If you create an android api key in the cloud console, and restrict its usage using your package and sha1 cert, then all calls to google apis using that key need to be signed. It'd be great if gcloud-java could support signing the requests in android, so that it can be used with restricted android api keys.