Unless otherwise configured, the client libraries useApplication Default Credentialsto authenticate with Google Cloud Services. While this works for most applications, in some cases you may need to override this default. You can do so by providing theUnifiedCredentialsOptionThe following example shows how to explicitly load a service account key file:
[](std::string const& keyfile) {
auto is = std::ifstream(keyfile);
is.exceptions(std::ios::badbit); // Minimal error handling in examples
auto contents = std::string(std::istreambuf_iterator<char>(is.rdbuf()), {});
auto options =
google::cloud::Options{}.set<google::cloud::UnifiedCredentialsOption>(
google::cloud::MakeServiceAccountCredentials(contents));
return google::cloud::privateca_v1::CertificateAuthorityServiceClient(
google::cloud::privateca_v1::MakeCertificateAuthorityServiceConnection(
options));
}
[[["Easy to understand","easyToUnderstand","thumb-up"],["Solved my problem","solvedMyProblem","thumb-up"],["Other","otherUp","thumb-up"]],[["Hard to understand","hardToUnderstand","thumb-down"],["Incorrect information or sample code","incorrectInformationOrSampleCode","thumb-down"],["Missing the information/samples I need","missingTheInformationSamplesINeed","thumb-down"],["Other","otherDown","thumb-down"]],["Last updated 2025-09-04 UTC."],[[["\u003cp\u003eThe webpage provides documentation for various versions of a C++ library, ranging from version 2.11.0 to the latest release candidate, 2.37.0-rc.\u003c/p\u003e\n"],["\u003cp\u003eThe content primarily addresses how to override the default authentication credentials used by the client libraries when interacting with Google Cloud Services.\u003c/p\u003e\n"],["\u003cp\u003eThe default authentication mechanism is Application Default Credentials, but the \u003ccode\u003eUnifiedCredentialsOption\u003c/code\u003e allows for explicit credential specification, like loading a service account key file.\u003c/p\u003e\n"],["\u003cp\u003eThe provided code example demonstrates the process of overriding the default authentication by reading the contents of a service account key file and creating a \u003ccode\u003eUnifiedCredentialsOption\u003c/code\u003e with it.\u003c/p\u003e\n"],["\u003cp\u003eThe documentation recommends consulting the "Best practices for managing service account keys" guide for more information and also references the "Authentication Components" for details on factory functions for credentials objects.\u003c/p\u003e\n"]]],[],null,["Version 2.34.0keyboard_arrow_down\n\n- [2.42.0-rc (latest)](/cpp/docs/reference/privateca/latest/privateca-override-authentication)\n- [2.41.0](/cpp/docs/reference/privateca/2.41.0/privateca-override-authentication)\n- [2.40.0](/cpp/docs/reference/privateca/2.40.0/privateca-override-authentication)\n- [2.39.0](/cpp/docs/reference/privateca/2.39.0/privateca-override-authentication)\n- [2.38.0](/cpp/docs/reference/privateca/2.38.0/privateca-override-authentication)\n- [2.37.0](/cpp/docs/reference/privateca/2.37.0/privateca-override-authentication)\n- [2.36.0](/cpp/docs/reference/privateca/2.36.0/privateca-override-authentication)\n- [2.35.0](/cpp/docs/reference/privateca/2.35.0/privateca-override-authentication)\n- [2.34.0](/cpp/docs/reference/privateca/2.34.0/privateca-override-authentication)\n- [2.33.0](/cpp/docs/reference/privateca/2.33.0/privateca-override-authentication)\n- [2.32.0](/cpp/docs/reference/privateca/2.32.0/privateca-override-authentication)\n- [2.31.0](/cpp/docs/reference/privateca/2.31.0/privateca-override-authentication)\n- [2.30.0](/cpp/docs/reference/privateca/2.30.0/privateca-override-authentication)\n- [2.29.0](/cpp/docs/reference/privateca/2.29.0/privateca-override-authentication)\n- [2.28.0](/cpp/docs/reference/privateca/2.28.0/privateca-override-authentication)\n- [2.27.0](/cpp/docs/reference/privateca/2.27.0/privateca-override-authentication)\n- [2.26.0](/cpp/docs/reference/privateca/2.26.0/privateca-override-authentication)\n- [2.25.1](/cpp/docs/reference/privateca/2.25.1/privateca-override-authentication)\n- [2.24.0](/cpp/docs/reference/privateca/2.24.0/privateca-override-authentication)\n- [2.23.0](/cpp/docs/reference/privateca/2.23.0/privateca-override-authentication)\n- [2.22.1](/cpp/docs/reference/privateca/2.22.1/privateca-override-authentication)\n- [2.21.0](/cpp/docs/reference/privateca/2.21.0/privateca-override-authentication)\n- [2.20.0](/cpp/docs/reference/privateca/2.20.0/privateca-override-authentication)\n- [2.19.0](/cpp/docs/reference/privateca/2.19.0/privateca-override-authentication)\n- [2.18.0](/cpp/docs/reference/privateca/2.18.0/privateca-override-authentication)\n- [2.17.0](/cpp/docs/reference/privateca/2.17.0/privateca-override-authentication)\n- [2.16.0](/cpp/docs/reference/privateca/2.16.0/privateca-override-authentication)\n- [2.15.1](/cpp/docs/reference/privateca/2.15.1/privateca-override-authentication)\n- [2.14.0](/cpp/docs/reference/privateca/2.14.0/privateca-override-authentication)\n- [2.13.0](/cpp/docs/reference/privateca/2.13.0/privateca-override-authentication)\n- [2.12.0](/cpp/docs/reference/privateca/2.12.0/privateca-override-authentication)\n- [2.11.0](/cpp/docs/reference/privateca/2.11.0/privateca-override-authentication) \n\nHow to Override the Authentication Credentials\n==============================================\n\nUnless otherwise configured, the client libraries use [Application Default Credentials](https://cloud.google.com/docs/authentication#adc) to authenticate with Google Cloud Services. While this works for most applications, in some cases you may need to override this default. You can do so by providing the [UnifiedCredentialsOption](https://cloud.google.com/cpp/docs/reference/common/latest/structgoogle_1_1cloud_1_1UnifiedCredentialsOption.html) The following example shows how to explicitly load a service account key file: \n\n [](std::string const& keyfile) {\n auto is = std::ifstream(keyfile);\n is.exceptions(std::ios::badbit); // Minimal error handling in examples\n auto contents = std::string(std::istreambuf_iterator\u003cchar\u003e(is.rdbuf()), {});\n auto options =\n google::cloud::Options{}.set\u003cgoogle::cloud::UnifiedCredentialsOption\u003e(\n google::cloud::MakeServiceAccountCredentials(contents));\n return google::cloud::privateca_v1::CertificateAuthorityServiceClient(\n google::cloud::privateca_v1::MakeCertificateAuthorityServiceConnection(\n options));\n }\n\nKeep in mind that we chose this as an example because it is relatively easy to understand. Consult the [Best practices for managing service account keys](https://cloud.google.com/iam/docs/best-practices-for-managing-service-account-keys) guide for more details.\n\n###### See Also\n\n[Authentication Components](https://cloud.google.com/cpp/docs/reference/common/latest/group__guac.html) - for more information on the factory functions to create [`google::cloud::Credentials`](https://cloud.google.com/cpp/docs/reference/common/latest/classgoogle_1_1cloud_1_1Credentials.html) objects."]]
