From ecc3d900ea81bf157d1f5c4fc0d16863d29fda14 Mon Sep 17 00:00:00 2001 From: Abhishek Kumar Date: Wed, 25 Feb 2015 12:19:50 -0800 Subject: Update grpc-auth-support.md Address previous TODOs by providing the actual environment variable name and file path name where the service account keys are loaded from. --- grpc-auth-support.md | 12 +++++++----- 1 file changed, 7 insertions(+), 5 deletions(-) (limited to 'grpc-auth-support.md') diff --git a/grpc-auth-support.md b/grpc-auth-support.md index 9850b8b24e..a43f873e5d 100644 --- a/grpc-auth-support.md +++ b/grpc-auth-support.md @@ -63,11 +63,13 @@ grpc::Status s = stub->sayHello(&context, *request, response); This credential works for applications using Service Accounts as well as for applications running in Google Compute Engine (GCE). In the former case, the -service account’s private keys are expected in file located at [TODO: well -known file fath for service account keys] or in the file named in the environment -variable [TODO: add the env var name here]. The keys are used at run-time to -generate bearer tokens that are attached to each outgoing RPC on the -corresponding channel. +service account’s private keys are loaded from the file named in the environment +variable `GOOGLE_APPLICATION_CREDENTIALS`. If that environment variable is not +set, the library attempts to load the keys from the file located at +`/.config/gcloud/application_default_credentials.json` where `` is +the relative path specified in the environment variable `HOME`. Once loaded, the +keys are used to generate bearer tokens that are attached to each outgoing RPC +on the corresponding channel. For applications running in GCE, a default service account and corresponding OAuth scopes can be configured during VM setup. At run-time, this credential -- cgit v1.2.3