AuthConfig

Auth configuration to run the extension.

Fields
authType enum (AuthType)

type of auth scheme.

auth_config Union type
auth_config can be only one of the following:
apiKeyConfig object (ApiKeyConfig)

Config for API key auth.

httpBasicAuthConfig object (HttpBasicAuthConfig)

Config for HTTP Basic auth.

googleServiceAccountConfig object (GoogleServiceAccountConfig)

Config for Google service Account auth.

oauthConfig object (OauthConfig)

Config for user oauth.

oidcConfig object (OidcConfig)

Config for user OIDC auth.

JSON representation 
{
  "authType": enum (AuthType),

  // auth_config
  "apiKeyConfig": {
    object (ApiKeyConfig)
  },
  "httpBasicAuthConfig": {
    object (HttpBasicAuthConfig)
  },
  "googleServiceAccountConfig": {
    object (GoogleServiceAccountConfig)
  },
  "oauthConfig": {
    object (OauthConfig)
  },
  "oidcConfig": {
    object (OidcConfig)
  }
  // Union type
}

ApiKeyConfig

Config for authentication with API key.

Fields
name string

Optional. The parameter name of the API key. E.g. If the API request is "https://example.com/act?apiKey=", "apiKey" would be the parameter name.

apiKeySecret string

Optional. The name of the SecretManager secret version resource storing the API key. Format: projects/{project}/secrets/{secrete}/versions/{version}

apiKeyString string

Optional. The API key to be used in the request directly.

httpElementLocation enum (HttpElementLocation)

Optional. The location of the API key.

JSON representation 
{
  "name": string,
  "apiKeySecret": string,
  "apiKeyString": string,
  "httpElementLocation": enum (HttpElementLocation)
}

HttpElementLocation

Enum of location an HTTP element can be.

Enums
HTTP_IN_UNSPECIFIED
HTTP_IN_QUERY Element is in the HTTP request query.
HTTP_IN_HEADER Element is in the HTTP request header.
HTTP_IN_PATH Element is in the HTTP request path.
HTTP_IN_BODY Element is in the HTTP request body.

HttpBasicAuthConfig

Config for HTTP Basic Authentication.

Fields
credentialSecret string

Required. The name of the SecretManager secret version resource storing the base64 encoded credentials. Format: projects/{project}/secrets/{secrete}/versions/{version}

JSON representation 
{
  "credentialSecret": string
}

GoogleServiceAccountConfig

Config for Google service Account Authentication.

Fields
serviceAccount string

Optional. The service account that the extension execution service runs as.

JSON representation 
{
  "serviceAccount": string
}

OauthConfig

Config for user oauth.

Fields
oauth_config Union type
oauth_config can be only one of the following:
accessToken string

Access token for extension endpoint. Only used to propagate token from [[ExecuteExtensionRequest.runtime_auth_config]] at request time.

serviceAccount string

The service account used to generate access tokens for executing the Extension.

JSON representation 
{

  // oauth_config
  "accessToken": string,
  "serviceAccount": string
  // Union type
}

OidcConfig

Config for user OIDC auth.

Fields
oidc_config Union type
oidc_config can be only one of the following:
idToken string

OpenID Connect formatted id token for extension endpoint. Only used to propagate token from [[ExecuteExtensionRequest.runtime_auth_config]] at request time.

serviceAccount string

The service account used to generate an OpenID Connect (OIDC)-compatible JWT token signed by the Google OIDC Provider (accounts.google.com) for extension endpoint (https://cloud.google.com/iam/docs/create-short-lived-credentials-direct#sa-credentials-oidc).

JSON representation 
{

  // oidc_config
  "idToken": string,
  "serviceAccount": string
  // Union type
}

AuthType

type of Auth.

Enums
AUTH_TYPE_UNSPECIFIED
NO_AUTH No Auth.
API_KEY_AUTH API Key Auth.
HTTP_BASIC_AUTH HTTP Basic Auth.
GOOGLE_SERVICE_ACCOUNT_AUTH Google service Account Auth.
OAUTH OAuth auth.
OIDC_AUTH OpenID Connect (OIDC) Auth.