Question

Account Permissions vs App Permissions

1 month ago
June 25, 2025
5 replies
39 views

s-falk
Member
8 replies

When adding Service Accounts, the docs state:

Under 'App permissions' you need to add your app. Then under 'Account permissions', you need to grant certain permissions in order for RevenueCat to properly work.

Is this really necessary? It is possible to assign apps to users and manage app permissions s.t. the particular service account is only able to access one specific app instead of all apps.

The documentation currently recommends users to grant Account Permissions which means said service account would be able to access all apps in the Play Store.

Can this be avoided by just setting the correct permissions under App Permissions > Manage Permissions?

This post has been closed for comments

guilherme
RevenueCat Staff
82 replies
29 days ago
June 27, 2025

Hey @s-falk,

Limiting a service account’s access to just one app is a good security practice, and Google Play Console technically supports app-scoped permissions. However, RevenueCat requires account-level permissions because of how Google’s own APIs are designed. Specifically:

Subscription and product APIs require account-level roles like:
- “View financial data”
- “Manage orders and subscriptions”
Real-time developer notifications use Pub/Sub, which also needs broader account access
Even though our calls are scoped to a single app, Google enforces these permissions at the account level

So while app-level permissions may seem sufficient in theory, in practice they’ll result in permission errors when RevenueCat tries to access the necessary endpoints.

We’ll keep an eye on Google’s permission model and update our guidance if more granular scoping becomes possible.

Best,

Gui, Developer Support Engineer @ RevenueCat

s-falk
Author
Member
8 replies
28 days ago
June 28, 2025

I understand - thank you for providing those details.

I wasn’t able to fully test my purchases yet which is why I didn’t ran into any issues yet. I have just tried to set App Permissions for now.

These permissions seem to be sufficient to retrieve the status:

But, as you mentioned, this probably won’t work when it comes to actual purchases.

guilherme
RevenueCat Staff
82 replies
22 days ago
July 3, 2025

Hey @s-falk ,

From the screenshot that seems like it’s pulling the correct Status from the store - to check if it works as expected I’d suggest running a couple of tests (using Sandbox testing) and see how it behaves.

Best,

Gui, Developer Support Engineer @ RevenueCat

s-falk
Author
Member
8 replies
22 days ago
July 4, 2025

I will give it a try. :)

Currently trying to create iOS IAPs - not as simple as creating Android SKUs .. :’)

joan-cardona
RevenueCat Staff
469 replies
15 days ago
July 11, 2025

Hi @s-falk,

No worries, let us know if you have questions!

Best,

Joan.

Cookie policy

We use cookies to enhance and personalize your experience. If you accept you agree to our full cookie policy. Learn more about our cookies.

Cookie settings

We use 3 different kinds of cookies. You can choose which cookies you want to accept. We need basic cookies to make this site work, therefore these are the minimum you can select. Learn more about our cookies.

Basic
Functional

Normal
Functional + analytics

Complete
Functional + analytics + social media + embedded videos + marketing

Related topics

finding and estimate spatial intersection between 2D polygonesicon

Goal: Identify areas where there is a height difference of more than 1 meter between the road and the surface. I encountered an issue at the moment of the generation boundaries. I used “Counter Generator”, but it gave me a 2D representation.icon

How are intersections between 2D and 3D solids possible?icon

"3D intersection" of 3D and 2D polylinesicon

GoCAD ts filesicon

Most helpful members this week

Sign up

‏‏‎ ‎

Log in to the Community

‏‏‎ ‎

Scanning file for viruses.

This file cannot be downloaded

Cookie policy

Cookie settings