I wanted to create an account to new google vision api to possibly integrate its service in the app http://www.openbricks.io I am working on.
But the form to have access to this new api ask for an account on Google Cloud platform, it is my case, but also a mystical Google Cloud platform user account Id, I cannot find no where Google Cloud help is a real maze and to have support we need to pay.
Is anyone using Google Cloud Platform? And know how to get this id ?
It is simply the email address you're using for Google Cloud Platform.
To use the Google Cloud Platform, you create a project, which handles billing, team access, API configuration and the like - all api calls and such will be associated with a project. Those projects have an id, which I think is what you're referring to.
In brief: you create a project by creating it in the Google Cloud Console. Once you've created a project, there should be a field in the UI that specifies the project id.
Related
When we migrate from the SafetyNet Api to Google Play Integrity Api we need link a PlayStore application to the Google Cloud Project in the Google Play console.
For existing on production application should it be the same google cloud project in which safetyet's keys were created? Or can it be different/new Google Cloud project and it will not affect the existing clients? Does it matter which account I will link? What should I do if I lost the account which originally was used to created the SafetyNet API keys?
I search through Google's documentation but I have not found any information about this matter. I also have not used increased api usage quota.
Those two API's are not dependent on each other.
I've tried same application with two different Google Cloud projects and got the same token response. So I believe the answer is yes - you can link a new Google Cloud Project to your application.
I am trying to publish my Android app to our company's Play Store.
On Google API access page
I am trying to create new service account. It does not work.
You are missing at least one of the following required permissions:
Project
orgpolicy.policy.get resourcemanager.projects.get Check that the
folder, organization, and project IDs are valid and you have
permissions to access them
My GCP shows myname#github.com google account.
On the other side,Google API(Google Play Console) shows MYCOMPNAY Team account.
How to solve this IAM problem?
I'll do my best to answer but the question lacks some detail.
As the error describes, service accounts are a distinct type of credential used by Google that are intended to be used by software (rather than humans) for interacting with Google services. It makes some sense (though I'm unfamiliar with the Play process) that you'd need to use service accounts rather than human accounts with this service.
Unlike, regular (human) accounts (e.g. yourname#github.com), service accounts are owned by Google projects. When you create a service account, you'll need to scope the account to an existing Google project.
Google provides various Consoles for different services. I'm most familiar with Google Cloud Platform (GCP) and so I would create projects and service accounts using GCP's CLI (Cloud SDK aka gcloud) or https://console.cloud.google.com. Are you using something similar?
Unfortunately, I think, Google's tools scope projects (even though these are universal Google resources) to specific platforms (Cloud, Firebase, Apps etc.) and so you may not be able to see all your projects via the e.g. Cloud Console.
So....
If you have a Play (!?) Console, there should be a mechanism to list|create projects. If you haven't already, created a project to own your service account. Then the tool should provide a mechanism to create a service account. Do so under that projects. Lastly, you'll need to grant the service account permissions so that it can do what you need it to do (e.g. publish your app).
If you add more details to your question, I may be able to help.
NOTE One distinction between human (e.g. yourname#github.com as a Google account) and a service account is that human accounts using 3-legged OAuth while service accounts use 2-legged OAuth. This is because the service account is not able to interact with OAuth prompts as a human user would and it is often a good "tell" when you need to use a human vs. a service account.
See:
Google Play: (API) Projects and Service Accounts
Understanding Service Accounts
Using OAuth for Server-to-Server apps
I've been reading the Google Cloud documentation and can't exactly figure out what the difference between these two are. I know that both of them are automatically created in GCP, but I really don't know much more.
You aren't alone, and that's why google has started a new video series on this topic. To summarize,
The Google managed service account are account created on Google side (managed by Google, you can't delete them) but that you can grant on your project to allow them to perform actions. They are also named service agent. They are used when you used serverless product, such as Cloud Build for example, or Cloud Run (to pull the image, not to run the instance)
The default service account (mainly Compute Engine default service account and App Engine default service account) are service account created automatically in YOUR project (so managed by you, you can delete them if you want) when you activate some APIs. They are used by default when you create some service's instance.
I am using two different Google accounts for Google Developer and Google Cloud Services. I have a live Android app and now I want enable real-time-notifications for monetisation. Is there any way that I can link my Google Developer account to Google Cloud Services Account So I can integrate Pub/Sub service?
If I understand correctly this you could use Cloud IAM and give needed roles Developer account. So you can give ex. Project Owner rights to your Google Developer account and than this account can control the project as the owner.
But I don't think you need project owner for Pub/Sub integration. Please check this document that shows such process.
As well there is possibility to merge accounts via Google Workspace Support, however again I don't think this is needed to integrate pub/sub.
I want to create a user account for contacting developers using their own email addresses, not a new Gmail user in my account. Google Cloud Platform seems to let me create the users, but they never receive an email and hence can't complete the account creation.
As it happens, they are Google Docs users with their own Google accounts, but naturally they'd rather not have yet another email address. Is this even possible or does Google tie Google Cloud Platform into Google Docs? It seems a major limitation of Google Cloud Platform if they do.
Google Cloud Platform, G Suite (formerly "Google Docs") and all other Google services share an identity system. The identity system requires humans to have user accounts while software|machines have service accounts. One Google user account equals one user.
There are 2 flavors of (Google) user accounts: [your-name]#gmail.com and those created by an organization for its users someone#acme.com. For example, Google uses Google identity internally and so Googlers have emails [their-name]#google.com.
When you create a Google Cloud Platform project, anyone with a Google account may be added to it. Whether their Google account is something#gmail.com or an account created by their employer for them.
The only time your users will receive an email from you when you add them to a Google Cloud Platform project is if you make them project owners. This is because, ownership requires acceptance of Google's Terms of Service. Other types of users will be added without receiving an email (from Google about it) but will be able to access your project's resources.
I suspect your users have been added correctly and you're ready to go!
the most simple is to share a directory with those off-domain email addresses
this is possible, because Google Docs is backed by Google Drive as storage.
setting them up with IAM would only add complexity, which is not required
(at least, unless you won't have to grant them access to GCP resources).