gplay-user-management
User & Grant Management
Use this skill when you need to manage users and their permissions in Google Play Console.
Preconditions
- Ensure credentials are set (
gplay auth loginorGPLAY_SERVICE_ACCOUNTenv var). - Service account needs "Admin" permission to manage users and grants.
- Developer account ID is required for user operations.
User Management
List all users
gplay users list \
--developer-id DEVELOPER_ID
List users with pagination
gplay users list \
--developer-id DEVELOPER_ID \
--paginate
List users as table
gplay users list \
--developer-id DEVELOPER_ID \
--output table
Create a new user
gplay users create \
--developer-id DEVELOPER_ID \
--email user@example.com \
--role admin
Create user with specific permissions
gplay users create \
--developer-id DEVELOPER_ID \
--email user@example.com \
--role custom \
--permissions "VIEW_APP_INFORMATION,MANAGE_STORE_LISTING"
Update a user
gplay users update \
--developer-id DEVELOPER_ID \
--email user@example.com \
--role viewer
Delete a user
gplay users delete \
--developer-id DEVELOPER_ID \
--email user@example.com \
--confirm
Grant Management
Grants control app-level access for users.
Create a grant (give user access to an app)
gplay grants create \
--developer-id DEVELOPER_ID \
--email user@example.com \
--package com.example.app \
--permissions "VIEW_APP_INFORMATION,VIEW_FINANCIAL_DATA"
Update a grant (change permissions)
gplay grants update \
--developer-id DEVELOPER_ID \
--email user@example.com \
--package com.example.app \
--permissions "VIEW_APP_INFORMATION,MANAGE_STORE_LISTING,MANAGE_RELEASES"
Delete a grant (revoke app access)
gplay grants delete \
--developer-id DEVELOPER_ID \
--email user@example.com \
--package com.example.app \
--confirm
Common Flags
User flags
| Flag | Description |
|---|---|
--developer-id |
Developer account ID (required) |
--email |
User email address |
--role |
Role: admin, viewer, custom |
--permissions |
Comma-separated permission list (for custom role) |
--output |
Output format (json, table, markdown) |
--paginate |
Fetch all pages |
--confirm |
Required for destructive operations |
Grant flags
| Flag | Description |
|---|---|
--developer-id |
Developer account ID (required) |
--email |
User email address (required) |
--package |
App package name (required) |
--permissions |
Comma-separated permission list (required) |
--confirm |
Required for delete operations |
Available Permissions
| Permission | Description |
|---|---|
VIEW_APP_INFORMATION |
View app info and download bulk reports |
VIEW_FINANCIAL_DATA |
View financial data, orders, and cancellation surveys |
MANAGE_ORDERS |
Manage orders and subscriptions |
MANAGE_STORE_LISTING |
Manage store listing, pricing, and distribution |
MANAGE_RELEASES |
Manage production and testing releases |
MANAGE_APP_CONTENT |
Manage app content rating and policy declarations |
VIEW_APP_QUALITY |
View app quality information |
Workflow Examples
Onboard a new team member
# 1. Create user account
gplay users create \
--developer-id 1234567890 \
--email newdev@example.com \
--role custom \
--permissions "VIEW_APP_INFORMATION"
# 2. Grant access to specific apps
gplay grants create \
--developer-id 1234567890 \
--email newdev@example.com \
--package com.example.app1 \
--permissions "VIEW_APP_INFORMATION,MANAGE_RELEASES"
gplay grants create \
--developer-id 1234567890 \
--email newdev@example.com \
--package com.example.app2 \
--permissions "VIEW_APP_INFORMATION,MANAGE_STORE_LISTING"
Offboard a team member
# Revoke all access by deleting the user
gplay users delete \
--developer-id 1234567890 \
--email departed@example.com \
--confirm
Audit current permissions
# List all users in table format
gplay users list \
--developer-id 1234567890 \
--paginate \
--output table
Promote user to release manager
gplay grants update \
--developer-id 1234567890 \
--email dev@example.com \
--package com.example.app \
--permissions "VIEW_APP_INFORMATION,MANAGE_RELEASES,MANAGE_STORE_LISTING"
Best Practices
- Principle of least privilege - Grant only the permissions each user needs.
- Use app-level grants - Prefer grants over account-level roles for fine-grained control.
- Audit regularly - Periodically review users and their permissions.
- Offboard promptly - Remove users immediately when they leave the team.
- Use
--confirmcarefully - Delete operations are irreversible. - Automate onboarding - Script user creation and grant assignment for consistency.
More from tamtom/gplay-cli-skills
gplay-cli-usage
Guidance for using the Google Play Console CLI in this repo (flags, output formats, pagination, auth, and discovery). Use when asked to run or design gplay commands or interact with Google Play Console via the CLI.
108gplay-gradle-build
Build, sign, and package Android apps with Gradle before uploading to Google Play. Use when asked to create an APK or AAB, configure signing, or set up build pipelines.
95gplay-submission-checks
Pre-submission validation for Google Play releases covering metadata, screenshots, bundle integrity, data safety, and policy compliance. Use when preparing a release to avoid rejections and catch issues before submitting.
93gplay-metadata-sync
Metadata and localization sync (including Fastlane format) for Google Play Store listings. Use when updating app descriptions, screenshots, or managing multi-locale metadata.
93gplay-signing-setup
Android app signing, keystores, and Play App Signing setup. Use when configuring signing for new apps or migrating to Play App Signing.
91gplay-iap-setup
In-app products, subscriptions, base plans, and offers setup for Google Play monetization. Use when configuring in-app purchases or subscription products.
89