Some of the GCP products when retrieving the JWT token from the GCE
Metadata Server come with the email claim, but some have recently
started not returning that claim as part of the JWT payload. Adding the
format=full query parameter to the GCE Metdata Server API seems to
return the email claim for these cases, along with other GCE Metadata
which for the time being we do not need and thus, we discard.
Summary
Some of the GCP products when retrieving the JWT token from the GCE Metadata Server come with the
emailclaim, but some have recently started not returning that claim as part of the JWT payload. Adding theformat=fullquery parameter to the GCE Metdata Server API seems to return theemailclaim for these cases, along with other GCE Metadata which for the time being we do not need and thus, we discard.See these docs for more information.