CLI
Use--subject me or omit --subject:
bash
http_only secret is denied. Use HTTP Secret Proxy or MCP Secret Proxy for proxy-only credentials.
Proxy Grants
A user can grant a service account proxy access to one of their secrets:bash
OAuth Scopes
User-secret APIs require the appropriate secret OAuth scopes, such assecrets:read, secrets:write, secrets:delete, or secrets:grant.