Unless otherwise configured, the client libraries useApplication Default Credentialsto authenticate with Google Cloud Services. While this works for most applications, in some cases you may need to override this default. You can do so by providing theUnifiedCredentialsOptionThe following example shows how to explicitly load a service account key file:
[](std::string const& keyfile) {
auto is = std::ifstream(keyfile);
is.exceptions(std::ios::badbit); // Minimal error handling in examples
auto contents = std::string(std::istreambuf_iterator<char>(is.rdbuf()), {});
auto options =
google::cloud::Options{}.set<google::cloud::UnifiedCredentialsOption>(
google::cloud::MakeServiceAccountCredentials(contents));
return google::cloud::privateca_v1::CertificateAuthorityServiceClient(
google::cloud::privateca_v1::MakeCertificateAuthorityServiceConnection(
options));
}
[[["Easy to understand","easyToUnderstand","thumb-up"],["Solved my problem","solvedMyProblem","thumb-up"],["Other","otherUp","thumb-up"]],[["Hard to understand","hardToUnderstand","thumb-down"],["Incorrect information or sample code","incorrectInformationOrSampleCode","thumb-down"],["Missing the information/samples I need","missingTheInformationSamplesINeed","thumb-down"],["Other","otherDown","thumb-down"]],["Last updated 2025-09-04 UTC."],[[["\u003cp\u003eThis page provides documentation for various versions of the C++ client library for the Private Certificate Authority (Private CA) service, with versions ranging from 2.11.0 to 2.37.0-rc (latest).\u003c/p\u003e\n"],["\u003cp\u003eThe primary focus is on how to override the default authentication credentials using the \u003ccode\u003eUnifiedCredentialsOption\u003c/code\u003e in the C++ client library when connecting to Google Cloud Services.\u003c/p\u003e\n"],["\u003cp\u003eBy providing a service account key file to the \u003ccode\u003eUnifiedCredentialsOption\u003c/code\u003e, you can explicitly define the authentication credentials instead of using the default Application Default Credentials (ADC).\u003c/p\u003e\n"],["\u003cp\u003eThe example code demonstrates loading a service account key file and using it to create a \u003ccode\u003eCertificateAuthorityServiceClient\u003c/code\u003e for authentication, and there are additional resources for best practices and managing service account keys, as well as authentication component details.\u003c/p\u003e\n"]]],[],null,["Version 2.22.1keyboard_arrow_down\n\n- [2.42.0-rc (latest)](/cpp/docs/reference/privateca/latest/privateca-override-authentication)\n- [2.41.0](/cpp/docs/reference/privateca/2.41.0/privateca-override-authentication)\n- [2.40.0](/cpp/docs/reference/privateca/2.40.0/privateca-override-authentication)\n- [2.39.0](/cpp/docs/reference/privateca/2.39.0/privateca-override-authentication)\n- [2.38.0](/cpp/docs/reference/privateca/2.38.0/privateca-override-authentication)\n- [2.37.0](/cpp/docs/reference/privateca/2.37.0/privateca-override-authentication)\n- [2.36.0](/cpp/docs/reference/privateca/2.36.0/privateca-override-authentication)\n- [2.35.0](/cpp/docs/reference/privateca/2.35.0/privateca-override-authentication)\n- [2.34.0](/cpp/docs/reference/privateca/2.34.0/privateca-override-authentication)\n- [2.33.0](/cpp/docs/reference/privateca/2.33.0/privateca-override-authentication)\n- [2.32.0](/cpp/docs/reference/privateca/2.32.0/privateca-override-authentication)\n- [2.31.0](/cpp/docs/reference/privateca/2.31.0/privateca-override-authentication)\n- [2.30.0](/cpp/docs/reference/privateca/2.30.0/privateca-override-authentication)\n- [2.29.0](/cpp/docs/reference/privateca/2.29.0/privateca-override-authentication)\n- [2.28.0](/cpp/docs/reference/privateca/2.28.0/privateca-override-authentication)\n- [2.27.0](/cpp/docs/reference/privateca/2.27.0/privateca-override-authentication)\n- [2.26.0](/cpp/docs/reference/privateca/2.26.0/privateca-override-authentication)\n- [2.25.1](/cpp/docs/reference/privateca/2.25.1/privateca-override-authentication)\n- [2.24.0](/cpp/docs/reference/privateca/2.24.0/privateca-override-authentication)\n- [2.23.0](/cpp/docs/reference/privateca/2.23.0/privateca-override-authentication)\n- [2.22.1](/cpp/docs/reference/privateca/2.22.1/privateca-override-authentication)\n- [2.21.0](/cpp/docs/reference/privateca/2.21.0/privateca-override-authentication)\n- [2.20.0](/cpp/docs/reference/privateca/2.20.0/privateca-override-authentication)\n- [2.19.0](/cpp/docs/reference/privateca/2.19.0/privateca-override-authentication)\n- [2.18.0](/cpp/docs/reference/privateca/2.18.0/privateca-override-authentication)\n- [2.17.0](/cpp/docs/reference/privateca/2.17.0/privateca-override-authentication)\n- [2.16.0](/cpp/docs/reference/privateca/2.16.0/privateca-override-authentication)\n- [2.15.1](/cpp/docs/reference/privateca/2.15.1/privateca-override-authentication)\n- [2.14.0](/cpp/docs/reference/privateca/2.14.0/privateca-override-authentication)\n- [2.13.0](/cpp/docs/reference/privateca/2.13.0/privateca-override-authentication)\n- [2.12.0](/cpp/docs/reference/privateca/2.12.0/privateca-override-authentication)\n- [2.11.0](/cpp/docs/reference/privateca/2.11.0/privateca-override-authentication) \n\nHow to Override the Authentication Credentials\n==============================================\n\nUnless otherwise configured, the client libraries use [Application Default Credentials](https://cloud.google.com/docs/authentication#adc) to authenticate with Google Cloud Services. While this works for most applications, in some cases you may need to override this default. You can do so by providing the [UnifiedCredentialsOption](https://cloud.google.com/cpp/docs/reference/common/latest/structgoogle_1_1cloud_1_1UnifiedCredentialsOption.html) The following example shows how to explicitly load a service account key file: \n\n [](std::string const& keyfile) {\n auto is = std::ifstream(keyfile);\n is.exceptions(std::ios::badbit); // Minimal error handling in examples\n auto contents = std::string(std::istreambuf_iterator\u003cchar\u003e(is.rdbuf()), {});\n auto options =\n google::cloud::Options{}.set\u003cgoogle::cloud::UnifiedCredentialsOption\u003e(\n google::cloud::MakeServiceAccountCredentials(contents));\n return google::cloud::privateca_v1::CertificateAuthorityServiceClient(\n google::cloud::privateca_v1::MakeCertificateAuthorityServiceConnection(\n options));\n }\n\nKeep in mind that we chose this as an example because it is relatively easy to understand. Consult the [Best practices for managing service account keys](https://cloud.google.com/iam/docs/best-practices-for-managing-service-account-keys) guide for more details.\n\n###### See Also\n\n[Authentication Components](https://cloud.google.com/cpp/docs/reference/common/latest/group__guac.html) - for more information on the factory functions to create [`google::cloud::Credentials`](https://cloud.google.com/cpp/docs/reference/common/latest/classgoogle_1_1cloud_1_1Credentials.html) objects."]]
