Load a service account token

Source: R/credentials_service_account.R

Load a service account token

credentials_service_account(scopes = NULL, path = "", ..., subject = NULL)

Arguments

scopes

A character vector of scopes to request. Pick from those listed at https://developers.google.com/identity/protocols/oauth2/scopes.

For certain token flows, the "https://www.googleapis.com/auth/userinfo.email" scope is unconditionally included. This grants permission to retrieve the email address associated with a token; gargle uses this to index cached OAuth tokens. This grants no permission to view or send email. It is considered a low value scope and does not appear on the consent screen.
path

JSON identifying the service account, in one of the forms supported for the txt argument of jsonlite::fromJSON() (typically, a file path or JSON string).
...

Additional arguments passed to all credential functions.
subject

An optional subject claim. Use for a service account which has been granted domain-wide authority by an administrator. Such delegation of domain-wide authority means that the service account is permitted to act on behalf of users, without their consent. Identify the user to impersonate via their email, e.g. subject = "user@example.com".

Value

An httr::TokenServiceAccount or NULL.

See also

Additional reading on delegation of domain-wide authority:

Other credential functions: credentials_app_default(), credentials_byo_oauth2(), credentials_gce(), credentials_user_oauth2(), token_fetch()

Examples

if (FALSE) {
token <- credentials_service_account(
  scopes = "https://www.googleapis.com/auth/userinfo.email",
  path = "/path/to/your/service-account.json"
)
}