Send feedback
Stay organized with collections
Save and categorize content based on your preferences.
Version latest keyboard_arrow_down
Changelog
1.30.1 (2024-12-11)
Bug Fixes
1.30.0 (2024-11-08)
Features
Bug Fixes
Make it explicit that there is a network call to MDS to get SecureSessionAgentConfig (#1573 ) (18020fe )
1.29.0 (2024-10-22)
Features
Service sccount to service account impersonation to support universe domain (#1528 ) (c498ccf )
Bug Fixes
1.28.0 (2024-10-02)
Features
1.27.0 (2024-09-20)
Features
Add api key credential as client library authorization type (#1483 ) (6401e51 )
1.26.0 (2024-09-18)
Features
Updates UserAuthorizer to support retrieving token response directly with different client auth types (#1486 ) (1651006 )
1.25.0 (2024-09-03)
Features
Support retrieving ID Token from IAM endpoint for ServiceAccountCredentials (#1433 ) (4fcf83e )
Bug Fixes
ComputeEngineCredentials.createScoped should invalidate existing AccessToken (#1428 ) (079a065 )
Invalidate the SA's AccessToken when createScoped() is called (#1489 ) (f26fee7 )
1.24.1 (2024-08-13)
Bug Fixes
Retry sign blob call with exponential backoff (#1452 ) (d42f30a )
1.24.0 (2024-07-09)
Features
Bug Fixes
Documentation
Add supplier sections to table of contents (#1371 ) (9e11763 )
Adds docs for supplier based external account credentials (#1362 ) (bd898c6 )
Fix readme documentation for workload custom suppliers. (#1382 ) (75bd749 )
1.23.0 (2024-02-05)
Features
Add context object to pass to supplier functions (#1363 ) (1d9efc7 )
Adds support for user defined subject token suppliers in AWSCredentials and IdentityPoolCredentials (#1336 ) (64ce8a1 )
Adds universe domain for DownscopedCredentials and ExternalAccountAuthorizedUserCredentials (#1355 ) (17ef707 )
Modify the refresh window to match go/async-token-refresh. Serverless tokens are cached until 4 minutes before expiration, so 4 minutes is the ideal refresh window. (#1352 ) (a7a8d7a )
Bug Fixes
Add missing copyright header (#1364 ) (a24e563 )
Issue #1347 : ExternalAccountCredentials serialization is broken (#1358 ) (e3a2e9c )
Refactor compute and cloudshell credentials to pass quota project to base class (#1284 ) (fb75239 )
1.22.0 (2024-01-09)
Features
Adds universe domain support for compute credentials (#1346 ) (7e26861 )
Bug Fixes
1.21.0 (2023-12-21)
Features
Add code sample and test for getting an access token from an impersonated SA (#1289 ) (826ee40 )
Multi universe support, adding universe_domain field (#1282 ) (7eb322e )
Bug Fixes
Remove -Xlint:unchecked, suppress all existing violations, add @CanIgnoreReturnValue (#1324 ) (04dfd40 )
Documentation
Update README.md to link to Cloud authentication documentation rather than AIPs (98fc7e1 )
1.20.0 (2023-09-19)
Features
Bug Fixes
Make derived classes of CredentialSource public (#1236 ) (9bb9e0a )
Documentation
Update library definitions in README to the latest version (#1239 ) (0c5cff2 )
1.19.0 (2023-06-27)
Features
Expose test-jar and mock classes in oauth2 (12e8db6 )
1.18.0 (2023-06-16)
Features
Introduce a way to pass additional parameters to auhtorization url (#1134 ) (3a2c5d3 )
1.17.1 (2023-05-25)
Dependencies
1.17.0 (2023-05-20)
Features
Adds universe_domain to external account creds (#1199 ) (608ee87 )
Expose method to manually obtain ADC from gcloud CLI well-known… (#1188 ) (2fa9d52 )
Updating readme for external account authorized user credentials (#1200 ) (bf25574 )
Bug Fixes
1.16.1 (2023-04-07)
Bug Fixes
Make supporting classes of AwsCredentials serializable (#1113 ) (82bf871 )
Remove AWS credential source validation. (#1177 ) (77a99c9 )
