googleapis
diff --git a/‎.github/.OwlBot.lock.yaml
+2-2 b/‎.github/.OwlBot.lock.yaml
+2-2
diff --git a/‎.github/release-trigger.yml
+1 b/‎.github/release-trigger.yml
+1
diff --git a/‎.kokoro/common.cfg
+1-1 b/‎.kokoro/common.cfg
+1-1
diff --git a/‎.kokoro/continuous/node18/common.cfg
+24 b/‎.kokoro/continuous/node18/common.cfg
+24
diff --git a/‎.kokoro/continuous/node18/lint.cfg
+4 b/‎.kokoro/continuous/node18/lint.cfg
+4
diff --git a/‎.kokoro/continuous/node18/samples-test.cfg
+12 b/‎.kokoro/continuous/node18/samples-test.cfg
+12
diff --git a/‎.kokoro/continuous/node18/system-test.cfg
+12 b/‎.kokoro/continuous/node18/system-test.cfg
+12
diff --git a/‎.kokoro/continuous/node18/test.cfg b/‎.kokoro/continuous/node18/test.cfg
diff --git a/‎.kokoro/presubmit/node18/common.cfg
+24 b/‎.kokoro/presubmit/node18/common.cfg
+24
diff --git a/‎.kokoro/presubmit/node18/samples-test.cfg
+12 b/‎.kokoro/presubmit/node18/samples-test.cfg
+12
diff --git a/‎.kokoro/presubmit/node18/system-test.cfg
+12 b/‎.kokoro/presubmit/node18/system-test.cfg
+12
diff --git a/‎.kokoro/presubmit/node18/test.cfg b/‎.kokoro/presubmit/node18/test.cfg
diff --git a/‎.kokoro/release/docs-devsite.cfg
+1-1 b/‎.kokoro/release/docs-devsite.cfg
+1-1
diff --git a/‎.kokoro/release/docs.cfg
+1-1 b/‎.kokoro/release/docs.cfg
+1-1
diff --git a/‎.kokoro/release/docs.sh
+1-1 b/‎.kokoro/release/docs.sh
+1-1
diff --git a/‎.kokoro/release/publish.cfg
+1-1 b/‎.kokoro/release/publish.cfg
+1-1
diff --git a/‎.kokoro/samples-test.sh
+4-2 b/‎.kokoro/samples-test.sh
+4-2
diff --git a/‎.kokoro/system-test.sh
+1-1 b/‎.kokoro/system-test.sh
+1-1
diff --git a/‎.kokoro/test.bat
+1-1 b/‎.kokoro/test.bat
+1-1
diff --git a/‎.kokoro/test.sh
+1-1 b/‎.kokoro/test.sh
+1-1
diff --git a/‎.kokoro/trampoline_v2.sh
+1-1 b/‎.kokoro/trampoline_v2.sh
+1-1
diff --git a/‎.readme-partials.yaml
+3-11 b/‎.readme-partials.yaml
+3-11
diff --git a/‎CHANGELOG.md
+7 b/‎CHANGELOG.md
+7
diff --git a/‎README.md
+3-11 b/‎README.md
+3-11
diff --git a/‎package.json
+1-1 b/‎package.json
+1-1
diff --git a/‎samples/package.json
+1-1 b/‎samples/package.json
+1-1
diff --git a/‎src/auth/authclient.ts
+9-1 b/‎src/auth/authclient.ts
+9-1
diff --git a/‎src/auth/awsclient.ts
+1 b/‎src/auth/awsclient.ts
+1
diff --git a/‎src/auth/awsrequestsigner.ts
+1-1 b/‎src/auth/awsrequestsigner.ts
+1-1
diff --git a/‎src/auth/baseexternalclient.ts
+6-7 b/‎src/auth/baseexternalclient.ts
+6-7
diff --git a/‎src/auth/defaultawssecuritycredentialssupplier.ts
+1-1 b/‎src/auth/defaultawssecuritycredentialssupplier.ts
+1-1
diff --git a/‎src/auth/downscopedclient.ts
+6-2 b/‎src/auth/downscopedclient.ts
+6-2
@@ -13,5 +13,5 @@
 # limitations under the License.
 docker:
   image: gcr.io/cloud-devrel-public-resources/owlbot-nodejs:latest
-  digest: sha256:609822e3c09b7a1bd90b99655904609f162cc15acb4704f1edf778284c36f429
-# created: 2024-10-01T19:34:30.797530443Z
+  digest: sha256:0d39e59663287ae929c1d4ccf8ebf7cef9946826c9b86eda7e85d8d752dbb584
+# created: 2024-11-21T22:39:44.342569463Z
@@ -1 +1,2 @@
 enabled: true
+multiScmName: google-auth-library-nodejs
@@ -13,20 +13,12 @@ body: |-
   - [Downscoped Client](#downscoped-client) - Use Downscoped Client with Credential Access Boundary to generate a short-lived credential with downscoped, restricted IAM permissions that can use for Cloud Storage.
 
