All Classes and Interfaces
Class
Description
Represents a temporary OAuth2 access token and its expiration information.
Credentials class for calling Google APIs using an API key.
Constants used for auth in http
Credentials representing an AWS third-party identity for calling Google APIs.
The AWS credential source.
Defines AWS security credentials.
Supplier for retrieving AWS Security credentials for
AwsCredentials to exchange for GCP
access tokens.An OAuth2 user authorization Client ID and associated information.
OAuth2 credentials representing the built-in service account for Google Cloud Shell.
OAuth2 credentials representing the built-in service account for a Google Compute Engine VM.
Defines an upper bound of permissions available for a GCP credential via
CredentialAccessBoundary.AccessBoundaryRules.Defines an upper bound of permissions on a particular resource.
An optional condition that can be used as part of a
CredentialAccessBoundary.AccessBoundaryRule to further
restrict permissions.Represents an abstract authorized identity instance.
Defines the different types of credentials that can be used for metrics.
Implements PKCE using only the Java standard library.
DownscopedCredentials enables the ability to downscope, or restrict, the Identity and Access
Management (IAM) permissions that a short-lived credential can use for Cloud Storage.
OAuth2 credentials sourced using external identities through Workforce Identity Federation.
Builder for
ExternalAccountAuthorizedUserCredentials.Base external account credentials class.
Base builder for external account credentials.
Enum specifying values for the subjectTokenType field in
ExternalAccountCredentials.Context object to pass relevant variables from external account credentials to suppliers.
This public class provides shared utilities for common OAuth2 utils or ADC.
Base type for credentials for authorizing calls to Google APIs using OAuth2.
A wrapper for using Credentials with the Google API Client Libraries for Java with Http.
A base interface for all
HttpTransport factories.Url-sourced, file-sourced, or user provided supplier method-sourced external account credentials.
The IdentityPool credential source.
Represents a temporary IdToken and its JsonWebSignature object
IdTokenCredentials provides a Google Issued OpenIdConnect token.
Interface for an Google OIDC token provider.
Enum of various credential-specific options to apply to the token.
ImpersonatedCredentials allowing credentials issued to a user or service account to impersonate
another.
Value class representing the set of fields used as the payload of a JWT token.
Credentials class for calling Google APIs using a JWT with custom claims.
Interface for creating custom JWT tokens
Represents an in-memory storage of tokens.
Base type for Credentials using OAuth2.
Listener for changes to credentials.
A refreshable alternative to
OAuth2Credentials.Interface for the refresh handler.
PluggableAuthCredentials enables the exchange of workload identity pool external credentials for
Google access tokens by retrieving 3rd party tokens through a user supplied executable.
Encapsulates the credential source portion of the configuration for PluggableAuthCredentials.
Interface for
GoogleCredentials that return a quota project ID.The callback that receives the result of the asynchronous
Credentials.getRequestMetadata(java.net.URI, java.util.concurrent.Executor, RequestMetadataCallback).Utilities to fetch the S2A (Secure Session Agent) address from the mTLS configuration.
Holds an mTLS configuration (consists of address of S2A) retrieved from the Metadata Server.
OAuth2 credentials representing a Service Account for calling Google APIs.
Service Account credentials for calling Google APIs using a JWT directly for access.
Interface for a service account signer.
Interface for long term storage of tokens
Handle verification of Google-signed JWT tokens.
Custom exception for wrapping all verification errors.
Handles an interactive 3-Legged-OAuth2 (3LO) user consent authorization.
Represents the client authentication types as specified in RFC 7591.
Represents the response from an OAuth token exchange, including configuration details used to
initiate the flow.
OAuth2 Credentials representing a user's identity and consent.