mirror of
https://github.com/googleapis/genai-toolbox.git
synced 2026-02-12 16:15:00 -05:00
eadb678a7b
Environment variable replacement is needed so that users don't have to
hardcode their secrets in configuring `tools.yaml`.
Both formats `$ENV_NAME` and `${ENV_NAME}` are standard ways to declare
an environment variable.
However, some database statement placeholders that are already using the
`$ENV_NAME` format.
Therefore, we only support env var declaration using `${ENV_NAME}` to
disambiguate it from other usages.
Fixes issue: https://github.com/googleapis/genai-toolbox/issues/431
1.9 KiB
1.9 KiB
title, type, weight, description
| title | type | weight | description |
|---|---|---|---|
| Google Sign-In | docs | 1 | Use Google Sign-In for Oauth 2.0 flow and token lifecycle. |
Getting Started
Google Sign-In manages the OAuth 2.0 flow and token lifecycle. To integrate the Google Sign-In workflow to your web app follow this guide.
After setting up the Google Sign-In workflow, you should have registered your
application and retrieved a Client ID. Configure your auth service
in with the Client ID.
Behavior
Authorized Invocations
When using Authorized Invocations, a tool will be considered authorized if it has a valid Oauth 2.0 token that matches the Client ID.
Authenticated Parameters
When using Authenticated Parameters, any claim provided by the id-token can be used for the parameter.
Example
authServices:
my-google-auth:
kind: google
clientId: ${YOUR_GOOGLE_CLIENT_ID}
{{< notice tip >}} Use environment variable replacement with the format ${ENV_NAME} instead of hardcoding your secrets into the configuration file. {{< /notice >}}
Reference
| field | type | required | description |
|---|---|---|---|
| kind | string | true | Must be "google". |
| clientId | string | true | Client ID of your application from registering your application. |