APIs & Integrations
Overview
Pre-built tooling
Pre-built integrations
Not seeing the integration you need? Build your own independently.
Access requirements
Pre-Requisites | Status | Comment |
---|---|---|
Paid dev account | ✅ Not required | Free, self-signup for a Google Cloud account. |
Paid test account | ✅ Not required | Free Google account can be used for testing. |
Partnership | ✅ Not required | |
App review | ⚠️ Conditional | Required for sensitive and restricted scopes or for publishing to Google Marketplace. |
Security audit | ⚠️ Conditional | May be required as part of the verification process for sensitive scopes. |
Setup guide
1
Create a Google Cloud account
If you don’t already have one, sign up for a Google Cloud account.
2
Create a new project
- Go to the Google Cloud Console.
- Click on the project dropdown at the top left of the page.
- Click New Project.
- Enter a Project Name for your project
- Under Location, select the appropriate organization or folder where this project should belong.
If you’re not part of an organization, it will default to No organization
- Click Create and wait for the project to be created.
- Select it from the project dropdown.
3
Enable the APIs you need
- Go to the API Library in the Google Cloud Console.
- Search for the Google APIs you want to use (e.g., Google Drive API, Gmail API, Google Calendar API).
- Select each API and click Enable.
- Repeat this process for all the APIs your application needs to access.
4
Configure the OAuth consent screen
- Go to APIs & Services > OAuth consent screen in the Google Cloud Console.
- Click Get started.
- Fill in the App Information form.
- App Name: The name of the app asking for consent.
- User support email: For users to contact you with questions about their consent
- Click Next. Select the appropriate Audience:
- External: For applications available to any Google user
- Internal: For applications restricted to users within your Google Workspace organization
- Click Next. Fill in the Contact Information, these are the email addresses that Google will use to notify you about any changes to your project.
- Click Next, then check the I agree to the Google API Services: User Data Policy checkbox, and click Continue.
- Add the scopes your application needs. Under Data Access, click Add or Remove Scopes and select the scopes that correspond to the APIs you enabled. 8 Under Audience, click Add users if you selected External user type (required for testing before verification).
5
Create OAuth 2.0 credentials
- Go to APIs & Services > Credentials in the Google Cloud Console.
- Click Create Credentials and select OAuth client ID.
- Select Web application as the application type.
- Enter a name for your OAuth client.
- Under Authorized redirect URIs, add
https://api.nango.dev/oauth/callback
. - Click Create.
- A dialog will appear with your client ID and client secret. Save these credentials securely as you’ll need them when configuring your integration in Nango.
6
Verify your app (if required)
If your application uses sensitive or restricted scopes, you’ll need to verify your app with Google:
- Go to APIs & Services > OAuth consent screen > Audience.
- Click Publish App to move from testing to production.
- Once your app is published to production, click Prepare for Verification to proceed to submit your app for verification.
- Review and confirm all app details, then click Save and Continue.
- Justify your use of any sensitive or restricted scopes.
- Upload a demo video showing your app’s OAuth flow and scope usage.
- Click Submit for Verification to begin the review process.
7
Next
Follow the Quickstart.
Need help getting started? Get help in the community.
Useful links
Contribute useful links by editing this page
Common Scopes
Scope | Description |
---|---|
openid | Access to basic profile information |
profile | Access to user’s basic profile information |
Access to user’s email address | |
https://www.googleapis.com/auth/drive | Full access to Google Drive |
https://www.googleapis.com/auth/drive.file | Access to files created or opened by the app |
https://www.googleapis.com/auth/gmail.readonly | Read-only access to Gmail |
https://www.googleapis.com/auth/calendar | Full access to Google Calendar |
https://www.googleapis.com/auth/calendar.readonly | Read-only access to Google Calendar |
API gotchas
- Google has a unified OAuth system for their various APIs. This provider should work for most of them (e.g. Google Sheets, Gmail, Google Calendar, etc.).
- You need to enable individual Google APIs on the Google API Console before using them.
- Under certain circumstances, Google expires a user’s refresh token and the token refresh in Nango will fail. You can find a list of reasons from Google here.
- While setting up the OAuth credentials, the Authorized JavaScript origins should be your site URL (
https://app.nango.dev
if you’re testing from the Nango UI). - For applications using sensitive or restricted scopes, Google requires verification and a security assessment. This process can take several weeks to complete.
- Google’s OAuth consent screen has different configurations for “External” and “Internal” user types. Internal is only available for Google Workspace users and limits access to users within your organization.
- Google implements incremental authorization, allowing you to request additional scopes over time without requiring users to re-authorize all previously granted scopes.
- Google enforces rate limits on API requests, which vary depending on the specific API being used.
Contribute API gotchas by editing this page