From my application I have to invoke external http service which uses google authentication. It works when I invoke it from browser. I found out that it happens because I have cookie which contains

GCP_IAAP_AUTH_TOKEN_<random_string>
GCP_IAP_UID 

So my cookie look like this:

cookie:    GCP_IAP_UID=111111111111; GCP_IAAP_AUTH_TOKEN_1234567891234567890B=verylongstringhere"

I tried to set this cookie directly in my restTemplate and it works properly but I expect that I have to get token based on some kind of credentials.

webClient.post()
         .uri(uploadUrl)                    
         .header("cookie", "GCP_IAP_UID=12345678901234567890; GCP_IAAP_AUTH_TOKEN_12345678907645456546B=verylongstringhere")

Could you please provide example of correct usage GCP auth ? How to update token? Based on what?

Google APIs use the OAuth 2.0 protocol for authentication and authorization

You can obtain OAuth 2.0 client credentials from the Google API Console. Then your client application requests an access token from the Google Authorization Server, extracts a token from the response, and sends the token to the Google API that you want to access.

Before your application can access private data using a Google API, it must obtain an access token that grants access to that API.

There are several ways to make this request, and they vary based on the type of application you are building. For example, a JavaScript application might request an access token using a browser redirect to Google, while an application installed on a device that has no browser uses web service requests.

I recommend you to go trough OAuth 2.0 to Access Google APIs article to choose the best method for your application, there are a couple of documented scenarios to explain how GCP uses application authentication