Who do these Google (JSON file) credentials belong to?

Earlier today I spotted in my downloads folder a JSON file that looks suspiciously like a set of credentials for a Google service account:

  "type": "service_account",
  "project_id": "...",
  "private_key_id": "...",
  "private_key": "-----BEGIN PRIVATE KEY-----\nMIIE...",
  "client_email": "...",
  "client_id": "...",
  "auth_uri": "https://accounts.google.com/o/oauth2/auth",
  "token_uri": "https://accounts.google.com/o/oauth2/token",
  "auth_provider_x509_cert_url": "https://www.googleapis.com/oauth2/v1/certs",
  "client_x509_cert_url": "..."

I wondered whether they were still active, so hacked together this little Go script:

package main

import (


func main() {
	ctx := context.Background()
	data, err := os.ReadFile("creds.json")
	if err != nil {
	creds, err := google.CredentialsFromJSON(ctx, data, "openid")
	if err != nil {

	client := oauth2.NewClient(ctx, creds.TokenSource)
	if client == nil {
		log.Fatal("Couldn't construct an oauth2.NewClient")

	resp, err := client.Get("https://www.googleapis.com/oauth2/v3/tokeninfo")
	if err != nil {
	defer resp.Body.Close()

	body, err := io.ReadAll(resp.Body)
	if err != nil {

	fmt.Printf("Successfully authenticated with credentials: \n%s", body)

This allows us to authenticate as the service account, and if the credentials are still valid, we'll see a response from Google to show the issued token's claims.

Written by Jamie Tanna's profile image Jamie Tanna on , and last updated on .

Content for this article is shared under the terms of the Creative Commons Attribution Non Commercial Share Alike 4.0 International, and code is shared under the Apache License 2.0.

#blogumentation #google.

This post was filed under articles.

Interactions with this post

Interactions with this post

Below you can find the interactions that this page has had using WebMention.

Have you written a response to this post? Let me know the URL:

Do you not have a website set up with WebMention capabilities? You can use Comment Parade.