   ## Application Default Credentials
-  This library provides an implementation of [Application Default Credentials](https://cloud.google.com/docs/authentication/getting-started) for Node.js. The [Application Default Credentials](https://cloud.google.com/docs/authentication/getting-started) provide a simple way to get authorization credentials for use in calling Google APIs.
 
-  They are best suited for cases when the call needs to have the same identity and authorization level for the application independent of the user. This is the recommended approach to authorize calls to Cloud APIs, particularly when you're building an application that uses Google Cloud Platform.
+  This library provides an implementation of [Application Default Credentials (ADC)](https://cloud.google.com/docs/authentication/application-default-credentials) for Node.js. ADC provides a simple way to get credentials for use in calling Google APIs. How you [set up ADC](https://cloud.google.com/docs/authentication/provide-credentials-adc) depends on the environment where your code is running.
 
-  Application Default Credentials also support workload identity federation to access Google Cloud resources from non-Google Cloud platforms including Amazon Web Services (AWS), Microsoft Azure or any identity provider that supports OpenID Connect (OIDC). Workload identity federation is recommended for non-Google Cloud environments as it avoids the need to download, manage and store service account private keys locally, see: [Workload Identity Federation](#workload-identity-federation).
+  ADC is best suited for cases when the call needs to have the same identity and authorization level for the application independent of the user. This is the recommended approach to authorize calls to Cloud APIs, particularly when you're building an application that uses Google Cloud Platform.
 
-  #### Download your Service Account Credentials JSON file
-
-  To use Application Default Credentials, You first need to download a set of JSON credentials for your project. Go to **APIs & Auth** > **Credentials** in the [Google Developers Console](https://console.cloud.google.com/) and select **Service account** from the **Add credentials** dropdown.
-
-  > This file is your *only copy* of these credentials. It should never be
-  > committed with your source code, and should be stored securely.
-
-  Once downloaded, store the path to this file in the `GOOGLE_APPLICATION_CREDENTIALS` environment variable.
+  Application Default Credentials also supports Workload Identity Federation to access Google Cloud resources from non-Google Cloud platforms including Amazon Web Services (AWS), Microsoft Azure or any identity provider that supports OpenID Connect (OIDC). Workload Identity Federation is recommended for non-Google Cloud environments as it avoids the need to download, manage and store service account private keys locally, see: [Workload Identity Federation](#workload-identity-federation).
 
