Getting credentials from Google | laravel-mobile-pass | Spatie

 SPATIE

  Laravel Mobile Pass
======================

spatie.be/open-source

  [Docs](https://spatie.be/docs)  [Laravel-mobile-pass](https://spatie.be/docs/laravel-mobile-pass/v1)  Getting credentials from Google

 Version   v1

 Other versions for crawler [v1](https://spatie.be/docs/laravel-mobile-pass/v1)

  Getting credentials from Google
- [ Introduction ](https://spatie.be/docs/laravel-mobile-pass/v1/introduction)
- [ Support us ](https://spatie.be/docs/laravel-mobile-pass/v1/support-us)
- [ Requirements ](https://spatie.be/docs/laravel-mobile-pass/v1/requirements)
- [ Installation &amp; setup ](https://spatie.be/docs/laravel-mobile-pass/v1/installation-setup)
- [ Getting credentials from Apple ](https://spatie.be/docs/laravel-mobile-pass/v1/getting-credentials-from-apple)
- [ Getting credentials from Google ](https://spatie.be/docs/laravel-mobile-pass/v1/getting-credentials-from-google)
- [ Questions and issues ](https://spatie.be/docs/laravel-mobile-pass/v1/questions-issues)
- [ Changelog ](https://spatie.be/docs/laravel-mobile-pass/v1/changelog)
- [ About us ](https://spatie.be/docs/laravel-mobile-pass/v1/about-us)

Basic usage
-----------

- [ Generating your first pass ](https://spatie.be/docs/laravel-mobile-pass/v1/basic-usage/generating-your-first-pass)
- [ Delivering passes to users ](https://spatie.be/docs/laravel-mobile-pass/v1/basic-usage/handing-out-passes)
- [ Adding images ](https://spatie.be/docs/laravel-mobile-pass/v1/basic-usage/adding-images)
- [ Adding barcodes ](https://spatie.be/docs/laravel-mobile-pass/v1/basic-usage/adding-barcodes)
- [ Updating a pass ](https://spatie.be/docs/laravel-mobile-pass/v1/basic-usage/updating-a-pass)
- [ Retrieving mobile passes ](https://spatie.be/docs/laravel-mobile-pass/v1/basic-usage/retrieving-mobile-passes)
- [ Expiring passes ](https://spatie.be/docs/laravel-mobile-pass/v1/basic-usage/expiring-passes)

Available pass types
--------------------

- [ Introduction ](https://spatie.be/docs/laravel-mobile-pass/v1/available-pass-types/introduction)
- [ Boarding pass ](https://spatie.be/docs/laravel-mobile-pass/v1/available-pass-types/boarding-pass)
- [ Event ticket ](https://spatie.be/docs/laravel-mobile-pass/v1/available-pass-types/event-ticket)
- [ Coupon ](https://spatie.be/docs/laravel-mobile-pass/v1/available-pass-types/coupon)
- [ Loyalty card ](https://spatie.be/docs/laravel-mobile-pass/v1/available-pass-types/loyalty)
- [ Generic ](https://spatie.be/docs/laravel-mobile-pass/v1/available-pass-types/generic)

Apple Wallet
------------

- [ Field zones ](https://spatie.be/docs/laravel-mobile-pass/v1/apple-wallet/field-zones)
- [ Apple-specific methods ](https://spatie.be/docs/laravel-mobile-pass/v1/apple-wallet/apple-specific-methods)
- [ Pass relevance ](https://spatie.be/docs/laravel-mobile-pass/v1/apple-wallet/pass-relevance)
- [ NFC passes ](https://spatie.be/docs/laravel-mobile-pass/v1/apple-wallet/nfc)
- [ Attaching Wi-Fi credentials ](https://spatie.be/docs/laravel-mobile-pass/v1/apple-wallet/attaching-wifi-credentials)
- [ Storing mobile passes ](https://spatie.be/docs/laravel-mobile-pass/v1/apple-wallet/storing-mobile-passes)

Google Wallet
-------------

- [ Pass classes ](https://spatie.be/docs/laravel-mobile-pass/v1/google-wallet/pass-classes)
- [ Object methods ](https://spatie.be/docs/laravel-mobile-pass/v1/google-wallet/object-methods)
- [ Hosting pass images ](https://spatie.be/docs/laravel-mobile-pass/v1/google-wallet/hosting-images)

Advanced usage
--------------

- [ Handling errors ](https://spatie.be/docs/laravel-mobile-pass/v1/advanced-usage/handling-errors)
- [ Customizing actions ](https://spatie.be/docs/laravel-mobile-pass/v1/advanced-usage/customizing-actions)
- [ Customizing models ](https://spatie.be/docs/laravel-mobile-pass/v1/advanced-usage/customizing-models)
- [ Reading stored passes ](https://spatie.be/docs/laravel-mobile-pass/v1/advanced-usage/reading-stored-passes)
- [ Events ](https://spatie.be/docs/laravel-mobile-pass/v1/advanced-usage/events)
- [ Testing your passes ](https://spatie.be/docs/laravel-mobile-pass/v1/advanced-usage/testing-your-passes)

