Reputation: 582
How to generate permanent access token for GCP APIs?
We are trying to upload files to GCP bucket using the below cURL
curl -v --location --request POST 'https://storage.googleapis.com/upload/storage/v1/b/<bucketName>/o?uploadType=media&name=<path>' --header "Authorization: $AUTH_HEADER" --header 'Content-Type: application/java-archive' --data-binary '@'${OBJECT_NAME}
Currently we are generating AUTH_HEADER using gcloud auth print-access-token but this seems like a short lived token. Is there any way we can generate permanent token? Actually we are trying to automate upload process using CI/CD pipelines. If we could get a permanent access token we can encrypt and use it on the CI job itself.
Upvotes: 0
Views: 1338
Answers (1)
Reputation: 117321
access tokens are short lived by design. It comes back to the fact that access tokens are bearer tokens and will work for the bearer of the token until the token has expired with out any extra security checking. This means if you have a permeant access token and its stolen then the person stealing it is
Upvotes: 2
Related Questions
- How to authenticate with gcloud using just access token?
- GCP REST API authentication missing
- Get access token for a google cloud service account in Golang?
- Manage GCP project credentials through API
- Google Cloud Platform REST API: Acquiring Access Token and API Key
- How to create API Keys in GCP using service accont
- Authorizing REST API calls to GCP
- Service account key creation in GCP using rest API
- GCP: How to get compute engine access token?
- GCP -- APIs & Services : Create OAuth client ID credentials programmatically