Service Accounts

A service account is a special kind of account typically used by an application or compute workload, such as a Compute Engine instance, rather than a person. A service account is identified by its email address, which is unique to the account.

Applications use service accounts to make

authorized API calls⁠

by authenticating as either the service account itself, or as Google Workspace or Cloud Identity users through

domain-wide delegation⁠

. When an application authenticates as a service account, it has access to all resources that the service account has permission to access.

⁠

Want to print your doc?
This is not the way.

Try clicking the ⋯ next to your doc name or using a keyboard shortcut (

CtrlP

) instead.