1.16.0 (2023-02-15)
Features
Bug Fixes
Create and reuse self signed jwt creds for better performance (#1154 ) (eaaa8e8 )
Java doc for DefaultPKCEProvider.java (#1148 ) (154c127 )
Removed url pattern validation for google urls in external account credential configurations (#1150 ) (35495b1 )
Documentation
Clarified Maven artifact for HTTP-based clients (#1136 ) (b49fc13 )
1.15.0 (2023-01-25)
Features
Bug Fixes
AccessToken scopes clean serialization and default as empty list (#1125 ) (f55d41f )
Enforce Locale.US for AwsRequestSignerTest (#1111 ) (aeb1218 )
Ensure both refreshMargin and expirationMargin are set when using OAuth2CredentialsWithRefresh (#1131 ) (326e4a1 )
1.14.0 (2022-12-06)
Features
Bug Fixes
AwsCredentials should not call metadata server if security creds and region are retrievable through environment vars (#1100 ) (1ff5772 )
Not loosing the access token when calling UserCredentials#ToBuil… (#993 ) (84afdb8 )
1.13.0 (2022-11-15)
Features
Add smbios check for GCE residency detection (#1092 ) (bfe7d93 )
Bug Fixes
1.12.1 (2022-10-18)
Bug Fixes
1.12.0 (2022-10-14)
Features
Bug Fixes
Documentation
samples: Modified comments in the samples and minor refactor (#990 ) (669ab04 )
1.11.0 (2022-09-08)
Features
Adds configurable token lifetime support (#982 ) (0198733 )
Bug Fixes
Add retries to public key fetch (#983 ) (1200a39 )
Add Test to validate 0x20 in token (#971 ) (612db0a )
Change revoke request from get to post (#979 ) (ead58b2 )
Setting the retry count to default value and enabling ioexceptions to retry (#988 ) (257071a )
Updates IdTokenVerifier so that it does not cache a failed public key response (#967 ) (1f4c9c7 )
1.10.0 (2022-08-05)
Features
workforce identity federation for pluggable auth (#959 ) (7f2c535 )
Bug Fixes
updates executable response spec for executable-sourced credentials (#955 ) (48ff83d )
Documentation
1.9.0 (2022-08-02)
Features
Bug Fixes
expiration time of the ImpersonatedCredentials token depending on the current host's timezone (#932 ) (73af08a )
Documentation
update wif documentation with enable-imdsv2 flag (#940 ) (acc1ce3 )
1.8.1 (2022-07-13)
Bug Fixes
1.8.0 (2022-06-27)
Features
Documentation
1.7.0 (2022-05-12)
Features
Add ability to provide PrivateKey as Pkcs8 encoded string #883 (#889 ) (e0d6996 )
Add iam endpoint override to ImpersonatedCredentials (#910 ) (97bfc4c )
Bug Fixes
update branding in ExternalAccountCredentials (#893 ) (0200dbb )
1.6.0 (2022-03-15)
Features
Add AWS Session Token to Metadata Requests (#850 ) (577e9a5 )
Bug Fixes
ImmutableSet converted to List for Impersonated Credentials (#732 ) (7dcd549 )
update library docs (#868 ) (a081015 )
1.5.3 (2022-02-24)
Bug Fixes
ci: downgrade nexus-staging-maven-plugin to 1.6.8 (#874 ) (fc331d4 )
1.5.2 (2022-02-24)
Bug Fixes
downgrading nexus staging plugin 1.6.8 (#871 ) (e87224c )
1.5.1 (2022-02-22)
Bug Fixes
deps: update dependency org.apache.maven.plugins:maven-javadoc-plugin to v3.3.2 (#852 ) (aa557c7 )
1.5.0 (2022-02-14)
Features
update retries and implement Retryable (#750 ) (f9a9b8a )
Dependencies
1.4.0 (2022-01-19)
Features
setting the audience to always point to google token endpoint (#833 ) (33bfe7a )
Bug Fixes
(WIF) remove erroneous check for the subject token field name for text credential source (#822 ) (6d35c68 )
java: add -ntp flag to native image testing command (#1299 ) (#807 ) (aa6654a )
java: run Maven in plain console-friendly mode (#1301 ) (#818 ) (4df45d0 )
1.3.0 (2021-11-10)
Features
next release from main branch is 1.3.0 (#780 ) (1149581 )
Bug Fixes
1.2.2 (2021-10-20)
