— Web Development — 1 min read
Google has instructions on how to authenticate with a service account, but the current documentation only explains how to do it with a key file. Is there any way to authenticate using the more familiar method of using project environment variables? Yes!
The Google Cloud docs recommend downloading your service account key as a JSON file and either setting the file path in a system-level environment variable or passing the filename into the instantiation of the Google Cloud class you are using.
However rather than assuming a key file will exist in some location on the server, I think it is a cleaner solution to set the credentials as environment variables and explicitly reference them in the code.
Not to mention I couldn't get this "recommended" method to work 🙄. I was getting the following errors:
1ERROR: Error: Could not load the default credentials. Browse to https://cloud.google.com/docs/authentication/getting-started for more information.
Thankfully the alternative is quite simple (although not well documented):
Open the service account JSON credentials file and grab the following: project_id
, client_email
, and private_key
.
Set them as project environment variables (I'm using Next.js's .env.local file), and instantiate the Storage class as follows:
1const {Storage} = require('@google-cloud/storage');2const storage = new Storage({3 projectId: project_id4 credentials: {5 client_email,6 private_key,7 }8});
Note that projectId
is the only field name that is camelCase.
I tested it with the getBuckets example, and voila! Successful API call 🎉.
Tested with Node.js 14.15.0
and @google-cloud/storage@5.5.0
.