How to Paste a JSON Service Account Key into a GitHub Actions Secret

You downloaded a JSON service account key from Google Cloud, pasted it into a GitHub Actions secret, ran your workflow… and got SyntaxError: Unexpected token in JSON. The key looks fine when you open it. So what's going on?

Why GitHub Secrets Break Multi-Line JSON

The downloaded file is pretty-printed across many lines. Those structural line breaks (the ones between "key": "value", pairs) survive into the secret value. Most CI runners and shells then mangle them — stripping trailing whitespace, dropping the final newline, or re-quoting the value. By the time your script reads process.env.MY_SECRET, the JSON is no longer parseable.

The escaped \n sequences inside private_key are not the problem — those are just two characters and travel through any environment safely. The problem is the real, physical newlines around them.

The Fix in One Click

1. Open the JSON Formatter.
2. Paste the entire contents of your service account file into the input box.
3. Click Compact (1 line).
4. Verify there are no errors (the toast will confirm).
5. Click the copy button.
6. In GitHub: Settings → Secrets and variables → Actions → New repository secret. Paste the single-line value.
7. Re-run your workflow.

Why This Is Safe

• The JSON never leaves your browser. The Compact tool is a static page running locally — no upload, no server logging, no third-party request with the payload.
• It validates first. If your key file is corrupted or has trailing commas, you'll see the error before you copy anything.
• It preserves escaping. Newlines inside string values (the PEM private_key block) stay as \n, exactly as JavaScript's JSON.parse expects.

Same Trick Works For

• GitLab CI/CD variables, Bitbucket Pipelines, CircleCI environment variables
• .env files for Node.js, Python, Deno
• Cloudflare Workers, Vercel, Netlify, AWS Lambda, Google Cloud Run env panels
• Docker --env flags and Kubernetes secret manifests

Common Mistakes After Pasting

• Don't wrap the value in quotes. GitHub stores it verbatim — extra "…" turns it into a JSON-encoded string and your code will need to JSON.parse twice.
• Confirm the value ends in }. If the workflow still fails, log the last 5 characters of the secret to make sure the closing brace wasn't truncated.
• Rotate the key if you ever pasted it into a chat, a screenshot, or a shared terminal during debugging.

Need to flatten one right now? Open the JSON Formatter and click Compact (1 line) — three seconds, no install, fully private.