This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Log in to ask a question
Get hands-on experience with 20+ free Google Cloud products and $300 in free credit for new customers.
Log in to ask a question

Rate limits on metadata server access token requests

Posted on 07-09-2022 10:31 AM
kevinAlbs
Bronze 1
Bronze 1
Reply posted on --/--/---- --:-- AM

Hello,

I want to get the access token for an attached service account without using a Google auth library.

Referring to AIP-4115, I am able to obtain an access token by making a request to the metadata server:

curl -H "Metadata-Flavor: Google" http://metadata.google.internal/computeMetadata/v1/instance/service-accounts/default/token

Output resembles the following:

{ "access_token": "...", "expires_in": 3599, "token_type": "Bearer" }

My question is: Is there a rate limit for these requests?

Other relevant background and research:

  • This only needs to work on GCE Equivalent Runtimes
  • GCE documentation says the metadata server caches tokens, so this may suggest there is no rate limit:

Access tokens expire after a short period of time. The metadata server caches access tokens until they have 5 minutes of remaining time before they expire. You can request new tokens as frequently as you like, but your applications must have a valid access token for their API calls to succeed.

Thank you.
Solved Solved
0 2 1,650
Topic Labels
Jump to Solution
0 Likes
1 ACCEPTED SOLUTION

Posted on --/--/---- --:-- AM
grobledo
Staff
Reply posted on --/--/---- --:-- AM

There is no rate limits other than what the Metadata Server can handle. In a normal situation, you should not have any issues with that.

View solution in original post

Jump to Solution
2 REPLIES 2
Top Labels in this Space
Top Solution Authors
View all