Google: OAuth2 single service

This document contains instructions for creating a Google credential for a single service. They’re also available as a video.

Note

Note for n8n Cloud users For the following nodes, you can authenticate by selecting Sign in with Google in the OAuth section:

• Google Calendar

• Google Contacts

• Google Mail

• Google Sheets

• Google Sheets Trigger

• Google Tasks

Prerequisites

• Create a Google Cloud account.

Set up OAuth

There are five steps to connecting your n8n credential to Google services:

1. Create a Google Cloud Console project.

2. Enable APIs.

3. Configure your OAuth consent screen.

4. Create your Google OAuth client credentials.

5. Finish your n8n credential.

Create a Google Cloud Console project

First, create a Google Cloud Console project. If you already have a project, jump to the next section:

1. Log in to your Google Cloud Console using your Google credentials.

2. In the top menu, select the project dropdown in the top navigation and select New project or go directly to the New Project page.

3. Enter a Project name and select the Location for your project.

4. Select Create.

5. Check the top navigation and make sure the project dropdown has your project selected. If not, select the project you just created.

   

   Check the project dropdown in the Google Cloud top navigation

Enable APIs

With your project created, enable the APIs you’ll need access to:

1. Access your Google Cloud Console - Library. Make sure you’re in the correct project.

   

   Check the project dropdown in the Google Cloud top navigation

2. Go to APIs & Services > Library.

3. Search for and select the API(s) you want to enable. For example, for the Gmail node, search for and enable the Gmail API.

4. Some integrations require other APIs or require you to request access:

   • Google Perspective: Request API Access.

   • Google Ads: Get a Developer Token.

   Note

   Google Drive API required The following integrations require the Google Drive API, as well as their own API:

   • Google Docs

   • Google Sheets

   • Google Slides

   Note

   Google Vertex AI API In addition to the Vertex AI API you will also need to enable the Cloud Resource Manager API.

5. Select ENABLE.

Configure your OAuth consent screen

If you haven’t used OAuth in your Google Cloud project before, you’ll need to configure the OAuth consent screen:

1. Access your Google Cloud Console - Library. Make sure you’re in the correct project.

   

   Check the project dropdown in the Google Cloud top navigation

2. Open the left navigation menu and go to APIs & Services > OAuth consent screen. Google will redirect you to the Google Auth Platform overview page.

3. Select Get started on the Overview tab to begin configuring OAuth consent.

4. Enter an App name and User support email to include on the Oauth screen. Select Next to continue.

5. For the Audience, select Internal for user access within your organization’s Google workspace or External for any user with a Google account. Refer to Google’s User type documentation for more information on user types. Select Next to continue.

6. Select the Email addresses Google should use to contact you about changes to your project. Select Next to continue.

7. Read and accept the Google’s User Data Policy. Select Continue and then select Create.

8. In the left-hand menu, select Branding.

9. In the Authorized domains section, select Add domain:

   • If you’re using n8n’s Cloud service, add n8n.cloud

   • If you’re self-hosting, add the domain of your n8n instance.

10. Select Save at the bottom of the page.

Create your Google OAuth client credentials

Next, create the OAuth client credentials in Google:

1. Access your Google Cloud Console. Make sure you’re in the correct project.

2. In the APIs & Services section, select Credentials.

3. Select + Create credentials > OAuth client ID.

4. In the Application type dropdown, select Web application.

5. Google automatically generates a Name. Update the Name to something you’ll recognize in your console.

6. If you’re self-hosting: From your n8n credential, copy the OAuth Redirect URL. Paste it into the Authorized redirect URIs in Google Console. If you’re using n8n cloud, you can leave this field empty as the OAuth setup is pre-configured, and the callback URL is fixed for that configuration.

7. Select Create.

Finish your n8n credential

With the Google project and credentials fully configured, finish the n8n credential:

• If self-hosted:

1. From Google’s OAuth client created modal, copy the Client ID. Enter this in your n8n credential.

2. From the same Google modal, copy the Client Secret. Enter this in your n8n credential.

• If n8n cloud:

1. In n8n, select Sign in with Google to complete your Google authentication.

2. Save your new credentials.

Video

Troubleshooting

Google hasn’t verified this app

If using the OAuth authentication method, you might see the warning Google hasn’t verified this app. To avoid this:

• If your app User Type is Internal, create OAuth credentials from the same account you want to authenticate.

• If your app User Type is External, you can add your email to the list of testers for the app: go to the Audience page and add the email you’re signing in with to the list of Test users.

If you need to use credentials generated by another account (by a developer or another third party), follow the instructions in Google Cloud documentation | Authorization errors: Google hasn’t verified this app.

Google Cloud app becoming unauthorized

For Google Cloud apps with Publishing status set to Testing and User type set to External, consent and tokens expire after seven days. Refer to Google Cloud Platform Console Help | Setting up your OAuth consent screen for more information. To resolve this, reconnect the app in the n8n credentials modal.