IAP client libraries

This page shows how to get started with the Google API Client Libraries for the Cloud IAP API. Read more about the client libraries for Cloud APIs in Client Libraries Explained.

Install the client library


For more information, see Using PHP on Google Cloud.

composer require google/apiclient

Set up authentication

When you use client libraries, you use Application Default Credentials (ADC) to authenticate. For information about setting up ADC, see Provide credentials for Application Default Credentials. For information about using ADC with client libraries, see Authenticate using client libraries.

Use the client library

The following example shows how to use the client library.


To authenticate to IAP, set up Application Default Credentials. For more information, see Set up authentication for a local development environment.

 * Copyright 2017 Google Inc.
 * Licensed under the Apache License, Version 2.0 (the "License");
 * you may not use this file except in compliance with the License.
 * You may obtain a copy of the License at
 *     http://www.apache.org/licenses/LICENSE-2.0
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,
 * See the License for the specific language governing permissions and
 * limitations under the License.
 * For instructions on how to run the full sample:
 * @see https://github.com/GoogleCloudPlatform/php-docs-samples/tree/main/iap/README.md

namespace Google\Cloud\Samples\Iap;

# Imports Auth libraries and Guzzle HTTP libraries.
use Google\Auth\ApplicationDefaultCredentials;
use GuzzleHttp\Client;
use GuzzleHttp\HandlerStack;

 * Make a request to an application protected by Identity-Aware Proxy.
 * @param string $url The Identity-Aware Proxy-protected URL to fetch.
 * @param string $clientId The client ID used by Identity-Aware Proxy.
function make_iap_request($url, $clientId)
    // create middleware, using the client ID as the target audience for IAP
    $middleware = ApplicationDefaultCredentials::getIdTokenMiddleware($clientId);
    $stack = HandlerStack::create();

    // create the HTTP client
    $client = new Client([
        'handler' => $stack,
        'auth' => 'google_auth'

    // make the request
    $response = $client->get($url);
    print('Printing out response body:');

// The following 2 lines are only needed to run the samples
require_once __DIR__ . '/../../testing/sample_helpers.php';
\Google\Cloud\Samples\execute_sample(__FILE__, __NAMESPACE__, $argv);

Additional resources