Reference documentation and code samples for the googleauth class Google::Auth::BearerTokenCredentials.
Implementation of Bearer Token authentication scenario.
Bearer tokens are strings representing an authorization grant.
They can be OAuth2 ("ya.29") tokens, JWTs, IDTokens -- anything
that is sent as aBearerin anAuthorizationheader.
Not all 'authentication' strings can be used with this class,
e.g. an API key cannot since API keys are sent in ax-goog-api-keyheader or as a query parameter.
This class should be used when the end-user is managing the
authentication token separately, e.g. with a separate service.
This means that tasks like tracking the lifetime of and
refreshing the token are outside the scope of this class.
There is no JSON representation for this type of credentials.
If the end-user has credentials in JSON format they should typically
use the corresponding credentials type, e.g. ServiceAccountCredentials
with the service account JSON.
[[["Easy to understand","easyToUnderstand","thumb-up"],["Solved my problem","solvedMyProblem","thumb-up"],["Other","otherUp","thumb-up"]],[["Hard to understand","hardToUnderstand","thumb-down"],["Incorrect information or sample code","incorrectInformationOrSampleCode","thumb-down"],["Missing the information/samples I need","missingTheInformationSamplesINeed","thumb-down"],["Other","otherDown","thumb-down"]],["Last updated 2025-09-04 UTC."],[],[],null,["# googleauth - Class Google::Auth::BearerTokenCredentials (v1.15.0)\n\nVersion latestkeyboard_arrow_down\n\n- [1.15.0 (latest)](/ruby/docs/reference/googleauth/latest/Google-Auth-BearerTokenCredentials)\n- [1.14.0](/ruby/docs/reference/googleauth/1.14.0/Google-Auth-BearerTokenCredentials)\n- [1.13.1](/ruby/docs/reference/googleauth/1.13.1/Google-Auth-BearerTokenCredentials)\n- [1.12.2](/ruby/docs/reference/googleauth/1.12.2/Google-Auth-BearerTokenCredentials) \nReference documentation and code samples for the googleauth class Google::Auth::BearerTokenCredentials.\n\nImplementation of Bearer Token authentication scenario.\n\n\nBearer tokens are strings representing an authorization grant.\nThey can be OAuth2 (\"ya.29\") tokens, JWTs, IDTokens -- anything\nthat is sent as a `Bearer` in an `Authorization` header.\n\nNot all 'authentication' strings can be used with this class,\ne.g. an API key cannot since API keys are sent in a\n`x-goog-api-key` header or as a query parameter.\n\nThis class should be used when the end-user is managing the\nauthentication token separately, e.g. with a separate service.\nThis means that tasks like tracking the lifetime of and\nrefreshing the token are outside the scope of this class.\n\n\u003cbr /\u003e\n\nThere is no JSON representation for this type of credentials.\nIf the end-user has credentials in JSON format they should typically\nuse the corresponding credentials type, e.g. ServiceAccountCredentials\nwith the service account JSON. \n\nInherits\n--------\n\n- Object \n\nIncludes\n--------\n\n- [Google::Auth::BaseClient](./Google-Auth-BaseClient)\n\nMethods\n-------\n\n### .make_creds\n\n def self.make_creds(options = {}) -\u003e Google::Auth::BearerTokenCredentials\n\nCreate the BearerTokenCredentials. \n**Parameter**\n\n- **options** (Hash) --- The credentials options \n**Returns**\n\n- ([Google::Auth::BearerTokenCredentials](./Google-Auth-BearerTokenCredentials))\n\n### #bearer_token\n\n def bearer_token() -\u003e String\n\n**Alias Of** : [#token](./Google-Auth-BearerTokenCredentials#Google__Auth__BearerTokenCredentials_token_instance_) \nThe following aliasing is needed for BaseClient since it sends :token_type \n**Returns**\n\n- (String) --- The token to be sent as a part of Bearer claim\n\n### #duplicate\n\n def duplicate(options = {}) -\u003e Google::Auth::BearerTokenCredentials\n\nCreates a duplicate of these credentials. \n**Parameter**\n\n- **options** (Hash) --- Additional options for configuring the credentials \n**Returns**\n\n- ([Google::Auth::BearerTokenCredentials](./Google-Auth-BearerTokenCredentials))\n\n### #expires_at\n\n def expires_at() -\u003e Time, nil\n\n**Returns**\n\n- (Time, nil) --- The token expiration time provided by the end-user.\n\n### #expires_within?\n\n def expires_within?(seconds) -\u003e Boolean\n\nDetermines if the credentials object has expired. \n**Parameter**\n\n- **seconds** (Numeric) --- The optional timeout in seconds. \n**Returns**\n\n- (Boolean) --- True if the token has expired, false otherwise, or if the expires_at was not provided.\n\n### #initialize\n\n def initialize(options = {}) -\u003e BearerTokenCredentials\n\nInitialize the BearerTokenCredentials. \n**Parameter**\n\n- **options** (Hash) --- The credentials options \n**Returns**\n\n- ([BearerTokenCredentials](./Google-Auth-BearerTokenCredentials)) --- a new instance of BearerTokenCredentials \n**Raises**\n\n- (ArgumentError) --- If the bearer token is nil or empty\n\n### #token\n\n def token() -\u003e String\n\n**Aliases**\n\n- [#bearer_token](./Google-Auth-BearerTokenCredentials#Google__Auth__BearerTokenCredentials_bearer_token_instance_) \n**Returns**\n\n- (String) --- The token to be sent as a part of Bearer claim\n\n### #universe_domain\n\n def universe_domain() -\u003e String\n\n**Returns**\n\n- (String) --- The universe domain of the universe this token is for\n\n### #universe_domain=\n\n def universe_domain=(value) -\u003e String\n\n**Parameter**\n\n- **value** (String) --- The universe domain of the universe this token is for \n**Returns**\n\n- (String) --- The universe domain of the universe this token is for"]]
