Overview

Pre-built tooling

Pre-built integrations

Not seeing the integration you need? Build your own independently.

Access requirements

Pre-RequisitesStatusComment
Paid dev account✅ Not requiredFree, self-signup for a Google Cloud account.
Paid test account✅ Not requiredFree Google account can be used for testing.
Partnership✅ Not required
App review⚠️ ConditionalRequired for sensitive and restricted scopes or for publishing to Google Marketplace.
Security audit⚠️ ConditionalMay be required as part of the verification process for sensitive scopes.

Setup guide

1

Create a Google Cloud account

If you don’t already have one, sign up for a Google Cloud account.

2

Create a new project

  1. Go to the Google Cloud Console.
  2. Click on the project dropdown at the top left of the page.
  3. Click New Project.
  4. Enter a Project Name for your project
  5. Under Location, select the appropriate organization or folder where this project should belong.
    If you’re not part of an organization, it will default to No organization
  6. Click Create and wait for the project to be created.
  7. Select it from the project dropdown.
3

Enable the APIs you need

  1. Go to the API Library in the Google Cloud Console.
  2. Search for the Google APIs you want to use (e.g., Google Drive API, Gmail API, Google Calendar API).
  3. Select each API and click Enable.
  4. Repeat this process for all the APIs your application needs to access.
4

Configure the OAuth consent screen

  1. Go to APIs & Services > OAuth consent screen in the Google Cloud Console.
  2. Click Get started.
  3. Fill in the App Information form.
  • App Name: The name of the app asking for consent.
  • User support email: For users to contact you with questions about their consent
  1. Click Next. Select the appropriate Audience:
    • External: For applications available to any Google user
    • Internal: For applications restricted to users within your Google Workspace organization
  2. Click Next. Fill in the Contact Information, these are the email addresses that Google will use to notify you about any changes to your project.
  3. Click Next, then check the I agree to the Google API Services: User Data Policy checkbox, and click Continue.
  4. Add the scopes your application needs. Under Data Access, click Add or Remove Scopes and select the scopes that correspond to the APIs you enabled. 8 Under Audience, click Add users if you selected External user type (required for testing before verification).
5

Create OAuth 2.0 credentials

  1. Go to APIs & Services > Credentials in the Google Cloud Console.
  2. Click Create Credentials and select OAuth client ID.
  3. Select Web application as the application type.
  4. Enter a name for your OAuth client.
  5. Under Authorized redirect URIs, add https://api.nango.dev/oauth/callback.
  6. Click Create.
  7. A dialog will appear with your client ID and client secret. Save these credentials securely as you’ll need them when configuring your integration in Nango.
6

Verify your app (if required)

If your application uses sensitive or restricted scopes, you’ll need to verify your app with Google:

  1. Go to APIs & Services > OAuth consent screen > Audience.
  2. Click Publish App to move from testing to production.
  3. Once your app is published to production, click Prepare for Verification to proceed to submit your app for verification.
  4. Review and confirm all app details, then click Save and Continue.
  5. Justify your use of any sensitive or restricted scopes.
  6. Upload a demo video showing your app’s OAuth flow and scope usage.
  7. Click Submit for Verification to begin the review process.
7

Next

Follow the Quickstart.

Need help getting started? Get help in the community.
TopicLinks
GeneralGoogle Cloud Console
Google Cloud Documentation
DeveloperOAuth 2.0 Documentation
Using OAuth 2.0 for Web Server Applications
OAuth 2.0 Scopes for Google APIs
API Library
OAuth Consent Screen Configuration
Credentials Management
App Verification Requirements
OAuth Token Expiration
Contribute useful links by editing this page

Common Scopes

ScopeDescription
openidAccess to basic profile information
profileAccess to user’s basic profile information
emailAccess to user’s email address
https://www.googleapis.com/auth/driveFull access to Google Drive
https://www.googleapis.com/auth/drive.fileAccess to files created or opened by the app
https://www.googleapis.com/auth/gmail.readonlyRead-only access to Gmail
https://www.googleapis.com/auth/calendarFull access to Google Calendar
https://www.googleapis.com/auth/calendar.readonlyRead-only access to Google Calendar

API gotchas

  • Google has a unified OAuth system for their various APIs. This provider should work for most of them (e.g. Google Sheets, Gmail, Google Calendar, etc.).
  • You need to enable individual Google APIs on the Google API Console before using them.
  • Under certain circumstances, Google expires a user’s refresh token and the token refresh in Nango will fail. You can find a list of reasons from Google here.
  • While setting up the OAuth credentials, the Authorized JavaScript origins should be your site URL (https://app.nango.dev if you’re testing from the Nango UI).
  • For applications using sensitive or restricted scopes, Google requires verification and a security assessment. This process can take several weeks to complete.
  • Google’s OAuth consent screen has different configurations for “External” and “Internal” user types. Internal is only available for Google Workspace users and limits access to users within your organization.
  • Google implements incremental authorization, allowing you to request additional scopes over time without requiring users to re-authorize all previously granted scopes.
  • Google enforces rate limits on API requests, which vary depending on the specific API being used.
Contribute API gotchas by editing this page