You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Is your feature request related to a problem? Please describe.
We have a need to instantiate multiple instances of firebase admin to access multiple projects at the same time. This works nicely in production using:
However, it seems to be impossible to supply the impersonated service account json from local ADC login (obtained using gcloud auth application-default login --impersonate-service-account local-run@my-project.iam.gserviceaccount.com) as ImpersonatedServiceAccountCredential is not exported.
We rolled our own, but it fails as isApplicationDefault uses instanceof to do the checking.
Describe the solution you'd like
Add a way to initialize from ADC logins manually: add a method (like refreshToken and cert) to src/app/credential-factory.ts that takes impersonatedServiceAccountPathOrObject etc as parameter.
swftvsn
changed the title
[FR] Please expose ImpersonatedServiceAccountCredential
[FR] Allow initializing app manually with impersonated service account
Sep 4, 2024
@dconeybe could someone please weigh in on this one if it is feasible or not? This is blocking us from using more secure way to develop software locally.
Hey @swftvsn thanks for your contribution on this. We are migrating our internal credentials handling to google-auth-library in #2466, which should address this issue.
I have reprioritized this issue and actively working on it again to include #2466 in an official release. In the meantime if you are interested, could you try the test build shared in #1377 (comment) and confirm if that works with your impersonated service account?
Is your feature request related to a problem? Please describe.
We have a need to instantiate multiple instances of firebase admin to access multiple projects at the same time. This works nicely in production using:
However, it seems to be impossible to supply the impersonated service account json from local ADC login (obtained using
gcloud auth application-default login --impersonate-service-account local-run@my-project.iam.gserviceaccount.com
) asImpersonatedServiceAccountCredential
is not exported.We rolled our own, but it fails as
isApplicationDefault
uses instanceof to do the checking.Describe the solution you'd like
Add a way to initialize from ADC logins manually: add a method (like
refreshToken
andcert
) tosrc/app/credential-factory.ts
that takesimpersonatedServiceAccountPathOrObject
etc as parameter.The text was updated successfully, but these errors were encountered: