Skip to main content

Documentation Index

Fetch the complete documentation index at: https://docs.corsair.dev/llms.txt

Use this file to discover all available pages before exploring further.

This guide walks you through obtaining all required credentials for the Gmail plugin.

Authentication Method

The Gmail plugin uses OAuth 2.0 authentication exclusively.
  • oauth_2 (default) - OAuth 2.0 authentication

OAuth 2.0 Setup

Step 1: Create Google Cloud Project

  1. Go to Google Cloud Console
  2. Click Select a projectNew Project
  3. Enter a project name and click Create
  4. Wait for the project to be created and select it

Step 2: Enable Gmail API

  1. In the Google Cloud Console, go to APIs & ServicesLibrary
  2. Search for “Gmail API”
  3. Click on Gmail API
  4. Click Enable

Step 3: Create OAuth 2.0 Credentials

  1. Go to APIs & ServicesCredentials
  2. Click Create CredentialsOAuth client ID
  3. If prompted, configure the OAuth consent screen:
    • Choose External (unless you have a Google Workspace)
    • Fill in the required information:
      • App name
      • User support email
      • Developer contact information
    • Add scopes:
      • https://www.googleapis.com/auth/gmail.readonly
      • https://www.googleapis.com/auth/gmail.send
      • https://www.googleapis.com/auth/gmail.modify
      • https://www.googleapis.com/auth/gmail.compose
    • Add test users (for testing)
    • Click Save and Continue through all steps
  4. Back in Credentials, click Create CredentialsOAuth client ID
  5. Select Web application
  6. Configure:
    • Name: Your application name
    • Authorized redirect URIs: Add your callback URL (e.g., https://yourapp.com/auth/gmail/callback)
  7. Click Create
  8. Copy the Client ID and Client Secret
  9. Store these securely
Storing Credentials: The preferred method is to store OAuth credentials in the database using the keys API: 
await corsair.withTenant('default').keys.gmail.setClientId('your-client-id');
await corsair.withTenant('default').keys.gmail.setClientSecret('your-client-secret');
await corsair.withTenant('default').gmail.keys.setAccessToken('your-access-token');
await corsair.withTenant('default').gmail.keys.setRefreshToken('your-refresh-token');
Alternatively, you can provide credentials directly in the plugin configuration:
corsair.ts
gmail({
    authType: "oauth_2",
    credentials: {
        clientId: process.env.GMAIL_CLIENT_ID,
        clientSecret: process.env.GMAIL_CLIENT_SECRET,
        accessToken: process.env.GMAIL_ACCESS_TOKEN,
        refreshToken: process.env.GMAIL_REFRESH_TOKEN,
    },
})

Required Credentials Summary

CredentialRequired ForWhere to Find
Client IDOAuth 2.0Google Cloud Console → APIs & Services → Credentials
Client SecretOAuth 2.0Google Cloud Console → APIs & Services → Credentials
Access TokenOAuth 2.0Obtained automatically after OAuth flow
Refresh TokenOAuth 2.0Obtained automatically after OAuth flow
For general information about how Corsair handles authentication, see Authentication.