The googleapis npm package is the default answer for calling Google APIs from Node.js. It works, but it installs around 380KB and brings in over 450 transitive dependencies. For a single API used in a CI script — the Search Console URL Inspection API — the underlying auth flow is simple enough to handle directly. I built scripts/gsc-inspect.mjs to check index status for published URLs. It's about 60 lines, uses three Node.js built-ins ( crypto , fetch , URL ), and adds zero packages to the repo. The service account auth flow Google's service account auth follows RFC 7523 — the JWT Bearer Grant profile of OAuth2. The steps are: Construct a JWT with your service account's client_email and private key POST that JWT to https://oauth2.googleapis.com/token Receive a short-lived access token (valid 3600 seconds) Use the access token as a Bearer header on API requests The JWT claims: const claims = { iss : sa .…