Bug Fixes
environment variable is "AWS_SESSION_TOKEN" and not "Token" (#772 ) (c8c3073 )
1.2.1 (2021-10-11)
Bug Fixes
disabling self-signed jwt for domain wide delegation (#754 ) (ac70a27 )
1.2.0 (2021-09-30)
Features
Bug Fixes
1.1.0 (2021-08-17)
Features
downscoping with credential access boundaries (#702 ) (aa7ede1 )
Bug Fixes
add validation for the token URL and service account impersonation URL for Workload Identity Federation (#717 ) (23cb8ef )
Documentation
updates README for downscoping with CAB (#716 ) (68bceba )
1.0.0 (2021-07-28)
⚠ BREAKING CHANGES
updating google-auth-library-java min Java version to 1.8
Features
GA release of google-auth-library-java (ver 1.0.0) (#704 ) (3d9874f )
updating google-auth-library-java min Java version to 1.8 (3d9874f )
Bug Fixes
Add shopt -s nullglob to dependencies script (#693 ) (c5aa708 )
Update dependencies.sh to not break on mac (c5aa708 )
0.27.0 (2021-07-14)
Features
add Id token support for UserCredentials (#650 ) (5a8f467 )
add impersonation credentials to ADC (#613 ) (b9823f7 )
Adding functional tests for Service Account (#685 ) (dfe118c )
allow scopes for self signed jwt (#689 ) (f4980c7 )
0.26.0 (2021-05-20)
Features
add gcf-owl-bot[bot]
to ignoreAuthors
(#674 ) (359b20f )
added getter for credentials object in HttpCredentialsAdapter (#658 ) (5a946ea )
enable pre-emptive async oauth token refreshes (#646 ) (e3f4c7e )
Returning an issuer claim on request errors (#656 ) (95d70ae )
Bug Fixes
use orginal url as audience for self signed jwt if scheme or host is null (#642 ) (b4e6f1a )
0.25.5 (2021-04-22)
Dependencies
0.25.4 (2021-04-15)
Bug Fixes
0.25.3 (2021-04-12)
Dependencies
0.25.2 (2021-03-18)
Bug Fixes
follow up fix service account credentials createScopedRequired (#605 ) (7ddac43 )
support AWS_DEFAULT_REGION env var (#599 ) (3d066ee )
0.25.1 (2021-03-18)
Bug Fixes
fix service account credentials createScopedRequired (#601 ) (0614482 )
0.25.0 (2021-03-16)
Features
0.24.1 (2021-02-25)
Dependencies
update dependency com.google.http-client:google-http-client-bom to v1.39.0 (#580 ) (88718b0 )
0.24.0 (2021-02-19)
Features
add workload identity federation support (#547 ) (b8dde1e )
Bug Fixes
Documentation
add instructions for using workload identity federation (#564 ) (2142db3 )
0.23.0 (2021-01-26)
⚠ BREAKING CHANGES
privatize deprecated constructor (#473)
Features
allow custom lifespan for impersonated creds (#515 ) (0707ed4 )
allow custom scopes for compute engine creds (#514 ) (edc8d6e )
allow set lifetime for service account creds (#516 ) (427f2d5 )
promote IdToken and JWT features (#538 ) (b514fe0 )
Bug Fixes
Dependencies
update dependency com.google.appengine:appengine-api-1.0-sdk to v1.9.84 (#422 ) (b262c45 )
update dependency com.google.guava:guava to v30.1-android (#522 ) (4090d1c )
Documentation
0.22.2 (2020-12-11)
Bug Fixes
quotaProjectId should be applied for cached getRequestMetadata(URI, Executor, RequestMetadataCallback)
(#509 ) (0a8412f )
0.22.1 (2020-11-05)
Bug Fixes
remove 1 hour limit for impersonated token (#490 ) (927e3d5 )
Dependencies
update dependency com.google.guava:guava to v30 (#497 ) (0551649 )
update dependency com.google.http-client:google-http-client-bom to v1.38.0 (#503 ) (46f20bc )
0.22.0 (2020-10-13)
Features
add logging at FINE level for each step of ADC (#435 ) (7d145b2 )
Documentation
Dependencies
update dependency com.google.http-client:google-http-client-bom to v1.37.0 (#486 ) (3027fbf )
0.21.1 (2020-07-07)
Dependencies
0.21.0 (2020-06-24)
Features
add TokenVerifier class that can verify RS256/ES256 tokens (#420 ) (5014ac7 )
