In order to connect Google accounts to Nylas through Hosted Authentication, you'll need to create your own Google Project and OAuth Client ID. This Google Project and Client ID will be used only for initial development and testing using Nylas, and you will configure Nylas to use the Client ID you create. If you have any trouble creating a Google Project and OAuth Client ID for development, get in touch with
[email protected] and we'd be happy to help you out!
Ready for production?
Google requires a verification and security review process for applications that sync Google accounts in production. If you're ready to sync Google accounts in your production application, please reach out to Nylas support and we will help you through this process.
Please keep in mind the Google app verification process can take up to 4 weeks, and the security review can take up to an additional 4-6 weeks. Please plan accordingly to meet your launch date.
To get started, head over to https://console.developers.google.com/. You will be prompted to log in with a Google account if you're not already logged in with one.
If you don't have a Google account, you can create one at https://accounts.google.com/signup/:
Once your account has been created, head back over to https://console.developers.google.com and sign in with it.
Click on "Select a project" in the top left corner, and on the following screen click "NEW PROJECT":
Name your project and click "CREATE" in the bottom left corner:
It may take up to a minute or two to for Google to finish creating the project, after which you'll see a screen like this:
You've now created your Google Project! The next step is to enable the APIs needed to connect to Google via Nylas.
Click the "ENABLE APIS AND SERVICES" button in the center of the screen
You'll be presented with the following search box:
Type "gmail" into the search box and click on the "Gmail API" card once it appears:
Click the large blue "ENABLE" button next to the Gmail logo
You'll find yourself on the following page. Click the search box in the center of the top bar:
Type "calendar" and click on "Google Calendar API" once it appears:
Click "ENABLE" for the Google Calendar API:
Please note: Contact scopes require both the People API and the Contacts API to be enabled.
Do the same for the Contacts API ("contacts" is a good search term):
As well as the People API (search "people"):
If your app needs access to Room Resources, you'll need to enable the "Admin SDK API" as well.
You've now enabled all of the APIs that Nylas needs to sync data.
The last step to do in the Google Developer Console is to create a credential for OAuth, starting with configuring the consent screen. Click the "CREATE CREDENTIALS" button that you should see as below after enabling the People API:
On the next screen, you'll want to click the "client ID" word:
Then click "configure consent screen":
Select the type of users that will be able to connect to your account:
- Internal - Select this if you only need to enable users from your own Google organization to use the app. Nobody outside your organization will be able to connect.
- External - Enable your app to connect to all Gmail accounts. If you need to access sensitive data, you will be required to complete a Google OAuth verification before you can use the APIs in production.
On the following page, fill out the "Application name" field.
You'll need to determine what Google scopes you add to your consent screen based on your application's behavior, and how this maps to Nylas API scopes. Please reference this mapping to determine which Nylas scopes you'll need to use during the authentication process.
Known Bug in Google Scopes!
Due to a known bug with the Google API, you shouldn't authenticate Google accounts with both email.read_only and email.metadata scopes. Doing so will cause Google to return 403 errors.
|Google Scope||Nylas Scope(s)|
Using Room Resources?
If your app is using room resources, you'll need to manually paste the scope in during this step.
- Click ‘manually paste your scopes’, this will open a box
- In the text at the bottom, click manually paste and in the input field that appears, paste:
Finally, add api.nylas.com to the "Authorized domains" field and press
enter. Your consent screen should look like this when you're done:
Scroll down to the bottom of the page and click the blue "Save" button!
Now, head over to the Credentials page, click Create Credentials, then OAuth client ID.
Select Web application as your Application type, and enter a name on the next page. At the bottom of the page, click Add URI under Authorized redirect URIs and add this URL to the field: https://api.nylas.com/oauth/callback. Before clicking "Create" your page should look something like this:
Now, you'll be presented with a page that shows your new OAuth Client ID and Secret. Keep this page open, as you'll need the credentials in the next step.
Head over to https://dashboard.nylas.com/ and log in.
From the front page of the dashboard, click "View all applications" on the right-hand side of the "Application and API Key" section:
On the following page, click "Edit" on your application. You'll be presented with the Application Settings page and you'll want to click on the "Google OAuth" tab:
Copy-paste your Google OAuth Client ID and Secret from the Google Developer Console and click "Update Google OAuth Settings":
You are now all set to start connecting Google accounts to Nylas! Happy developing!
Once you're ready to move your application to production, get in touch with [email protected] to kick off the verification process and security review which is required by Google.
Updated about a month ago