How to use `subject` argument inside `gargle::token_fetch()`

[selesnow]

Hello,

I’m trying to understand how to properly use the subject argument in gargle::token_fetch().

From my understanding, the subject parameter should allow service account authorization to impersonate a real user (domain-wide delegation). However, I could not find any examples or documentation showing how to configure and use this.

Specifically, I’d like to:

• Authenticate with a service account.
• Use the subject argument to act on behalf of a specific user in the domain.
• Understand how this should be set up both in terms of Google Cloud configuration and how to call it from gargle.

Could you provide some example code or point me to relevant documentation for using subject with token_fetch()?