Dependencies
update autovalue packages to v1.7.2 (#429 ) (5758364 )
update dependency com.google.http-client:google-http-client-bom to v1.35.0 (#427 ) (5494ec0 )
update Guava to 29.0-android (#426 ) (0cd3c2e )
0.20.0 (2020-01-15)
Features
updated JwtClaims.Builder
methods to public
(#396 ) (9e5de14 )
Dependencies
0.19.0 (2019-12-13)
Features
support reading in quotaProjectId for billing (#383 ) (f38c3c8 )
Dependencies
update appengine-sdk to 1.9.76 (#366 ) (590883d )
update autovalue packages to v1.7 (#365 ) (42a1694 )
update dependency com.google.appengine:appengine to v1.9.77 (#377 ) (c3c950e )
update dependency com.google.http-client:google-http-client-bom to v1.33.0 (#374 ) (af0af50 )
Documentation
0.18.0 (2019-10-09)
Bug Fixes
make JwtClaims.newBuilder() public (#350 ) (6ab8758 )
move autovalue into annotation processor path instead of classpath (#358 ) (a82d348 )
Dependencies
Documentation
fix include instructions in google-auth-library-bom README (#352 ) (f649735 )
0.17.4 (2019-10-08)
Bug Fixes
make JwtClaims.newBuilder() public (#350 ) (6ab8758 )
move autovalue into annotation processor path instead of classpath (#358 ) (a82d348 )
Dependencies
Documentation
fix include instructions in google-auth-library-bom README (#352 ) (f649735 )
0.17.2 (2019-09-24)
Bug Fixes
0.17.1 (2019-08-22)
Bug Fixes
allow unset/null privateKeyId for JwtCredentials (#336 ) (d28a6ed )
0.17.0 (2019-08-16)
Bug Fixes
cleanup unused code and deprecation warnings (#315 ) (7fd94c0 )
Fix declared dependencies from merge issue (#291 ) (35abf13 )
throw SigningException as documented (#316 ) (a1ab97c )
typo in ComputeEngineCredentials exception message (#313 ) (1a16f38 )
Features
add Automatic-Module-Name to manifest (#326 ) (29f58b4 ), closes #324 #324
add IDTokenCredential support (#303 ) (a87e3fd )
add JwtCredentials with custom claims (#290 ) (3f37172 )
allow arbitrary additional claims for JwtClaims (#331 ) (888c61c )
Implement ServiceAccountSigner for ImpersonatedCredentials (#279 ) (70767e3 )
Reverts
0.16.2 (2019-06-26)
Bug Fixes
Add metadata-flavor header to metadata server ping for compute engine (#283 )
Dependencies
Import http client bom for dependency management (#268 )
Documentation
README section for interop with google-http-client (#275 )
0.16.1 (2019-06-06)
Dependencies
Update dependency com.google.http-client:google-http-client to v1.30.1 (#265 )
0.16.0 (2019-06-04)
Features
Add google-auth-library-bom artifact (#256 )
Dependencies
Update dependency com.google.http-client:google-http-client to v1.30.0 (#261 )
Update dependency com.google.http-client:google-http-client to v1.29.2 (#259 )
Update dependency org.sonatype.plugins:nexus-staging-maven-plugin to v1.6.8 (#257 )
Update to latest app engine SDK version (#258 )
Update dependency org.apache.maven.plugins:maven-source-plugin to v3.1.0 (#254 )
Update dependency org.jacoco:jacoco-maven-plugin to v0.8.4 (#255 )
Update dependency org.apache.maven.plugins:maven-jar-plugin to v3.1.2 (#252 )
Update dependency org.apache.maven.plugins:maven-source-plugin to v2.4 (#253 )
Documentation
Javadoc publish kokoro job uses docpublisher (#243 )
0.15.0 (2019-03-27)
Bug Fixes
createScoped: make overload call implementation (#229 )
Reverts
Add back in deprecated methods in ServiceAccountJwtAccessCredentials (#238 )
0.14.0 (2019-03-26)
Bug Fixes
update default metadata url (#230 )
Remove deprecated methods (#190 )
Update Sign Blob API (#232 )
Dependencies
Upgrade http client to 1.29.0. (#235 )
update deps (#234 )
0.13.0 (2019-01-17)
Bug Fixes
Use OutputStream directly instead of PrintWriter (#220 )
Improve log output when detecting GCE (#214 )
Features
Overload GoogleCredentials.createScoped with variadic arguments (#218 )
Dependencies
Update google-http-client version, guava, and maven surefire plugin (#221 )
0.12.0 (2018-12-19)
Bug Fixes
Show error message in case of problems with getting access token (#206 )
Add note about NO_GCE_CHECK
to metadata 404 error message (#205 )
Features
Add ImpersonatedCredentials (#211 )
Add option to suppress end user credentials warning. (#207 )
Dependencies
Update google-http-java-client dependency to 1.27.0 (#208 )
Documentation
README grammar fix (#192 )
Add unstable badge to README (#184 )
Update README with instructions on installing the App Engine SDK and running the tests (#209 )
0.11.0 (2018-08-23)
Bug Fixes
Update auth token urls (#174)
Dependencies
Update dependencies (guava) (#170)
Bumping google-http-client version to 1.24.1 (#171)
Documentation
Documentation for ComputeEngineCredential signing. (#176)
Fix README link (#169)
0.10.0 (2018-06-12)
Bug Fixes
Read token_uri from service account JSON (#160)
Log warning if default credentials uses a user token from gcloud sdk (#166)
Features
Add OAuth2Credentials#refreshIfExpired() (#163)
ComputeEngineCredentials implements ServiceAccountSigner (#141)
Documentation
Versionless Javadocs (#164)
Fix documentation for getAccessToken()
returning cached value (#162)
0.9.1 (2018-04-09)
Features
Add caching for JWT tokens (#151)
0.9.0 (2017-11-02)
Bug Fixes
Fix NPE deserializing ServiceAccountCredentials (#132)
Features
Surface cleanup (#136)
Providing a method to remove CredentialsChangedListeners (#130)
Implemented in-memory TokenStore and added opportunity to save user credentials into file (#129)
Documentation
Fixes comment typos. (#131)
0.8.0 (2017-09-08)
Bug Fixes
Extracting the project_id field from service account JSON files (#118)
Fixing an Integer Overflow Issue (#121)
use metadata server to get credentials for GAE 8 standard environment (#122)
Features
Switch OAuth2 HTTP surface to use builder pattern (#123)
Add builder pattern to AppEngine credentials (#125)
Documentation
Fix API Documentation link rendering (#112)
0.7.1 (2017-07-14)
Bug Fixes
Mitigate occasional failures in looking up Application Default Credentials on a Google Compute Engine (GCE) Virtual Machine (#110)
0.7.0 (2017-06-06)
Bug Fixes
Retry HTTP errors in ServiceAccountCredentials.refreshAccessToken()
to avoid propagating failures (#100 addresses #91)
Features
Add GoogleCredentials.createDelegated()
method to allow using domain-wide delegation with service accounts (#102)
Allow bypassing App Engine credential check using environment variable, to allow Application Default Credentials to detect GCE when running on GAE Flex (#103)
Send feedback
Except as otherwise noted, the content of this page is licensed under the Creative Commons Attribution 4.0 License , and code samples are licensed under the Apache 2.0 License . For details, see the Google Developers Site Policies . Java is a registered trademark of Oracle and/or its affiliates.
Last updated 2024-12-19 UTC.
Need to tell us more?
[[["Easy to understand","easyToUnderstand","thumb-up"],["Solved my problem","solvedMyProblem","thumb-up"],["Other","otherUp","thumb-up"]],[["Hard to understand","hardToUnderstand","thumb-down"],["Incorrect information or sample code","incorrectInformationOrSampleCode","thumb-down"],["Missing the information/samples I need","missingTheInformationSamplesINeed","thumb-down"],["Other","otherDown","thumb-down"]],["Last updated 2024-12-19 UTC."],[],[]]