I have an application that authenticates as service account S1, I'd like to retrieve some information regarding Google Workspace using domain-wide delegation.

In order to do so, I have another service account S2 to which domain-wide authority can be delegated.

I'd like to have S1 impersonate S2 (already have the "Service Account Token Creator role" on S1) and use it to retrieve info.
Currently, ImpersonatedCredential does not support domain-wide delegation hence I can't use S1 to retrieve the information.

Unfortunately In my scenario, I can't use S2 directly, I've tried looking for a way around it but couldn't come up with anything...

Adding such support would solve my case and might help others who might need to use such an approach.