I am trying to authenticate in Python to GCP in order to call Cloud Functions.
I have set up a service account with roles as follows
and created a JSON key for it. Double-checking from the Cloud Function pane I can see that its permissions are correct (tried giving Admin as well)
However, authentication seems to always succeed no matter what
from google.oauth2 import service_account
import google.auth.transport.requests
key_path = "path/to/key.json"
scopes = ['https://www.googleapis.com/auth/cloud-platform']
credentials = service_account.Credentials.from_service_account_file(
key_path, scopes=scopes
)
auth_request = google.auth.transport.requests.Request()
credentials.refresh(auth_request)
print(credentials.token) # Bearer xxxxx
but later, the bearer token seems to not grant me access to the API, as I get error 401
Bearer error=”invalid_token” error_description=”The access token could not be verified”
I have tried regenerating the JSON key multiple times. The function itself works fine because I tested a public version of it and it works no problem.