23

I want to run a node script as a cronjob which uses Gmail's API to poll a gmail account I own.

I am following these quickstart instructions:

quickstart

I'm stuck on the first step. When requesting credentials for a cron script it tells me that "User data cannot be accessed from a platform without a UI because it requires user interaction for sign-in":

enter image description here

The docs are confusing in general, and mention "service accounts," "OAuth," and other things -- I cannot tell which apply to my use-case and which don't. I've used many SaaS APIs, and the typical workflow is to login to your account, get an API key and secret, and use those in your script to access the API. It seems this is not the paradigm used by the Gmail API, so I'd appreciate any guidance or links to clearer instructions.

Jonah
  • 15,806
  • 22
  • 87
  • 161

2 Answers2

13

I also find that the documentation can be confusing at times, but what you want to to is actually pretty straight forward once you get it:

  1. Register your App at Google, and say what APIs you want your App to have access to (only the Gmail API in this case). This will give you two strings, a client_id and a client_secret (which is the content of the client_secrets.json-file above).
  2. Since you are just going to write a script for your own account only, you don't need a http-server. The Oauth Playground will suffice. Press the Settings Cog on the top right and use your own OAuth credentials.
  3. Select the Gmail API in the list of APIs and follow the outlined steps.

Now you have an access_token and a refresh_token you can use to keep your script going indefinitely!

Tholle
  • 108,070
  • 19
  • 198
  • 189
  • Thank you! So i got my access_token using your method, and was able to interact with the API using command line curl after that. My question is: After the token expires, how can I use the refresh_token to get a fresh one? Again, keeping in mind I'll be doing this from a script, not manually... – Jonah May 31 '16 at 22:20
  • @Jonah No problem! You can check the documentation for [Using a refresh token](https://developers.google.com/identity/protocols/OAuth2WebServer#refresh) to see how a request can be formatted. – Tholle May 31 '16 at 22:35
  • One last question. In [this section of the docs](https://developers.google.com/gmail/api/v1/reference/query-parameters), it mentions a parameter called `key` which you can use instead of an `access_token`, and says only "Obtain your project's API key from the Google Developers Console." But there is nothing called `key` that I can find there... – Jonah Jun 01 '16 at 05:43
  • @Jonah I don't know, I'm afraid. I have never used the key in my applications. Maybe [this answer](http://stackoverflow.com/questions/8832087/where-can-i-get-google-developer-key) can give some clues. – Tholle Jun 01 '16 at 06:41
  • 1
    Thank you! I thought I was losing my mind that I couldn't figure out how to access the data for my own account through a rest interface. This saved me completely – Kevin Mar 25 '18 at 02:51
  • Tried with the API key, but it only gives access to public data, not account data. – shalvah Nov 25 '18 at 07:06
  • The problem is that Google OAuth 2.0 requires you to designate your project as either "Testing" or "Published." OAuth 2.0 tokens issued for "testing" projects are only valid for one week, after which the user must complete the OAuth consent process again. And OAuth 2.0 tokens issued for "published" projects are permanent, but publishing requires submitting your project to Google for review and approval, with a video and a written explanation of your security policy... etc. In short, Google has screwed up its entire service for regular users and the API is functionally unavailable to us. – David Stein Mar 12 '22 at 13:09
0

To fully understand the use of Gmail API, going through Gmail API Overview really will make a difference.

And you can also use these documentations to start building a Gmail app:

I hope these help.

Teyam
  • 7,686
  • 3
  • 15
  • 22
  • 3
    So, yeah, I had read all those and they are completely confusing. What is the difference between my "project" and my "app"? Or is there one? To access my own gmail account using an API, it appears I have to create "an application," and then use a web-based OAuth page to grant that application access to my gmail account, and then my application uses the OAuth token to make API requests? Is that correct? That seems incredibly convoluted since all I am trying to do is access my own account.... – Jonah May 31 '16 at 15:52