Guides

Google Play Signer

Suggest Edits

When uploading your app on Catappult, if your app is available on Google Play, you have to use the same signature as the package in Google Play. For more information on why this is important, click here.

However, Google Play currently manages most developers' APK signing private keys. If this is your case, you won't be able to locally sign your APK using the same Google Play key and will be forced to upload the file to the Google Play Console for signing before publishing in Catappult, going through the process explained here.

For this reason, we have developed a tool to get your APK from Google Play using their API. To use the Google Play API there are two ways to generate the API key, with OAuth or with a Service Account. The Service Account is the advised method for server-to-server communications, this account is generated in the Google Cloud Console, and authorized in Google Play Console’s API access page by the Google Play account owner.
When the service account is created a JSON is generated, which contains the necessary data to create the Google Play API key.

Creating the Service Account and Google API Key

Access the Google Cloud console and select "View All Products"

Then press "APIs and services"

Select "Credentials"

Select "Create Credentials" > "Service account"

Fill the boxes with the required information and select the role "Editor" (you can adjust the permissions later on Google Play Console)

Now click on your new account

Select "Keys"

Press "Add Key" > "Create new key" and choose the JSON option

Security concerns and permissions management

When generating and sharing an API Key it's necessary to be mindful of the permissions being granted to the API Key user. With this in mind, we only ask for permissions regarding testing tracks, we don't need to be able to manage production settings. Please remove all the other permissions in the Google Play Console.

And that's all regarding Google API. Now you will need to generate the Catappult API Key that will be used to upload your app.

Catappult API Key

The flow to generate the Catappult API Key is very simple. Go to Catappult, press your profile icon and select "Your Account"

Then press "Generate" under "API Key". Please note that if you already have an API Key this action will replace it.

Using the Google Play Signer

Now you have everything you need to use the Google Play Signer service. This service runs on the https://google-play-signer.aptoide.com endpoint and can be used with a simple script. The example below is written in Python but you can use whatever language suits you better. You will need to change a few parameters in the script that depend on the name of your files.

import requests
from jose import jwt
import json
from google_play_signer.config import load_pem_key

with open('yourGoogleApiKey.json', 'r') as f:
    gp_key = json.load(f)

key = load_pem_key('yourPemKey.key')
token = jwt.encode({'iss': 'yourIssuer.iam.gserviceaccount.com'}, key)
headers = {'Authorization': f'Bearer {token}'}

r = requests.post('https://google-play-signer.aptoide.com/app/your-catappult-api-key/com.your.package/{version_code}',
                  headers=headers,
                  data={'user_credentials': json.dumps(gp_key)},
                  files={'file': open('app-release.aab', 'rb')})

Updated about 2 hours ago