   #### Enable the API you want to use
 
 
@@ -4,6 +4,13 @@
 
 [1]: https://www.npmjs.com/package/google-auth-library?activeTab=versions
 
+## [9.15.1](https://github.com/googleapis/google-auth-library-nodejs/compare/v9.15.0...v9.15.1) (2025-01-24)
+
+
+### Bug Fixes
+
+* Resolve typo in document ([#1901](https://github.com/googleapis/google-auth-library-nodejs/issues/1901)) ([12f2c87](https://github.com/googleapis/google-auth-library-nodejs/commit/12f2c87266de0a3ccd33e6b4993cab3537f9a242))
+
 ## [9.15.0](https://github.com/googleapis/google-auth-library-nodejs/compare/v9.14.2...v9.15.0) (2024-11-01)
 
 
 
@@ -57,20 +57,12 @@ This library provides a variety of ways to authenticate to your Google services.
 - [Downscoped Client](#downscoped-client) - Use Downscoped Client with Credential Access Boundary to generate a short-lived credential with downscoped, restricted IAM permissions that can use for Cloud Storage.
 
 ## Application Default Credentials
-This library provides an implementation of [Application Default Credentials](https://cloud.google.com/docs/authentication/getting-started) for Node.js. The [Application Default Credentials](https://cloud.google.com/docs/authentication/getting-started) provide a simple way to get authorization credentials for use in calling Google APIs.
 
-They are best suited for cases when the call needs to have the same identity and authorization level for the application independent of the user. This is the recommended approach to authorize calls to Cloud APIs, particularly when you're building an application that uses Google Cloud Platform.
+This library provides an implementation of [Application Default Credentials (ADC)](https://cloud.google.com/docs/authentication/application-default-credentials) for Node.js. ADC provides a simple way to get credentials for use in calling Google APIs. How you [set up ADC](https://cloud.google.com/docs/authentication/provide-credentials-adc) depends on the environment where your code is running.
 
-Application Default Credentials also support workload identity federation to access Google Cloud resources from non-Google Cloud platforms including Amazon Web Services (AWS), Microsoft Azure or any identity provider that supports OpenID Connect (OIDC). Workload identity federation is recommended for non-Google Cloud environments as it avoids the need to download, manage and store service account private keys locally, see: [Workload Identity Federation](#workload-identity-federation).
+ADC is best suited for cases when the call needs to have the same identity and authorization level for the application independent of the user. This is the recommended approach to authorize calls to Cloud APIs, particularly when you're building an application that uses Google Cloud Platform.
 
-#### Download your Service Account Credentials JSON file
-
-To use Application Default Credentials, You first need to download a set of JSON credentials for your project. Go to **APIs & Auth** > **Credentials** in the [Google Developers Console](https://console.cloud.google.com/) and select **Service account** from the **Add credentials** dropdown.
-
-> This file is your *only copy* of these credentials. It should never be
-> committed with your source code, and should be stored securely.
-
-Once downloaded, store the path to this file in the `GOOGLE_APPLICATION_CREDENTIALS` environment variable.
+Application Default Credentials also supports Workload Identity Federation to access Google Cloud resources from non-Google Cloud platforms including Amazon Web Services (AWS), Microsoft Azure or any identity provider that supports OpenID Connect (OIDC). Workload Identity Federation is recommended for non-Google Cloud environments as it avoids the need to download, manage and store service account private keys locally, see: [Workload Identity Federation](#workload-identity-federation).
 
 #### Enable the API you want to use
 
 
@@ -1,6 +1,6 @@
 {
   "name": "google-auth-library",
-  "version": "9.15.0",
+  "version": "9.15.1",
   "author": "Google Inc.",
   "description": "Google APIs Authentication Client Library for Node.js",
   "engines": {
 
@@ -16,7 +16,7 @@
     "@google-cloud/language": "^6.5.0",
     "@google-cloud/storage": "^7.0.0",
     "@googleapis/iam": "^21.0.0",
-    "google-auth-library": "^9.15.0",
+    "google-auth-library": "^9.15.1",
     "node-fetch": "^2.3.0",
     "open": "^9.0.0",
     "server-destroy": "^1.0.1"
 
@@ -17,7 +17,6 @@ import {Gaxios, GaxiosOptions, GaxiosPromise, GaxiosResponse} from 'gaxios';
 
 import {DefaultTransporter, Transporter} from '../transporters';
 import {Credentials} from './credentials';
-import {GetAccessTokenResponse, Headers} from './oauth2client';
 import {OriginalAndCamel, originalOrCamelOptions} from '../util';
 
