diff --git a/modules/otel-extensions-googleauth-extension.adoc b/modules/otel-extensions-googleauth-extension.adoc
new file mode 100644
index 000000000000..7b66e976b394
--- /dev/null
+++ b/modules/otel-extensions-googleauth-extension.adoc
@@ -0,0 +1,38 @@
+// Module included in the following assemblies:
+//
+// * observability/otel/otel-collector/otel-collector-extensions.adoc
+
+:_mod-docs-content-type: REFERENCE
+[id="otel-extensions-googleauth-extension_{context}"]
+= Google Client Authentication Extension
+
+[role="_abstract"]
+
+The Google Client Authentication extension provides Google OAuth2 Client Credentials and Metadata for gRPC and http based exporters.
+
+.OpenTelemetry Collector custom resource with the configured Google Client Auth Extension
+[source,yaml]
+----
+# ...
+  config:
+    extensions:
+      googleclientauth:
+        project: "my-project" # <1>
+
+    exporters:
+      otlphttp:
+        encoding: json
+        endpoint: https://telemetry.googleapis.com
+        auth:
+          authenticator: googleclientauth
+
+    service:
+      extensions: [googleclientauth]
+      pipelines:
+        traces:
+          receivers: [otlp]
+          exporters: [debug]
+# ...
+----
+
+<1> The Google Cloud Project telemetry is sent to if the `gcp.project.id` resource attribute is not set. If unspecified, this is determined using application default credentials.
diff --git a/modules/otel-forwarding-data-to-google-managed-prometheus.adoc b/modules/otel-forwarding-data-to-google-managed-prometheus.adoc
new file mode 100644
index 000000000000..297cc25c48a9
--- /dev/null
+++ b/modules/otel-forwarding-data-to-google-managed-prometheus.adoc
@@ -0,0 +1,94 @@
+// Module included in the following assemblies:
+//
+// * observability/otel/otel-forwarding-telemetry-data.adoc
+
+:_mod-docs-content-type: CONCEPT
+[id="otel-forwarding-data-to-google-managed-prometheus_{context}"]
+= Forwarding telemetry data to Google Managed Prometheus
+
+[role="_abstract"]
+To forward metrics to the Google Managed Prometheus, use the OpenTelemetry Collector with the OTLP exporter, Metric Start Time processor and Google Client Auth extension.
+The OTLP exporter should be configured with Google Client Auth extension, which can use standard secret authentication or Workload Identity Federation (WIF).
+
+.OpenTelemetry Collector custom resource with configured OTLP exporter and Google WIF authentication.
+[source,yaml]
+----
+# ...
+  mode: sidecar
+  env:
+    - name: GOOGLE_APPLICATION_CREDENTIALS # <1>
+      value: "/etc/workload-identity/credential-configuration.json"
+  volumes:
+    - name: workload-identity-credential-configuration
+      configMap:
+        name: gcp-wif-credentials # <2>
+     - name: service-account-token-volume
+       projected:
+         sources:
+         - serviceAccountToken:
+             audience: openshift
+             expirationSeconds: 3600
+             path: token
+  volumeMounts:
+    - name: workload-identity-credential-configuration
+      mountPath: "/etc/workload-identity"
+      readOnly: true
+    - name: service-account-token-volume
+      mountPath: "/var/run/secrets/otel/serviceaccount" <3>
+      readOnly: true
+  config:
+    extensions:
+      googleclientauth: {}
+
+    exporters:
+      otlphttp:
+        encoding: json
+        endpoint: https://telemetry.googleapis.com
+        auth:
+          authenticator: googleclientauth
+
+    processors:
+      metricstarttime:
+        strategy: subtract_initial_point # <4>
+
+      resource/gcp_project_id:
+        attributes:
+        - action: insert
+          value: project_id # <5>
+          key: gcp.project_id
+
+      k8sattributes: {}
+
+      transform/collision:
+        metric_statements:
+        - context: datapoint
+          statements:
+          - set(attributes["exported_location"], attributes["location"])
+          - delete_key(attributes, "location")
+          - set(attributes["exported_cluster"], attributes["cluster"])
+          - delete_key(attributes, "cluster")
+          - set(attributes["exported_namespace"], attributes["namespace"])
+          - delete_key(attributes, "namespace")
+          - set(attributes["exported_job"], attributes["job"])
+          - delete_key(attributes, "job")
+          - set(attributes["exported_instance"], attributes["instance"])
+          - delete_key(attributes, "instance")
+          - set(attributes["exported_project_id"], attributes["project_id"])
+          - delete_key(attributes, "project_id")
+
+    service:
+      extensions: [googleclientauth]
+      pipelines:
+        metrics:
+          processors: [k8sattributes, resource/gcp_project_id, transform/collision, metricstarttime]
+          exporters: [otlphttp]
+# ...
+----
+<1> The environment variable `GOOGLE_APPLICATION_CREDENTIALS` can be configured to use the traditional secret or use the workload identity federation (WIF). This specific example uses WIF.
+<2> Config map contains the Google WIF configuration file `credential-configuration.json`.
+<3> The path to the service account token used by WIF. In this case `/var/run/secrets/otel/serviceaccount/token`.
+<4> The `subtract_initial_point` strategy is stateful, requiring the Collector to run as a sidecar to maintain per-pod state. Alternative strategies available; choose the one that best fits your use case.
+<5> Replace with your GCP project ID.
+
+
+Other resources: https://docs.cloud.google.com/iam/docs/workload-identity-federation-with-kubernetes
\ No newline at end of file
diff --git a/observability/otel/otel-collector/otel-collector-extensions.adoc b/observability/otel/otel-collector/otel-collector-extensions.adoc
index 948da06b6610..f632e2dc9cc0 100644
--- a/observability/otel/otel-collector/otel-collector-extensions.adoc
+++ b/observability/otel/otel-collector/otel-collector-extensions.adoc
@@ -23,6 +23,8 @@ include::modules/otel-extensions-jaegerremotesampling-extension.adoc[leveloffset
 
 include::modules/otel-extensions-pprof-extension.adoc[leveloffset=+1]
 
+include::modules/otel-extensions-googleauth-extension.adoc[leveloffset=+1]
+
 include::modules/otel-extensions-healthcheck-extension.adoc[leveloffset=+1]
 
 include::modules/otel-extensions-zpages-extension.adoc[leveloffset=+1]
diff --git a/observability/otel/otel-forwarding-telemetry-data.adoc b/observability/otel/otel-forwarding-telemetry-data.adoc
index bf86771546c4..e4cb6a372768 100644
--- a/observability/otel/otel-forwarding-telemetry-data.adoc
+++ b/observability/otel/otel-forwarding-telemetry-data.adoc
@@ -26,6 +26,14 @@ include::modules/otel-forwarding-data-to-google-cloud.adoc[leveloffset=+1]
 .Additional resources
 * xref:../../observability/otel/otel-collector/otel-collector-exporters.adoc#otel-collector-exporters[Exporters]
 
+include::modules/otel-forwarding-data-to-google-managed-prometheus.adoc[leveloffset=+1]
+
+[role="_additional-resources"]
+.Additional resources
+* xref:../../observability/otel/otel-collector/otel-collector-processors.adoc#otel-collector-processors[Processors]
+* xref:../../observability/otel/otel-collector/otel-collector-extensions.adoc#otel-collector-extensions[Extensions]
+* https://docs.cloud.google.com/stackdriver/docs/managed-prometheus
+
 [role="_additional-resources"]
 [id="additional-resources_{context}"]
 == Additional resources