BigQuery REST API call using JWT

This post looks at calling BigQuery from devices through REST API. Devices often have a small footprint and have constraints and may not be possible to install Client Libraries. By using JWT directly as a bearer token, rather than an OAuth 2.0 access token, you can avoid having to make a network request to Google’s authorization server before making an API call.

  1. Create a service account, assign it necessary BigQuery IAM permissions and download the JSON key file. JSON key file structure is like this:

2. Create the JWT token. I used PyJWT library to create one. As per the documentation, fill the JWT fields in this python file (

3. Run the python file:

4. Now test a BigQuery API. Make sure the project name and dataset name are the ones on which IAM access permission was given to the service account.

5. Key Rotation: It is recommended that the service account key is rotated periodically, which in the case of devices may mean that every firmware/software release on the device uses a new key, therefore, a new JWT token.

More details on google documentation.



Google Cloud enthusiast

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store