Note: This method is deprecated and will stop working on July 1, 2021. Use the signJwt
method in the IAM Service Account Credentials API instead. If you currently use this method, see the migration guide for instructions.
Signs a JSON Web Token (JWT) using the system-managed private key for a ServiceAccount
.
HTTP request
POST https://iam.googleapis.com/v1/{name=projects/*/serviceAccounts/*}:signJwt
The URL uses gRPC Transcoding syntax.
Path parameters
Parameters | |
---|---|
name |
Required. Deprecated. Migrate to Service Account Credentials API. The resource name of the service account in the following format: Authorization requires the following IAM permission on the specified resource
|
Request body
The request body contains data with the following structure:
JSON representation | |
---|---|
{ "payload": string } |
Fields | |
---|---|
payload |
Required. Deprecated. Migrate to Service Account Credentials API. The JWT payload to sign. Must be a serialized JSON object that contains a JWT Claims Set. For example: If the JWT Claims Set contains an expiration time ( If the JWT Claims Set does not contain an expiration time ( |
Response body
If successful, the response body contains data with the following structure:
Deprecated. Migrate to Service Account Credentials API.
The service account sign JWT response.
JSON representation | |
---|---|
{ "keyId": string, "signedJwt": string } |
Fields | |
---|---|
keyId |
Deprecated. Migrate to Service Account Credentials API. The id of the key used to sign the JWT. |
signedJwt |
Deprecated. Migrate to Service Account Credentials API. The signed JWT. |
Authorization Scopes
Requires one of the following OAuth scopes:
https://www.googleapis.com/auth/iam
https://www.googleapis.com/auth/cloud-platform
For more information, see the Authentication Overview.