Authorizing Your App with Gmail

All requests to the Gmail API must be authorized by an authenticated user. Gmail uses the OAuth 2.0 protocol for authenticating a Google account and authorizing access to user data. You can also use Google+ Sign-in to provide a "sign-in with Google" authentication method for your app.

Why use Google for authentication?

Providing OAuth 2.0 user authentication directly or using Google+ Sign-in reduces your development overhead. It also provides a trusted and secure login system that's familiar to users, consistent across devices, and removes the burden of users having to remember another username and password.

How authorization works

At a high level, all apps follow the same basic authorization pattern:

During development, register the application in the Google API Console.
When the app launches, request that the user grant access to data in their Google account.
If the user consents, your application requests and receives credentials to access the Gmail API.
Refresh the credentials (if necessary).

Get started

To get started, see Implementing Server-side Authorization.

Except as otherwise noted, the content of this page is licensed under the Creative Commons Attribution 4.0 License, and code samples are licensed under the Apache 2.0 License. For details, see our Site Policies. Java is a registered trademark of Oracle and/or its affiliates.

Last updated March 25, 2019.

Authorizing Your App with Gmail

Why use Google for authentication?

How authorization works

Get started

Send feedback about...