Google Service Account Authorization with JWT

Some of the Google API libraries require authorization using a Service Account. Thanks to the JWT authorization options added to Oauth2 Provider in Wappler now you can use your Google Service Account to connect to different APIs.

Google Service Account

You need to have a Service Account set up in Google Cloud Platform.
Open https://console.developers.google.com/ and click Credentials:

Then click Create Credentials:

And select Service Account:

Add a name for your Service Account, then click the Create button:

Setup the rest of the options as per your needs:

And click Done when you are done:

Click on your newly created Service Account:

Click the Add Key button and select Create new key:

Select JSON type:

And save the generated key (json file) on your hard drive:

You are done with setting up the Service Account.
Now open Wappler.

Creating the Server Action

Now let’s setup the server action, which will connect yo your API using the Service Account Authorization.

Set up JWT

Open the Server Connect Panel and create a new Server Action:

Add a new action step:

Open Security and select JWT Sign:

Click the Import Service Account button:

Browse to the json file which you downloaded earlier and click Open:

You can see all the required data has been populated in the UI:

Under Claims enter the specific service claims which you need:

These can be found in the selected API service docs:

Setup OAuth2 Provider

Add new step in your Server Action:

Add OAuth2 Provider:

Open the Type menu:

And select JWT:

Select Google in the Service menu:

And select the JWT Sign step in the JWT dropdown:

Setup API Step

Now as we have the JWT and OAuth2 Provider set up, let’s connect to our API.
Add new server action step:

And add API Action:

Enter your API URL as you usually do:

Select OAuth2 in the Authorization dropdown:

And select the OAuth2 Provider which we created:

Then setup the specific per your API - input data, query params and headers:

Setup your schema and you are done! You’ve accessed your API using Service Account Authorization.

2 Likes

Great stuff Wappler! Worked like a charm. First try! Perfecto :clap::ok_hand:

4 Likes

I’m getting this error while use Document AI:

image

1 Like

@Teodor, could you explain what are talking about here?

Claims are the payload of a JWT.

1 Like

It depends on what service you want to use with JWT authorization, the tutorial shows how to enable and use the JWT authorization, not how to use it with a specific service as there are hundreds of them available.

You can check the docs explaining what scopes are required for different services https://developers.google.com/identity/protocols/oauth2/scopes but it should all be explained in the docs for the specific service you want to use.

1 Like

@JonL and @Teodor, thank you very much for the clarification. For a complete understanding, I lacked exactly the link that Teodor pointed out. Now everything has become clear.