4

I'm trying to perform authentication on GCP API Gateway using Google access token (ya29.***, OAuth2). However, the the documentation has content on only JWT tokens. It seems it is possible to use Google ID token (which is a JWT) but I don't have it. When I try to access token, the gateway returns the following error:

"Jwt is not in the form of Header.Payload.Signature with two dots and 3 sections"

Is there any way to use Google access token with GCP API Gateway, or is it not possible at all?

randomVariable
  • 305
  • 1
  • 4
  • 12
  • Tip: With a Google OAuth 2.0 access token, you can fetch an identity token. However, your question lacks details such as where you obtained the access token, what permissions and roles the tokens have, etc. A Google OAuth Access Token is not a JWT. A JWT was created and then exchanged for the access token. Edit your question with details. – John Hanley Mar 09 '22 at 19:10
  • I am trying to replace an API used by a client I can not modify. Currently it is sending Google access token in Authorization header of the request, and the current service validates the token manually be asking it to Google. In the new version I want to use API Gateway and make it do the authentication. – randomVariable Mar 10 '22 at 10:07
  • 2
    Then use OIDC Identity Tokens. API Gateway supports them natively. If your backend systems are using something else, update them to use the security/identity model required for your design. – John Hanley Mar 10 '22 at 10:57
  • Hi @randomVariable, have you tried John Hanley's solution? Let us know if it worked. – Catherine O Mar 14 '22 at 05:43
  • Hi @CatherineO. No, I didn't try it because the solution suggests making changes to systems I don't have access to. I too know that API GW works with OIDC, I just don't have them. I decided to continue using Cloud Endpoints Framework, which will probably be deprecated but can do what I need. – randomVariable Mar 14 '22 at 09:19
  • Hi @randomVariable, you may post your answer in the answer section. Thanks! – Catherine O Mar 15 '22 at 05:46

0 Answers0