Instantiate an IdentityPoolClient instance using the provided JSON object loaded from an external account credentials file. An error is thrown if the credential is not a valid file-sourced or url-sourced credential.
Optional additional behavior customization options. These currently customize expiration threshold time and whether to retry on 401/403 API request errors.
Methods
retrieveSubjectToken()
retrieveSubjectToken(): Promise<string>;
Triggered when a external subject token is needed to be exchanged for a GCP access token via GCP STS endpoint. This uses the options.credential_source object to figure out how to retrieve the token using the current environment. In this case, this either retrieves the local credential from a file location (k8s workload) or by sending a GET request to a local metadata server (Azure workloads). A promise that resolves with the external subject token.