth(email = "")
gs4_auth(token = drive_token())
# work with both packages freely now


credentials_byo_oauth2(scopes = NULL, token, ...)



A character vector of scopes to request. Pick from those listed at

For certain token flows, the "" scope is unconditionally included. This grants permission to retrieve the email address associated with a token; gargle uses this to index cached OAuth tokens. This grants no permission to view or send email and is generally considered a low-value scope.


A token with class Token2.0 or an object of httr's class request, i.e. a token that has been prepared with httr::config() and has a Token2.0 in the auth_token component.


Additional arguments passed to all credential functions.


An Token2.0.


if (FALSE) {
# assume `my_token` is a Token2.0 object returned by a function such as
# httr::oauth2.0_token() or gargle::gargle2.0_token()
credentials_byo_oauth2(token = my_token)