Google Service Account Key Rotation Workflow

In some cases, you might want to rotate the Google Service account key to invalidate it and create a new key in its place.

The key should be invalidated, and a new one should be generated to avoid security issues.

Note that the service account key data is sensitive information and should not be sent through insecure channels like (e.g. email): we provide a secure link for this, please submit a request if you do not have the Secure Link

  • Open the Google Cloud Console
  • Navigate to “APIs & Services” → “Credentials” 
  • Under “Service Accounts,” click on the service account, created for Google Play Service Account (would contain the letters pc-api...)
  • Navigate to the “Keys” tab to delete the compromised key, and click the(trash bin) icon next to the key entry
  • From the same page, click the “Add Key” button to create a new key, 

This new JSON key file should be shared with us via the secure link only by selecting the file type ‘Android Google Play Service Account Auth JSON.’



Let the Support Team know once the new JSON key has been successfully uploaded.

If you need any help with the process, please contact us; we will be happy to assist you.