Authorizing API Requests

This guide will show you how to supply an access token to the Google BigQuery API. If you use the BigQuery client libraries, you do not need to follow this guide, as this is done for you automatically.

Before you begin

Access tokens

The Google BigQuery API uses OAuth 2.0 access tokens to authorize requests. An OAuth 2.0 access token is a string that grants temporary access to an API. Google's OAuth 2.0 server grants access tokens for all Google APIs.

Scopes

Access tokens are associated with a scope, which limits the token's access. Check the complete list of Google API scopes for scopes associated with the BigQuery API.

Getting access tokens

Get a temporary access token using Application Default Credentials.

Command-line

Use the Google Cloud SDK to print an access token. 

ACCESS_TOKEN="$(gcloud auth application-default print-access-token)"

See the authentication guide to learn how to get an access token in other environments.

Because access tokens provide only temporary authorization, you must periodically refresh them.

Authorizing requests

To authorize requests to the BigQuery API with an access token, use any of the OAuth 2.0 token usage methods.

Request header

Set the token in the Authorization request header with the value Bearer ACCESS_TOKEN.

Command-line

curl -H "Authorization: Bearer $ACCESS_TOKEN" \
  "https://www.googleapis.com/bigquery/v2/projects/$GOOGLE_CLOUD_PROJECT/datasets"

Query parameter

Alternatively, set the token in the access_token URI parameter.

https://www.googleapis.com/bigquery/v2/projects/$GOOGLE_CLOUD_PROJECT/datasets?access_token=${ACCESS_TOKEN}

What's next

Was this page helpful? Let us know how we did:

Send feedback about...

This page
Documentation feedback
BigQuery
Product feedback