Hi everyone,
I couldn’t find clear documentation on handling JSON service account files for secrets management in Streamlit Community Cloud deployments. Since this is a common need, I want to share the working solution I found using TOML:
Problem: Streamlit Cloud’s secrets management relies on TOML format, but service accounts often provide credentials as JSON.
Solution:
- Manual Conversion:
- Choose a section name in your
secrets.tomlfile for example
[GOOGLE_CREDENTIALS] - Remove curly braces
{}from your JSON. - Convert commas to newlines.( Remove Commas after each key value pair)
- Replace JSON double quotes for keys with simple key names.
- Use
=instead of colons:.
Example secrets.toml:
[GOOGLE_CREDENTIALS]
type = "service_account"
project_id = "gen-lang-client-1234567"
private_key_id = "123467876656"
# ... other keys
- Accessing in Code:
import streamlit as st
google_credentials = st.secrets["GOOGLE_CREDENTIALS"]
# Now use 'google_credentials' for authentication
Notes:
- Deployment: Place
secrets.tomlin your project’s root directory or use Streamlit Cloud’s UI for secrets. - Security: Never commit
secrets.tomlto public repositories.