I have a side project in which involves a mobile client and a web client. Users can create GCP Applications/Projects through my GCP account using the web client. The mobile client allows users to search these projects which hold applications to download and use. But to communicate through auth with the projects, I will need their project's keys without having to manually get them.

My issue is I'm finding it very hard to see how one would be able to view all projects created from users in my GCP and their information/keys. I will be storing this information in a database available through an API once the user creates the project on the web client. How does one auth against my GCP and access the user's project keys so others can communicate with those mobile client applications as the projects need auth as they use GCP APIs? Is a Service Account the best option in that it will take on a Role to communicate with the GCP APIs without the need for a token?