Skip to content

Instantly share code, notes, and snippets.

@voscausa

voscausa/GAE sdk service accounts.md

Created February 7, 2016 14:40
Show Gist options
  • Save voscausa/4e63701da30d0c3870d2 to your computer and use it in GitHub Desktop.
Save voscausa/4e63701da30d0c3870d2 to your computer and use it in GitHub Desktop.
Download ZIP
Using service accounts in the appengine development server / SDK
Raw
GAE sdk service accounts.md

Using service accounts in the appengine development server / SDK

Service accounts make it very easy to authorize appengine requests to other Google APIs and services.

To use a service account in the appengine SDK, you have to add two undocumented options when you run the development server:

  1. --appidentity_email_address=<SERVICE_ACCOUNT_EMAIL_ADDRESS>
  2. --appidentity_private_key_path=<PEM_KEY_PATH>

More info in this request for documentation issue

You can create or find the service account in the developers console permissions section of your appengine cloud project.
And you can create and download a p12 key for the service account.

Use OpenSSL to convert this p12 key in a RSA pem key.
I used this OpenSSL installer for Windows.

To create the pem key file use:

openssl pkcs12 -in <P12_KEY_PATH> -nocerts -nodes -passin pass:notasecret | openssl rsa -out <PEM_KEY_PATH>

Examples of using service accounts and Google Cloud Storage

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment