Hey Jason,
You can use
gcloud auth activate-service-account --key-file KEY_FILE on systems outside Compute Engine (GCE), and the usual
gcloud source repos branch of the command for GCE machines, as described in
this Stack Overflow answer. This is the recommended way, although if you wanted to inspect your local system to find the token after gcloud auth and attempt to formulate raw HTTP requests, you could, just be aware that oauth2 bearer tokens are secrets and should be secured well in transit.
Sincerely,
Nick
Cloud Platform Community Support