Unless otherwise configured, the client libraries useApplication Default Credentialsto authenticate with Google Cloud Services. While this works for most applications, in some cases you may need to override this default. You can do so by providing theUnifiedCredentialsOptionThe following example shows how to explicitly load a service account key file:
[](std::string const& keyfile) {
auto is = std::ifstream(keyfile);
is.exceptions(std::ios::badbit); // Minimal error handling in examples
auto contents = std::string(std::istreambuf_iterator<char>(is.rdbuf()), {});
auto options =
google::cloud::Options{}.set<google::cloud::UnifiedCredentialsOption>(
google::cloud::MakeServiceAccountCredentials(contents));
return google::cloud::privateca_v1::CertificateAuthorityServiceClient(
google::cloud::privateca_v1::MakeCertificateAuthorityServiceConnection(
options));
}
[[["Easy to understand","easyToUnderstand","thumb-up"],["Solved my problem","solvedMyProblem","thumb-up"],["Other","otherUp","thumb-up"]],[["Hard to understand","hardToUnderstand","thumb-down"],["Incorrect information or sample code","incorrectInformationOrSampleCode","thumb-down"],["Missing the information/samples I need","missingTheInformationSamplesINeed","thumb-down"],["Other","otherDown","thumb-down"]],["Last updated 2025-09-04 UTC."],[[["\u003cp\u003eThe latest version available is 2.37.0-rc, with numerous other versions, from 2.36.0 down to 2.11.0, also accessible.\u003c/p\u003e\n"],["\u003cp\u003eThe client libraries typically authenticate using Application Default Credentials, but this can be overridden in specific cases.\u003c/p\u003e\n"],["\u003cp\u003eTo override the default authentication, you can use the \u003ccode\u003eUnifiedCredentialsOption\u003c/code\u003e, such as explicitly loading a service account key file, with an example being shown in the content.\u003c/p\u003e\n"],["\u003cp\u003eThe content provides guidance on overriding default credentials and managing service account keys, and recommends consulting the "Best practices for managing service account keys" for more details.\u003c/p\u003e\n"],["\u003cp\u003eThe "Authentication Components" link provides additional information on factory functions for creating \u003ccode\u003egoogle::cloud::Credentials\u003c/code\u003e objects.\u003c/p\u003e\n"]]],[],null,["Version 2.21.0keyboard_arrow_down\n\n- [2.42.0-rc (latest)](/cpp/docs/reference/privateca/latest/privateca-override-authentication)\n- [2.41.0](/cpp/docs/reference/privateca/2.41.0/privateca-override-authentication)\n- [2.40.0](/cpp/docs/reference/privateca/2.40.0/privateca-override-authentication)\n- [2.39.0](/cpp/docs/reference/privateca/2.39.0/privateca-override-authentication)\n- [2.38.0](/cpp/docs/reference/privateca/2.38.0/privateca-override-authentication)\n- [2.37.0](/cpp/docs/reference/privateca/2.37.0/privateca-override-authentication)\n- [2.36.0](/cpp/docs/reference/privateca/2.36.0/privateca-override-authentication)\n- [2.35.0](/cpp/docs/reference/privateca/2.35.0/privateca-override-authentication)\n- [2.34.0](/cpp/docs/reference/privateca/2.34.0/privateca-override-authentication)\n- [2.33.0](/cpp/docs/reference/privateca/2.33.0/privateca-override-authentication)\n- [2.32.0](/cpp/docs/reference/privateca/2.32.0/privateca-override-authentication)\n- [2.31.0](/cpp/docs/reference/privateca/2.31.0/privateca-override-authentication)\n- [2.30.0](/cpp/docs/reference/privateca/2.30.0/privateca-override-authentication)\n- [2.29.0](/cpp/docs/reference/privateca/2.29.0/privateca-override-authentication)\n- [2.28.0](/cpp/docs/reference/privateca/2.28.0/privateca-override-authentication)\n- [2.27.0](/cpp/docs/reference/privateca/2.27.0/privateca-override-authentication)\n- [2.26.0](/cpp/docs/reference/privateca/2.26.0/privateca-override-authentication)\n- [2.25.1](/cpp/docs/reference/privateca/2.25.1/privateca-override-authentication)\n- [2.24.0](/cpp/docs/reference/privateca/2.24.0/privateca-override-authentication)\n- [2.23.0](/cpp/docs/reference/privateca/2.23.0/privateca-override-authentication)\n- [2.22.1](/cpp/docs/reference/privateca/2.22.1/privateca-override-authentication)\n- [2.21.0](/cpp/docs/reference/privateca/2.21.0/privateca-override-authentication)\n- [2.20.0](/cpp/docs/reference/privateca/2.20.0/privateca-override-authentication)\n- [2.19.0](/cpp/docs/reference/privateca/2.19.0/privateca-override-authentication)\n- [2.18.0](/cpp/docs/reference/privateca/2.18.0/privateca-override-authentication)\n- [2.17.0](/cpp/docs/reference/privateca/2.17.0/privateca-override-authentication)\n- [2.16.0](/cpp/docs/reference/privateca/2.16.0/privateca-override-authentication)\n- [2.15.1](/cpp/docs/reference/privateca/2.15.1/privateca-override-authentication)\n- [2.14.0](/cpp/docs/reference/privateca/2.14.0/privateca-override-authentication)\n- [2.13.0](/cpp/docs/reference/privateca/2.13.0/privateca-override-authentication)\n- [2.12.0](/cpp/docs/reference/privateca/2.12.0/privateca-override-authentication)\n- [2.11.0](/cpp/docs/reference/privateca/2.11.0/privateca-override-authentication) \n\nHow to Override the Authentication Credentials\n==============================================\n\nUnless otherwise configured, the client libraries use [Application Default Credentials](https://cloud.google.com/docs/authentication#adc) to authenticate with Google Cloud Services. While this works for most applications, in some cases you may need to override this default. You can do so by providing the [UnifiedCredentialsOption](https://cloud.google.com/cpp/docs/reference/common/latest/structgoogle_1_1cloud_1_1UnifiedCredentialsOption.html) The following example shows how to explicitly load a service account key file: \n\n [](std::string const& keyfile) {\n auto is = std::ifstream(keyfile);\n is.exceptions(std::ios::badbit); // Minimal error handling in examples\n auto contents = std::string(std::istreambuf_iterator\u003cchar\u003e(is.rdbuf()), {});\n auto options =\n google::cloud::Options{}.set\u003cgoogle::cloud::UnifiedCredentialsOption\u003e(\n google::cloud::MakeServiceAccountCredentials(contents));\n return google::cloud::privateca_v1::CertificateAuthorityServiceClient(\n google::cloud::privateca_v1::MakeCertificateAuthorityServiceConnection(\n options));\n }\n\nKeep in mind that we chose this as an example because it is relatively easy to understand. Consult the [Best practices for managing service account keys](https://cloud.google.com/iam/docs/best-practices-for-managing-service-account-keys) guide for more details.\n\n###### See Also\n\n[Authentication Components](https://cloud.google.com/cpp/docs/reference/common/latest/group__guac.html) - for more information on the factory functions to create [`google::cloud::Credentials`](https://cloud.google.com/cpp/docs/reference/common/latest/classgoogle_1_1cloud_1_1Credentials.html) objects."]]
