Authenticate requests to the Google Wallet API

Requests to the Google Wallet API must be authenticated so that the Wallet API can identify that the request is being made by your application.

Before you begin, ensure you have properly generated and registered your credentials for the Google Wallet REST API and Google Wallet Android SDK.

Google Wallet REST API requests

Request to the Google Wallet REST API are authenticated using a Google Wallet REST API Google Cloud service account key to obtain an access token.

The Google API Client Libraries handle authentication and making API requests. Make sure you install the library for your preferred programming language, which the following examples use.

First, perform the necessary library imports and define some variables for the service account JSON, and IDs for the issuer, class, unique user and object that will be saved.

import com.auth0.jwt.JWT;
import com.auth0.jwt.algorithms.Algorithm;
import com.google.api.client.googleapis.batch.BatchRequest;
import com.google.api.client.googleapis.batch.json.JsonBatchCallback;
import com.google.api.client.googleapis.javanet.GoogleNetHttpTransport;
import com.google.api.client.googleapis.json.GoogleJsonError;
import com.google.api.client.googleapis.json.GoogleJsonResponseException;
import com.google.api.client.http.*;
import com.google.api.client.json.gson.GsonFactory;
import com.google.api.services.walletobjects.*;
import com.google.api.services.walletobjects.model.*;
import com.google.auth.http.HttpCredentialsAdapter;
import com.google.auth.oauth2.GoogleCredentials;
import com.google.auth.oauth2.ServiceAccountCredentials;
import java.io.*;
import java.security.interfaces.RSAPrivateKey;
import java.util.*;

/** Demo class for creating and managing Flights in Google Wallet. */
public class DemoFlight {
  /**
   * Path to service account key file from Google Cloud Console. Environment variable:
   * GOOGLE_APPLICATION_CREDENTIALS.
   */
  public static String keyFilePath;

  /** Service account credentials for Google Wallet APIs. */
  public static GoogleCredentials credentials;

  /** Google Wallet service client. */
  public static Walletobjects service;

  public DemoFlight() throws Exception {
    keyFilePath =
        System.getenv().getOrDefault("GOOGLE_APPLICATION_CREDENTIALS", "/path/to/key.json");

    auth();
  }

use Firebase\JWT\JWT;
use Google\Auth\Credentials\ServiceAccountCredentials;
use Google\Client as GoogleClient;
use Google\Service\Walletobjects;
use Google\Service\Walletobjects\ReservationInfo;
use Google\Service\Walletobjects\BoardingAndSeatingInfo;
use Google\Service\Walletobjects\LatLongPoint;
use Google\Service\Walletobjects\Barcode;
use Google\Service\Walletobjects\ImageModuleData;
use Google\Service\Walletobjects\LinksModuleData;
use Google\Service\Walletobjects\TextModuleData;
use Google\Service\Walletobjects\TranslatedString;
use Google\Service\Walletobjects\LocalizedString;
use Google\Service\Walletobjects\ImageUri;
use Google\Service\Walletobjects\Image;
use Google\Service\Walletobjects\FlightObject;
use Google\Service\Walletobjects\Message;
use Google\Service\Walletobjects\AddMessageRequest;
use Google\Service\Walletobjects\Uri;
use Google\Service\Walletobjects\AirportInfo;
use Google\Service\Walletobjects\FlightCarrier;
use Google\Service\Walletobjects\FlightClass;
use Google\Service\Walletobjects\FlightHeader;

/** Demo class for creating and managing Flights in Google Wallet. */
class DemoFlight
{
  /**
   * The Google API Client
   * https://github.com/google/google-api-php-client
   */
  public GoogleClient $client;

  /**
   * Path to service account key file from Google Cloud Console. Environment
   * variable: GOOGLE_APPLICATION_CREDENTIALS.
   */
  public string $keyFilePath;

  /**
   * Service account credentials for Google Wallet APIs.
   */
  public ServiceAccountCredentials $credentials;

  /**
   * Google Wallet service client.
   */
  public Walletobjects $service;

  public function __construct()
  {
    $this->keyFilePath = getenv('GOOGLE_APPLICATION_CREDENTIALS') ?: '/path/to/key.json';

    $this->auth();
  }

import json
import os
import uuid

from googleapiclient.discovery import build
from googleapiclient.errors import HttpError
from google.oauth2.service_account import Credentials
from google.auth import jwt, crypt


class DemoFlight:
    """Demo class for creating and managing Flights in Google Wallet.

    Attributes:
        key_file_path: Path to service account key file from Google Cloud
            Console. Environment variable: GOOGLE_APPLICATION_CREDENTIALS.
        base_url: Base URL for Google Wallet API requests.
    """

    def __init__(self):
        self.key_file_path = os.environ.get('GOOGLE_APPLICATION_CREDENTIALS',
                                            '/path/to/key.json')
        # Set up authenticated client
        self.auth()

using System.IdentityModel.Tokens.Jwt;
using System.Net.Http.Headers;
using System.Text.RegularExpressions;
using Google.Apis.Auth.OAuth2;
using Google.Apis.Services;
using Google.Apis.Walletobjects.v1;
using Google.Apis.Walletobjects.v1.Data;
using Microsoft.IdentityModel.Tokens;
using Newtonsoft.Json;
using Newtonsoft.Json.Linq;


