Package downscope implements the ability to downscope, or restrict, the Identity and Access Management permissions that a short-lived Token can use.

Package externalaccount provides support for creating workload identity federation and workforce identity federation token sources that can be used to access Google Cloud resources from external identity providers.

AppEngineTokenSource returns a token source that fetches tokens from either the current application's service account or from the metadata server, depending on the App Engine environment.

ComputeTokenSource returns a token source that fetches access tokens from Google Compute Engine (GCE)'s metadata server.

ConfigFromJSON uses a Google Developers Console client_credentials.json file to construct a config.

CredentialsFromJSON invokes CredentialsFromJSONWithParams with the specified scopes.

CredentialsFromJSONWithParams obtains Google credentials from a JSON value.

DefaultClient returns an HTTP Client that uses the DefaultTokenSource to obtain authentication credentials.

DefaultTokenSource returns the token source for "Application Default Credentials".

FindDefaultCredentials invokes FindDefaultCredentialsWithParams with the specified scopes.

FindDefaultCredentialsWithParams searches for "Application Default Credentials".

JWTAccessTokenSourceFromJSON uses a Google Developers service account JSON key file to read the credentials that authorize and authenticate the requests, and returns a TokenSource that does not use any OAuth2 flow but instead creates a JWT and sends that as the access token.

JWTAccessTokenSourceWithScope uses a Google Developers service account JSON key file to read the credentials that authorize and authenticate the requests, and returns a TokenSource that does not use any OAuth2 flow but instead creates a JWT and sends that as the access token.

JWTConfigFromJSON uses a Google Developers service account JSON key file to read the credentials that authorize and authenticate the requests.

NewSDKConfig creates an SDKConfig for the given Google Cloud SDK account.

JWTTokenURL is Google's OAuth 2.0 token URL to use with the JWT flow.

MTLSTokenURL is Google's OAuth 2.0 default mTLS endpoint.

Endpoint is Google's OAuth 2.0 default endpoint.

AuthenticationError indicates there was an error in the authentication flow.

Credentials holds Google credentials, including "Application Default Credentials".

CredentialsParams holds user supplied parameters that are used together with a credentials file for building a Credentials object.

An SDKConfig provides access to tokens from an account already authorized via the Google Cloud SDK.

DefaultCredentials is the old name of Credentials.