Generating Google Wallet REST API authentication credentials
Stay organized with collections
Save and categorize content based on your preferences.
Google Wallet offers a REST API that lets you create and manage passes by
sending requests to the Google Wallet API over HTTP. This is useful for those who
want to build server-side services to work with passes programmatically.
To use the Google Wallet REST API, you must enable the API in the Google Cloud console,
create a Google Cloud service account, then generate a key for the service account.
When you create passes with the REST API, the service account key used to sign your
JSON Web Token-encoded Passes Objects.
For other operations, such as updating or deleting passes, the service account key
is sent with the request to authenticate you as the Pass Issuer.
1. Enable the Google Wallet REST API
To enable the Google Wallet REST API, do the following:
If you don't already have a Google Cloud account, go to the Google Cloud console
and follow the steps to register for a new account.
From the project drop-down menu at the top of the console, select the Google
Cloud project you want to use, or create a new one.
Click the 'Enable' button. In a few moments, the Google Wallet REST API will be
available for the selected Google Cloud project.
2. Generate a Google Cloud service account key
To authenticate requests to the Google Wallet REST API, you'll need to create a
service account, and generate a service account key by doing the following:
Fill in the service account details. Note the email address for the service
account that appears below the 'Service account ID' field. You will need this later
when you use the service account to authenticate your requests to the Google Wallet
REST API.
Click the 'DONE' button. There is no need to complete the other service account
creation steps.
Click the 'KEYS' menu item at the top of the page.
Click the 'ADD KEY' drop-down menu, then click 'Create new key'.
Select key type 'JSON'.
Click 'CREATE' to create and download the service account key.
3. Authorize your service account in the Google Wallet console
To authenticate your requests to the Google Wallet REST API using a service account
key, you must add the email address of your service account as a user to your
Issuer account. To add your service account as a user, do the following:
In the 'Access level' drop-down, select 'Developer'.
Click the 'Invite' button.
Once your service account is added, you can use any service account keys generated
for it to authenticate requests to the Google Wallet REST API. When using service
account keys, keep in mind that these are highly sensitive credentials that
should only be used in secure, server-side environments.
[[["Easy to understand","easyToUnderstand","thumb-up"],["Solved my problem","solvedMyProblem","thumb-up"],["Other","otherUp","thumb-up"]],[["Missing the information I need","missingTheInformationINeed","thumb-down"],["Too complicated / too many steps","tooComplicatedTooManySteps","thumb-down"],["Out of date","outOfDate","thumb-down"],["Samples / code issue","samplesCodeIssue","thumb-down"],["Other","otherDown","thumb-down"]],["Last updated 2025-08-14 UTC."],[[["\u003cp\u003eGoogle Wallet's REST API enables programmatic management of passes via HTTP requests.\u003c/p\u003e\n"],["\u003cp\u003eTo use the API, you must enable it in Google Cloud Console, create a service account, and generate a key.\u003c/p\u003e\n"],["\u003cp\u003eThe service account key is used for authentication and signing JSON Web Token-encoded Passes Objects.\u003c/p\u003e\n"],["\u003cp\u003eFor security, store and use service account keys in secure, server-side environments.\u003c/p\u003e\n"]]],["The Google Wallet REST API allows programmatic pass management via HTTP requests. To use it, enable the API in the Google Cloud console, create a service account, and generate a JSON key. This key is used to sign JSON Web Token-encoded Pass Objects for creation and authenticates requests for updates or deletions. Finally, authorize the service account by adding its email as a 'Developer' user in the Google Pay & Wallet console. This process enables secure, server-side interaction with the Google Wallet.\n"],null,["Google Wallet offers a REST API that lets you create and manage passes by\nsending requests to the Google Wallet API over HTTP. This is useful for those who\nwant to build server-side services to work with passes programmatically.\n\nTo use the Google Wallet REST API, you must enable the API in the Google Cloud console,\ncreate a Google Cloud service account, then generate a key for the service account.\n\nWhen you create passes with the REST API, the service account key used to sign your\nJSON Web Token-encoded Passes Objects.\n\nFor other operations, such as updating or deleting passes, the service account key\nis sent with the request to authenticate you as the Pass Issuer.\n\n1. Enable the Google Wallet REST API \n\nTo enable the Google Wallet REST API, do the following:\n\n1. If you don't already have a Google Cloud account, go to the [Google Cloud console](https://console.cloud.google.com) and follow the steps to register for a new account.\n2. From the project drop-down menu at the top of the console, select the Google Cloud project you want to use, or create a new one.\n3. Go to the [Google Wallet API product details page](https://console.cloud.google.com/apis/library/walletobjects.googleapis.com) in the Google Cloud console Marketplace.\n4. Click the 'Enable' button. In a few moments, the Google Wallet REST API will be available for the selected Google Cloud project.\n\n2. Generate a Google Cloud service account key \n\nTo authenticate requests to the Google Wallet REST API, you'll need to create a\nservice account, and generate a service account key by doing the following:\n\n1. Go to the ['Create service account' page](https://console.cloud.google.com/iam-admin/serviceaccounts/create) in the Google Cloud console.\n2. Fill in the service account details. Note the email address for the service account that appears below the 'Service account ID' field. You will need this later when you use the service account to authenticate your requests to the Google Wallet REST API.\n3. Click the 'DONE' button. There is no need to complete the other service account creation steps.\n4. Click the 'KEYS' menu item at the top of the page.\n5. Click the 'ADD KEY' drop-down menu, then click 'Create new key'.\n6. Select key type 'JSON'.\n7. Click 'CREATE' to create and download the service account key.\n\n3. Authorize your service account in the Google Wallet console \n\nTo authenticate your requests to the Google Wallet REST API using a service account\nkey, you must add the email address of your service account as a user to your\nIssuer account. To add your service account as a user, do the following:\n\n1. Go to the ['Service accounts'](https://console.cloud.google.com/iam-admin/serviceaccounts) page in the Google Cloud console.\n2. Copy the email address of the service account you want to use to authenticate your requests to the Google Wallet API.\n3. Go to the [Google Pay \\& Wallet console](https://pay.google.com/business/console/).\n4. In the left nav, click 'Users'.\n5. Click 'Invite a user'.\n6. Input the email address of your service account.\n7. In the 'Access level' drop-down, select 'Developer'.\n8. Click the 'Invite' button.\n\nOnce your service account is added, you can use any service account keys generated\nfor it to authenticate requests to the Google Wallet REST API. When using service\naccount keys, keep in mind that these are highly sensitive credentials that\nshould only be used in secure, server-side environments."]]
