𝗥𝗼𝗹𝗹𝗶𝗻𝗴 𝗮 𝗚𝗼𝗼𝗴𝗹𝗲 𝗦𝗲𝗿𝘃𝗶𝗰𝗲 𝗔𝗰𝗰𝗼𝘂𝗻𝘁 𝗝𝗪𝗧 𝗶𝗻 𝗡𝗼𝗱𝗲.𝗷𝘀
The googleapis npm package is the standard for Google APIs.
It works. But it adds 380KB and over 450 dependencies to your project.
If you only need one API for a CI script, you do not need that much weight.
I built a script to check URL index status using only 60 lines of code.
It uses three built-in Node.js modules:
- crypto
- fetch
- URL
It adds zero packages to your repository.
Google service account auth follows the RFC 7523 standard.
Here is the process:
- Create a JWT with your client email and private key.
- POST that JWT to the Google token endpoint.
- Receive an access token.
- Use that token in your API request header.
One critical detail: use the webmasters scope. The newer searchconsole scope will not work for the URL Inspection API.
You must use Base64url encoding for the JWT. Standard Base64 requires three changes:
- Remove padding.
- Replace + with -.
- Replace / with _.
Your private key from Google Cloud is already in the correct format. You do not need external libraries to sign the token.
When you call the token endpoint, log the error response. Google provides specific reasons for failures, such as expired tokens or missing service accounts.
For the API call itself:
- Set the Authorization header to Bearer [token].
- Ensure your siteUrl matches your Search Console property exactly.
- Add your service account email as a user in Search Console.
This approach works best for narrow tasks like CI pipelines.
Do not use this if you need:
- Multiple Google APIs.
- Automatic token refreshes.
- Complex retry logic.
- Production server code with high complexity.
For a single CI task, 60 lines of code is better than 450 dependencies. Understanding this raw flow also makes debugging easier when libraries fail.