The current library implementation does hardcode the scopes for a given service account to https://www.googleapis.com/auth/cloud-platform. This is not going to allow using that token for actions that require additional scopes such as creating an external table in BigQuery that uses a drive document.
This change does set up an additional parameter to the TokenService that maintains the default value and does allow users to set their own list of scopes (a comma-separated string of GCP scopes).
The current library implementation does hardcode the scopes for a given service account to
https://www.googleapis.com/auth/cloud-platform
. This is not going to allow using that token for actions that require additional scopes such as creating an external table in BigQuery that uses a drive document.See for example how scopes are provided when using oauth for the same use case, https://docs.getdbt.com/reference/warehouse-profiles/bigquery-profile#local-oauth-gcloud-setup
This change does set up an additional parameter to the
TokenService
that maintains the default value and does allow users to set their own list of scopes (a comma-separated string of GCP scopes).