OAuth Mechanism

Key Name	Default Value	Required
OAuthMechanism	User Authentication (1)1	No

Description

The OAuth 2.0 authentication mechanism used to authenticate the connector.

• Service Authentication (0)0: The connector authenticates as a service, through a Google service account.
• User Authentication (1)1: The connector authenticates as a user, through a Google user account.
• Application Default Credentials Authentication (3)3: The connector authenticates as a user, through a GOOGLE_APPLICATION_CREDENTIALS environment variable.
• External Account Authentication (4)4: The connector authenticates using workforce identity federation.

Note:

• When the connector is configured to use External Account Authentication (OAuthMechanism=4), the flow now supports the native SAI that is included in the external account configuration specification and the connection properties are considered in the following precedence:

  1. KeyFile
  2. KeyFilePath (or KeyFilePath_Enc if the key file is not set)
  3. BYOID_ properties
• When the connector is configured to use Application Default Credentials (OAuthMechanism=3), the flow now supports impersonated_service_account keyfiles.
• SAI_Email, SAI_Lifetime, and SAI_Scopes properties are applicable when the OAuthMechanism= 0, or 1, or 2.

Related topics

• General Driver Configuration Options on page 1
• Security and Authentication
• Configuring Authentication
• Configuring Authentication
• Using a Connection String