 /**
@@ -307,3 +306,12 @@ export abstract class AuthClient
     };
   }
 }
+
+export interface Headers {
+  [index: string]: string;
+}
+
+export interface GetAccessTokenResponse {
+  token?: string | null;
+  res?: GaxiosResponse | null;
+}
@@ -18,6 +18,7 @@ import {
   BaseExternalAccountClientOptions,
   ExternalAccountSupplierContext,
 } from './baseexternalclient';
+
 import {AuthClientOptions} from './authclient';
 import {DefaultAwsSecurityCredentialsSupplier} from './defaultawssecuritycredentialssupplier';
 import {originalOrCamelOptions, SnakeToCamelObject} from '../util';
 
@@ -14,7 +14,7 @@
 
 import {GaxiosOptions} from 'gaxios';
 
-import {Headers} from './oauth2client';
+import {Headers} from './authclient';
 import {Crypto, createCrypto, fromArrayBufferToHex} from '../crypto/crypto';
 
 type HttpMethod =
 
@@ -22,9 +22,13 @@ import {
 import * as stream from 'stream';
 
 import {Credentials} from './credentials';
-import {AuthClient, AuthClientOptions} from './authclient';
+import {
+  AuthClient,
+  AuthClientOptions,
+  GetAccessTokenResponse,
+  Headers,
+} from './authclient';
 import {BodyResponseCallback, Transporter} from '../transporters';
-import {GetAccessTokenResponse, Headers} from './oauth2client';
 import * as sts from './stscredentials';
 import {ClientAuthentication} from './oauth2common';
 import {SnakeToCamelObject, originalOrCamelOptions} from '../util';
@@ -69,11 +73,6 @@ const DEFAULT_TOKEN_URL = 'https://sts.{universeDomain}/v1/token';
 // eslint-disable-next-line @typescript-eslint/no-var-requires
 const pkg = require('../../../package.json');
 
-/**
- * For backwards compatibility.
- */
-export {DEFAULT_UNIVERSE} from './authclient';
-
 /**
  * Shared options used to build {@link ExternalAccountClient} and
  * {@link ExternalAccountAuthorizedUserClient}.
 
@@ -17,7 +17,7 @@ import {Gaxios, GaxiosOptions} from 'gaxios';
 import {Transporter} from '../transporters';
 import {AwsSecurityCredentialsSupplier} from './awsclient';
 import {AwsSecurityCredentials} from './awsrequestsigner';
-import {Headers} from './oauth2client';
+import {Headers} from './authclient';
 
 /**
  * Interface defining the AWS security-credentials endpoint response.
 
@@ -22,9 +22,13 @@ import * as stream from 'stream';
 
 import {BodyResponseCallback} from '../transporters';
 import {Credentials} from './credentials';
-import {AuthClient, AuthClientOptions} from './authclient';
+import {
+  AuthClient,
+  AuthClientOptions,
+  GetAccessTokenResponse,
+  Headers,
+} from './authclient';
 
-import {GetAccessTokenResponse, Headers} from './oauth2client';
 import * as sts from './stscredentials';
 
 /**
Original file line number	Diff line number	Diff line change
`@@ -1 +1,2 @@`
`1`	`1`	`enabled: true`
	`2`	`+multiScmName: google-auth-library-nodejs`
Original file line number	Diff line number	Diff line change
`@@ -1,6 +1,6 @@`
`1`	`1`	`{`
`2`	`2`	`"name": "google-auth-library",`
`3`		`- "version": "9.15.0",`
	`3`	`+ "version": "9.15.1",`
`4`	`4`	`"author": "Google Inc.",`
`5`	`5`	`"description": "Google APIs Authentication Client Library for Node.js",`
`6`	`6`	`"engines": {`