Suggestion: Support BigQuery Service Account

The current implementation of the BigQuery connector relies on a specific user’s OAUTH. This means that all actions are performed on that user. While less important for a single or a couple of users, on bigger implementation it posses a few potential issues, all of which can be avoided using a service account:

  • If the OAuth expires, no one will have access to the datasource; using a service account there is not need for user consent
  • If any permission changes occur on the user for other reasons (user no longer in the company), the datasource will not be accessible
  • Currently, any and all queries run through metabase appear on that users’ query history; this might be a nuisance as the history is limited, and some BQ users rely on the query history to re-run queries (not the best habit, I agree)

I would like to also request that it be possible to authenticate via a service account. Has there been any further discussion on adding this?

I would recommend you go over to github and up-vote the issue:

1 Like