Custom Google Dev App
Learn how to create a custom Google Dev App and get your own oAuth credentials. Once ready, you can use the resulting Access Token into the respective Google Auth driver to authenticate.
This process is covered in great extens by the Google official guide while next step will try to summarize it.
1. Create Google Cloud Project
Login with your Google account to the Google Cloud Console and create and/or choose a project where to manage the custom oAuth credentials.
2. Enable Google APIs
Go to the Google Cloud Console API Libraries and enable the APIs you need. For example, for Google Sheets enable the Google Sheets API, for YouTube the YouTube Data API, etc.
TIP
You can either create one project for each API, or a single-project for every API. It's up to you and your security policies.
3. Create oAuth Consent Screen
Go to the console oAuth Consent Screen Page and choose Internal as the User Type. Follow through the form to fullfill all the necessary data.
In the scopes section you would usually match the scopes for the APIs you have enabled previously. Refer to the following table as the scopes required by Essential addons.
| Scope | Addon |
|---|---|
| https://www.googleapis.com/auth/youtube.readonly | Youtube Source |
| https://www.googleapis.com/auth/business.manage | Google Business Profile Source. |
| https://www.googleapis.com/auth/drive.readonly | Google Sheets Source and Google Sheets Form Action |
| https://www.googleapis.com/auth/spreadsheets | Google Sheets Source and Google Sheets Form Action |
| https://www.googleapis.com/auth/calendar.readonly | Google Calendar Source |
| https://www.googleapis.com/auth/calendar.events.readonly | Google Calendar Source |
| https://www.googleapis.com/auth/photoslibrary.readonly | Google Photos Source |
4. Create oAuth Client ID
Go to the console Credentials Page and create an oAuth Client ID. Select Web Application and set a name. For the URL, input your site one or any URL you want to set as authorized.
Once created, copy the Redirect URI, Client ID and Client Secret parameters.
5. Generate Refresh Token
Through your browser, visit the following URL, replacing the placeholders with parameters from the previous steps.
https://accounts.google.com/o/oauth2/v2/auth?client_id={CLIENT_ID}&redirect_uri={REDIRECT_URI}&response_type=code&access_type=offline&state=state&scope={LIST_OF_SCOPES}TIP
If there are multiple scopes, separate them with a comma.
You will get redirected back to the REDIRECT_URI with a code parameter in the URL, for example https://example.com/?code=4/P7q7W91a-oMsCeLvIaQm6bTrgtp7. Copy that code value.
Through an HTTP client like Postman, or your terminal using CURL, make a post request like the following one, once again, replacing the placeholders.
POST /token HTTP/1.1
Host: oauth2.googleapis.com
Content-Type: application/x-www-form-urlencoded
code={CODE}
client_id={CLIENT_ID}&
client_secret={CLIENT_SECRET}&
redirect_uri={REDIRECT_URI}&
grant_type=authorization_codeYou should get back a JSON response that contains the refresh_token you need, for example:
{
"access_token": "1/fFAGRNJru1FTz70BzhT3Zg",
"expires_in": 3920,
"token_type": "Bearer",
"scope": "https://www.googleapis.com/auth/drive.metadata.readonly",
"refresh_token": "1//xEoDL4iW3cxlI7yDbSRFYNG01kVKM2C-259HOF2aQbI"
}6. Authenticate
When creating a Source or Action that requires Google Authentication choose Custom App and fill in the details using the Client ID, Client Secret and Refresh Token obtained in the previous steps.
