google-cloud-platformgoogle-cloud-auth

What is the api-call equivalent for this command? gcloud auth activate-service-account


What is the equivalent rest api calls for these?

gcloud auth activate-service-account --key-file=myvaultkey.json

export GOOGLE_OAUTH_ACCESS_TOKEN=$(gcloud auth print-access-token)


Solution

  • See Use OAuth2 for Server to Server Applications

    You can get gcloud to show underlying REST API calls by appending --log-http to any command.

    In this case, some of the work involves updating gcloud's local configuration to use the Service Account but you can ignore that part and focus on creating a JWT and using that to get an access token that you can then use to invoke the API(s).

    I encourage you to use one of Google's SDKs rather than do this using the underlying APIs. The documentation page referenced above explains both approaches and you'll see that using a SDK is not only trivial but it provides strong assurance that you're implementing the flow correctly (securely).