/// <summary>
/// Demo class for creating and managing Flights in Google Wallet.
/// </summary>
class DemoFlight
{
  /// <summary>
  /// Path to service account key file from Google Cloud Console. Environment
  /// variable: GOOGLE_APPLICATION_CREDENTIALS.
  /// </summary>
  public static string keyFilePath;

  /// <summary>
  /// Service account credentials for Google Wallet APIs
  /// </summary>
  public static ServiceAccountCredential credentials;

  /// <summary>
  /// Google Wallet service client
  /// </summary>
  public static WalletobjectsService service;

  public DemoFlight()
  {
    keyFilePath = Environment.GetEnvironmentVariable(
        "GOOGLE_APPLICATION_CREDENTIALS") ?? "/path/to/key.json";

    Auth();
  }

const { google } = require('googleapis');
const jwt = require('jsonwebtoken');
const { v4: uuidv4 } = require('uuid');

/**
 * Demo class for creating and managing Flights in Google Wallet.
 */
class DemoFlight {
  constructor() {
    /**
     * Path to service account key file from Google Cloud Console. Environment
     * variable: GOOGLE_APPLICATION_CREDENTIALS.
     */
    this.keyFilePath = process.env.GOOGLE_APPLICATION_CREDENTIALS || '/path/to/key.json';
    this.auth();
  }

package main

import (
	"bytes"
	"context"
	"encoding/json"
	"fmt"
	"github.com/golang-jwt/jwt"
	"github.com/google/uuid"
	"golang.org/x/oauth2"
	"golang.org/x/oauth2/google"
	oauthJwt "golang.org/x/oauth2/jwt"
	"google.golang.org/api/option"
	"google.golang.org/api/walletobjects/v1"
	"io"
	"log"
	"os"
	"strings"
)

Next, use one of the framework libraries to retrieve the necessary credentials to call the Google Wallet API.

/**
 * Create authenticated HTTP client using a service account file.
 *
 */
public void auth() throws Exception {
  credentials =
      GoogleCredentials.fromStream(new FileInputStream(keyFilePath))
          .createScoped(List.of(WalletobjectsScopes.WALLET_OBJECT_ISSUER));
  credentials.refresh();

  HttpTransport httpTransport = GoogleNetHttpTransport.newTrustedTransport();

  // Initialize Google Wallet API service
  service =
      new Walletobjects.Builder(
              httpTransport,
              GsonFactory.getDefaultInstance(),
              new HttpCredentialsAdapter(credentials))
          .setApplicationName("APPLICATION_NAME")
          .build();
}

/**
 * Create authenticated HTTP client using a service account file.
 */
public function auth()
{
  $this->credentials = new ServiceAccountCredentials(
    Walletobjects::WALLET_OBJECT_ISSUER,
    $this->keyFilePath
  );

  // Initialize Google Wallet API service
  $this->client = new GoogleClient();
  $this->client->setApplicationName('APPLICATION_NAME');
  $this->client->setScopes(Walletobjects::WALLET_OBJECT_ISSUER);
  $this->client->setAuthConfig($this->keyFilePath);

  $this->service = new Walletobjects($this->client);
}

def auth(self):
    """Create authenticated HTTP client using a service account file."""
    self.credentials = Credentials.from_service_account_file(
        self.key_file_path,
        scopes=['https://www.googleapis.com/auth/wallet_object.issuer'])

    self.client = build('walletobjects', 'v1', credentials=self.credentials)

/// <summary>
/// Create authenticated service client using a service account file.
/// </summary>
public void Auth()
{
  credentials = (ServiceAccountCredential)GoogleCredential
      .FromFile(keyFilePath)
      .CreateScoped(new List<string>
      {
        WalletobjectsService.ScopeConstants.WalletObjectIssuer
      })
      .UnderlyingCredential;

  service = new WalletobjectsService(
      new BaseClientService.Initializer()
      {
        HttpClientInitializer = credentials
      });
}

/**
 * Create authenticated HTTP client using a service account file.
 */
auth() {
  const auth = new google.auth.GoogleAuth({
    keyFile: this.keyFilePath,
    scopes: ['https://www.googleapis.com/auth/wallet_object.issuer'],
  });

  this.credentials = require(this.keyFilePath);

  this.client = google.walletobjects({
    version: 'v1',
    auth: auth,
  });
}

// Create authenticated HTTP client using a service account file.
func (d *demoFlight) auth() {
	credentialsFile := os.Getenv("GOOGLE_APPLICATION_CREDENTIALS")
	b, _ := os.ReadFile(credentialsFile)
	credentials, err := google.JWTConfigFromJSON(b, walletobjects.WalletObjectIssuerScope)
	if err != nil {
		fmt.Println(err)
		log.Fatalf("Unable to load credentials: %v", err)
	}
	d.credentials = credentials
	d.service, _ = walletobjects.NewService(context.Background(), option.WithCredentialsFile(credentialsFile))
}

Google Wallet Android SDK requests

Requests using the Google Wallet Android SDK are automatically autheticated using you app signing certificate. The Android SDK will automatically create the SHA-1 fingerprint of your signing certificate and include it with requests to the Google Wallet API.

For more information on generating and registering the SHA-1 fingerprint of your app signing certificate, see Authorizing your app for the Google Wallet Android SDK.