PluginsGmail
Get Credentials
Step-by-step instructions for obtaining Gmail credentials
This guide walks you through obtaining all required credentials for the Gmail plugin.
Authentication Method
The Gmail plugin uses OAuth 2.0 authentication exclusively.
oauth_2(default) - OAuth 2.0 authentication
OAuth 2.0 Setup
Step 1: Create Google Cloud Project
- Go to Google Cloud Console
- Click Select a project → New Project
- Enter a project name and click Create
- Wait for the project to be created and select it
Step 2: Enable Gmail API
- In the Google Cloud Console, go to APIs & Services → Library
- Search for "Gmail API"
- Click on Gmail API
- Click Enable
Step 3: Create OAuth 2.0 Credentials
- Go to APIs & Services → Credentials
- Click Create Credentials → OAuth client ID
- If prompted, configure the OAuth consent screen:
- Choose External (unless you have a Google Workspace)
- Fill in the required information:
- App name
- User support email
- Developer contact information
- Add scopes:
https://www.googleapis.com/auth/gmail.readonlyhttps://www.googleapis.com/auth/gmail.sendhttps://www.googleapis.com/auth/gmail.modifyhttps://www.googleapis.com/auth/gmail.compose
- Add test users (for testing)
- Click Save and Continue through all steps
- Back in Credentials, click Create Credentials → OAuth client ID
- Select Web application
- Configure:
- Name: Your application name
- Authorized redirect URIs: Add your callback URL (e.g.,
https://yourapp.com/auth/gmail/callback)
- Click Create
- Copy the Client ID and Client Secret
- Store these securely
Storing Credentials:
The preferred method is to store OAuth credentials in the database using the keys API:
await corsair.withTenant('default').keys.gmail.setClientId('your-client-id');
await corsair.withTenant('default').keys.gmail.setClientSecret('your-client-secret');
await corsair.withTenant('default').gmail.keys.setAccessToken('your-access-token');
await corsair.withTenant('default').gmail.keys.setRefreshToken('your-refresh-token');Alternatively, you can provide credentials directly in the plugin configuration:
gmail({
authType: "oauth_2",
credentials: {
clientId: process.env.GMAIL_CLIENT_ID,
clientSecret: process.env.GMAIL_CLIENT_SECRET,
accessToken: process.env.GMAIL_ACCESS_TOKEN,
refreshToken: process.env.GMAIL_REFRESH_TOKEN,
},
})Required Credentials Summary
| Credential | Required For | Where to Find |
|---|---|---|
| Client ID | OAuth 2.0 | Google Cloud Console → APIs & Services → Credentials |
| Client Secret | OAuth 2.0 | Google Cloud Console → APIs & Services → Credentials |
| Access Token | OAuth 2.0 | Obtained automatically after OAuth flow |
| Refresh Token | OAuth 2.0 | Obtained automatically after OAuth flow |
For general information about how Corsair handles authentication, see Authentication.