> + > +## <a id="auth"></a>Authentification > +Google Cloud Platform uses OAuth which gives a variety of choices how to > authentificate: > + * One can ask a user for consent to perform operations in his/her name. > + * One can create a service account and use its private key to > authentificate. > + * Unless configured otherwise, programs running on a GCE instance can > perform operations as the project's default service account > ([documentation](https://developers.google.com/compute/docs/authentication)). > + > +You can find all the details in [the > documentation](https://developers.google.com/accounts/docs/OAuth2), while in > these examples we will focus only on service accounts (bullet 2). > + > +To create a new service account: > + * Go to the [Developer Console](https://console.developers.google.com/). > + * Choose API & auth > Credentials. > + * Click "Create new Client ID". > + * Select "Service account" and click "Create service ID". > + * Data about the new service account will be visilble in the console and a > private key will be downloaded. Notice that the data includes service account > email address - you will need it to use the account. > + * To keep the examples simple, we use private keys without passwords. It > might be something you will not do in a production environment, but for the > examples run: `openssl pkcs12 -in {downloaded_file}.p12 -nodes -out > gcp-example.pem -passin pass:notasecret`.
Is there anything we can advise people to do if they _do_ want to run in a production environment? --- Reply to this email directly or view it on GitHub: https://github.com/jclouds/jclouds-site/pull/98/files#r12557638
