I have a cloud function I want to call from a rails app that is currently running on Heroku. I have a service account set up for the rails app, and the could function is deployed and triggered by HTTP request. I want to limit invocations of the cloud function to the rails app, and was planning to use server-to-server 2-legged OAuth 2.0 following this documentation from google.
When I'm setting up the service account though, I need to supply a scope. According to the list of available scopes the only scope referring to Cloud Functions allows management of the cloud function, whereas I want a scope to cover invocation only.
The language used in the docs refers to scopes being used to define access to Google APIs.
- Does my cloud function qualify as a google API in this sense?
- Otherwise, since scopes are URLs, could I just supply the URL of my cloud function as a scope?