diff --git a/.kokoro/populate-secrets.sh b/.kokoro/populate-secrets.sh
new file mode 100755
index 00000000000..85801f403e2
--- /dev/null
+++ b/.kokoro/populate-secrets.sh
@@ -0,0 +1,32 @@
+#!/bin/bash
+# Copyright 2020 Google LLC.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#      http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+set -eo pipefail
+
+# Populates requested secrets set in SECRET_MANAGER_KEYS from service account:
+# kokoro-trampoline@cloud-devrel-kokoro-resources.iam.gserviceaccount.com
+SECRET_LOCATION="${KOKORO_GFILE_DIR}/secret_manager"
+mkdir -p ${SECRET_LOCATION}
+for key in $(echo ${SECRET_MANAGER_KEYS} | sed "s/,/ /g")
+do
+  docker run --entrypoint=gcloud \
+    --volume=${KOKORO_GFILE_DIR}:${KOKORO_GFILE_DIR} \
+    gcr.io/google.com/cloudsdktool/cloud-sdk \
+    secrets versions access latest \
+    --credential-file-override=${KOKORO_GFILE_DIR}/kokoro-trampoline.service-account.json \
+    --project cloud-devrel-kokoro-resources \
+    --secret $key > \
+    "$SECRET_LOCATION/$key"
+done
diff --git a/.kokoro/publish.sh b/.kokoro/publish.sh
index f2b2e2fffbb..24957d71def 100755
--- a/.kokoro/publish.sh
+++ b/.kokoro/publish.sh
@@ -24,7 +24,7 @@ python3 -m releasetool publish-reporter-script > /tmp/publisher-script; source /
 
 cd $(dirname $0)/..
 
-NPM_TOKEN=$(cat $KOKORO_KEYSTORE_DIR/73713_googleapis-npm-token)
+NPM_TOKEN=$(cat $KOKORO_GFILE_DIR/secret_manager/npm_publish_token
 echo "//wombat-dressing-room.appspot.com/:_authToken=${NPM_TOKEN}" > ~/.npmrc
 
 npm install
diff --git a/.kokoro/release/publish.cfg b/.kokoro/release/publish.cfg
index 4a3b2470983..e17c17e2f12 100644
--- a/.kokoro/release/publish.cfg
+++ b/.kokoro/release/publish.cfg
@@ -47,13 +47,9 @@ before_action {
   }
 }
 
-before_action {
-  fetch_keystore {
-    keystore_resource {
-      keystore_config_id: 73713
-      keyname: "googleapis-npm-token"
-    }
-  }
+env_vars: {
+  key: "SECRET_MANAGER_KEYS"
+  value: "npm_publish_token"
 }
 
 # Download trampoline resources.
diff --git a/.kokoro/trampoline.sh b/.kokoro/trampoline.sh
index 9bd4905c4b5..a4241db23f4 100755
--- a/.kokoro/trampoline.sh
+++ b/.kokoro/trampoline.sh
@@ -24,4 +24,5 @@ function cleanup() {
 }
 trap cleanup EXIT
 
+$(dirname $0)/populate-secrets.sh # Secret Manager secrets.
 python3 "${KOKORO_GFILE_DIR}/trampoline_v1.py"