All requests to the Gmail API must be authorized by an authenticated user. Gmail uses the OAuth 2.0 protocol for authenticating a Google account and authorizing access to user data. You can also use Google Sign-in to provide a "sign-in with Google" authentication method for your app.
Why use Google for authentication?
Providing OAuth 2.0 user authentication directly or using Google Sign-in reduces your development overhead. It also provides a trusted and secure login system that's familiar to users, consistent across devices, and removes the burden of users having to remember another username and password.
How authorization works
At a high level, all apps follow the same basic authorization pattern:
- During development, register the application in the Google API Console.
- When the app launches, request that the user grant access to data in their Google account.
- If the user consents, your application requests and receives credentials to access the Gmail API.
- Refresh the credentials (if necessary).
To get started, see Implementing Server-side Authorization.