Hi Salman,
There are broadly two types of authorization on GCP: user accounts and service accounts. User account tokens will act on behalf of a particular end-user, and service account tokens will act on behalf of that service account. I'm not exactly sure which one is right for your application, based on the information you presented. User account tokens only need one user interaction, and then subsequent authorization tokens can be retrieved using the refresh token produced during 3-legged auth.
Hope that helps!
-Ross