Making Authenticated Calls To Google Discovery API
Sometimes a Google API and the associated Discovery Document is early release or somehow otherwise restricted to specific Google Cloud Projects. To use the API the caller must somehow inform the API endpoint of the originating Google Cloud Project. This is done through the API Key.
First this only works if the Google team grants access to the API to the Google Cloud Project making the call. User or service doesn’t matter as long as the allowed project is used to create either credential.
To make API calls work a header with the project API key must be provided. The API Key can be created and downloaded on the project credentials page.
The key must then be injected into the discovery.build call. That’s it!
An full stack StarThinker example is:
- Create the API Key.
- Add it to the recipe or as a global value for all API calls.
Global: starthinker_assets/config.sh -> STARTHINKER_API_KEY
- Key propagates to the API call.
- Key propagates to the Auth call.
If caching, be sure to isolate keys.
Keys can be read globally for all API calls.
- Optionally if using just the Discovery API, add the key to the GET request.
This took a bit to figure out as it is intuitive but not explicit. Hopefully this is a time saver for some of the partner teams out there testing out early release APIs from Google.