 Getting credentials from Google
===============================

###  On this page

1. [ Create a GCP project and enable the Wallet API ](#content-create-a-gcp-project-and-enable-the-wallet-api)
2. [ Create a service account ](#content-create-a-service-account)
3. [ Register as a Wallet issuer ](#content-register-as-a-wallet-issuer)
4. [ Configure environment variables ](#content-configure-environment-variables)
5. [ Verifying save/remove callbacks ](#content-verifying-saveremove-callbacks)

To generate passes for Google Wallet you need two things from Google: a service account key (which the package uses to call the Wallet API on your behalf) and an issuer ID (Google's label for your organization).

You get both by enrolling as an issuer in the Google Pay &amp; Wallet Business Console.

Create a GCP project and enable the Wallet API
--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------

1. Head to the [Google Cloud Console](https://console.cloud.google.com) and create a new project (or pick an existing one).
2. In the API library, search for "Google Wallet API" and click Enable.

Create a service account
--------------------------------------------------------------------------------------------------------------------------------

1. In the GCP console, go to IAM &amp; Admin, then Service Accounts.
2. Click "Create Service Account". Give it a descriptive name like "Laravel Mobile Pass".
3. When asked about roles, skip the project-level role. Finish creating the account.
4. Open the service account, go to the Keys tab, click Add Key, then Create new key. Choose JSON. A `.json` file will download. Keep it safe.

Register as a Wallet issuer
-----------------------------------------------------------------------------------------------------------------------------------------

1. Head to the [Google Pay &amp; Wallet Business Console](https://pay.google.com/business/console) and sign in.
2. Pick Google Wallet API and accept the terms.
3. Once your issuer account is created, grab the numeric Issuer ID from the top of the page.
4. Under Users, invite the email address of the service account you just created, and grant it the Developer role. That's what gives your service account the `wallet_object.issuer` scope on your issuer account.

Configure environment variables
-----------------------------------------------------------------------------------------------------------------------------------------------------

Set the issuer ID and point the package at the key file:

```
MOBILE_PASS_GOOGLE_ISSUER_ID=3388000000022000000
MOBILE_PASS_GOOGLE_KEY_PATH=/absolute/path/to/service-account.json
```

If you'd rather not put the file on disk, inline the key contents instead. `MOBILE_PASS_GOOGLE_KEY` accepts either raw JSON or base64-encoded JSON; the package detects the format:

```
MOBILE_PASS_GOOGLE_KEY='{"type":"service_account",...}'
```

Or base64-encode the file and store that:

```
base64 -i path/to/service-account.json | pbcopy
```

```
MOBILE_PASS_GOOGLE_KEY=ewogICJ0eXBlIjogInNlcnZpY2VfYWNjb3VudCIsCi...
```

When both `MOBILE_PASS_GOOGLE_KEY` and `MOBILE_PASS_GOOGLE_KEY_PATH` are set, inline contents win.

Verifying save/remove callbacks
---------------------------------------------------------------------------------------------------------------------------------------------------

When a user saves or removes a pass, Google sends a signed request to your app using the [ECv2SigningOnly](https://developers.google.com/wallet/generic/use-cases/use-callbacks-for-saves-and-deletions) protocol. The package middleware verifies that signature against Google's published root keys (cached locally, refreshed when they expire), so there's no signing key to copy into your `.env`.

What the middleware does need is your issuer ID — it's the `recipientId` baked into the signed payload. As long as `MOBILE_PASS_GOOGLE_ISSUER_ID` is set (see the previous section), you're done. The callback endpoint will be live at `POST /mobile-pass/passkit/v1/google/callbacks` once you call `Route::mobilePass()`.

Make sure your app is allowed to make outbound HTTPS requests to `pay.google.com` so the middleware can fetch the root keys. See [Events](advanced-usage/events) for the full callback flow.

Keep the service account key out of version control.

 A good
match?
-------------

### What we do best

- All things Laravel
- Custom frontend components
- Building APIs
- AI-powered features
- Simplifying things
- Clean solutions
- Integrating services

### Not our cup of tea

- WordPress themes
- Cutting corners
- Free mockups to win a job
- "Just execute the briefing"

 In short: we'd like to be a **substantial part** of your project.

 [ Get in touch via email ](mailto:info@spatie.be?subject=A%20good%20match%21&body=Tell%20us%20as%20much%20as%20you%20can%20about%0A-%20your%20online%20project%0A-%20your%20planning%0A-%20your%20budget%0A-%20%E2%80%A6%0A%0AAnything%20that%20helps%20us%20to%20start%20straightforward%21)