I'm working on authenticating REST API calls to a Firebase Realtime database and have decided to use Google OAuth2 access tokens to authorize the requests. I've followed this doc - https://firebase.google.com/docs/database/rest/auth
and used this code to generate new access tokens
from google.oauth2 import service_account
# Define the required scopes
scopes = [
"https://www.googleapis.com/auth/userinfo.email",
"https://www.googleapis.com/auth/firebase.database"
]
# Authenticate a credential with the service account
credentials = service_account.Credentials.from_service_account_file(
"path/to/serviceAccountKey.json", scopes=scopes)
# Or, use the token directly, as described in the "Authenticate with an
# access token" section below. (not recommended)
request = google.auth.transport.requests.Request()
credentials.refresh(request)
access_token = credentials.token
print(access_token)
My questions are -
What is the expiry policy of these access tokens?
Standard google access tokens last an hour.
how many of them can I generate?
I dont think there is a limit
How can I fetch all the active tokens and remove one or more?
You cant really access tokens are not stored they contained access. Look up bearer token.
You are using a service account. Service account is a different type of access its client access. Its not going to expire as long as you dont delete the service account.