Authenticate to Assured Workloads

Stay organized with collections Save and categorize content based on your preferences.

This document describes how to authenticate to Assured Workloads programmatically.

For more information about Google Cloud authentication, see the authentication overview.

API access

Assured Workloads supports programmatic access. How you authenticate to Assured Workloads depends on how you access the API. You can access the API in the following ways:

Client libraries

The Assured Workloads client libraries provide high-level language support for authenticating to Assured Workloads programmatically. Client libraries support Application Default Credentials (ADC); the libraries look for credentials in a set of defined locations and use those credentials to authenticate requests to the API. With ADC, you can make credentials available to your application in a variety of environments, such as local development or production, without needing to modify your application code.

To use ADC, you must first provide your credentials to ADC.


You can authenticate to Assured Workloads from the command line by using Application Default Credentials. For more information, see Authenticate using REST.

If you want to use the API without using a client library, you can use Google's authentication library for your programming language. Alternatively, you can implement authentication in your code.

Access control with IAM

When you grant roles to a principal, always grant roles with only the required permissions; granting broader roles, such as basic roles, violates the principle of least privilege.

For more information about the roles for Assured Workloads, see Access control with IAM. For more information about Identity and Access Management (IAM) and authorization, see IAM overview.

What's next