JavaScript Quickstart

Stay organized with collections Save and categorize content based on your preferences.

Complete the steps described in the rest of this page to create a simple JavaScript web application that makes requests to the Google Sheets API.


To run this quickstart, you need the following prerequisites:

  • Python 2.4 or greater (to provide a web server)
  • A Google Cloud Platform project with the API enabled. To create a project and enable an API, refer to Create a project and enable the API
  • Authorization credentials for a desktop application. To learn how to create credentials for a desktop application, refer to Create credentials.
  • A Google account

Step 1: Set up the sample

To set up the sample:

  1. In your working directory, create a file named index.html.
  2. Include the following code in index.html:

    <!DOCTYPE html>
        <title>Sheets API Quickstart</title>
        <meta charset="utf-8" />
        <p>Sheets API Quickstart</p>
        <!--Add buttons to initiate auth sequence and sign out-->
        <button id="authorize_button" onclick="handleAuthClick()">Authorize</button>
        <button id="signout_button" onclick="handleSignoutClick()">Sign Out</button>
        <pre id="content" style="white-space: pre-wrap;"></pre>
        <script type="text/javascript">
          /* exported gapiLoaded */
          /* exported gisLoaded */
          /* exported handleAuthClick */
          /* exported handleSignoutClick */
          // TODO(developer): Set to client ID and API key from the Developer Console
          const CLIENT_ID = '<YOUR_CLIENT_ID>';
          const API_KEY = '<YOUR_API_KEY>';
          // Discovery doc URL for APIs used by the quickstart
          const DISCOVERY_DOC = '$discovery/rest?version=v4';
          // Authorization scopes required by the API; multiple scopes can be
          // included, separated by spaces.
          const SCOPES = '';
          let tokenClient;
          let gapiInited = false;
          let gisInited = false;
          document.getElementById('authorize_button').style.visibility = 'hidden';
          document.getElementById('signout_button').style.visibility = 'hidden';
           * Callback after api.js is loaded.
          function gapiLoaded() {
            gapi.load('client', intializeGapiClient);
           * Callback after the API client is loaded. Loads the
           * discovery doc to initialize the API.
          async function intializeGapiClient() {
            await gapi.client.init({
              apiKey: API_KEY,
              discoveryDocs: [DISCOVERY_DOC],
            gapiInited = true;
           * Callback after Google Identity Services are loaded.
          function gisLoaded() {
            tokenClient = google.accounts.oauth2.initTokenClient({
              client_id: CLIENT_ID,
              scope: SCOPES,
              callback: '', // defined later
            gisInited = true;
           * Enables user interaction after all libraries are loaded.
          function maybeEnableButtons() {
            if (gapiInited && gisInited) {
              document.getElementById('authorize_button').style.visibility = 'visible';
           *  Sign in the user upon button click.
          function handleAuthClick() {
            tokenClient.callback = async (resp) => {
              if (resp.error !== undefined) {
                throw (resp);
              document.getElementById('signout_button').style.visibility = 'visible';
              document.getElementById('authorize_button').innerText = 'Refresh';
              await listMajors();
            if (gapi.client.getToken() === null) {
              // Prompt the user to select a Google Account and ask for consent to share their data
              // when establishing a new session.
              tokenClient.requestAccessToken({prompt: 'consent'});
            } else {
              // Skip display of account chooser and consent dialog for an existing session.
              tokenClient.requestAccessToken({prompt: ''});
           *  Sign out the user upon button click.
          function handleSignoutClick() {
            const token = gapi.client.getToken();
            if (token !== null) {
              document.getElementById('content').innerText = '';
              document.getElementById('authorize_button').innerText = 'Authorize';
              document.getElementById('signout_button').style.visibility = 'hidden';
           * Print the names and majors of students in a sample spreadsheet:
          async function listMajors() {
            let response;
            try {
              // Fetch first 10 files
              response = await gapi.client.sheets.spreadsheets.values.get({
                spreadsheetId: '1BxiMVs0XRA5nFMdKvBdBZjgmUUqptlbs74OgvE2upms',
                range: 'Class Data!A2:E',
            } catch (err) {
              document.getElementById('content').innerText = err.message;
            const range = response.result;
            if (!range || !range.values || range.values.length == 0) {
              document.getElementById('content').innerText = 'No values found.';
            // Flatten to string to display
            const output = range.values.reduce(
                (str, row) => `${str}${row[0]}, ${row[4]}\n`,
                'Name, Major:\n');
            document.getElementById('content').innerText = output;
        <script async defer src="" onload="gapiLoaded()"></script>
        <script async defer src="" onload="gisLoaded()"></script>

  3. In the code, replace <YOUR_CLIENT_ID> with the client ID you created as a Prerequisite for this quickstart.

  4. In the code, replace <YOUR_API_KEY> with the API key you created as a Prerequisite for this quickstart.

Step 2: Run the sample

To run the sample:

  1. Start the web server using the following command from your working directory:

Python 2.x

python -m SimpleHTTPServer 8000

Python 3.x

python -m http.server 8000
  1. In your browser, navigate to http://localhost:8000.

  2. (optional). If this is your first time running the sample, the sample opens an OAuth consent screen prompting you to authorize the app to access your data on your behalf:

    1. If you are not already signed in to your Google account, you are prompted to sign in. If you are signed in to multiple Google accounts, you are asked to select one account to use for authorization.

    2. Click Accept. The app is authorized to access your data.

  3. The sample executes.

If you have problems, refer to the Troubleshoot the sample section.

Troubleshoot the sample

This section describes some common issues that you can encounter while attempting to run this quickstart.

Error: origin_mismatch

This error occurs during the authorization flow if the host and port used to serve the web page doesn't match an allowed JavaScript origin on your Google Developers Console project. Make sure you set an authorized JavaScript origin and that the URL in your browser matches the origin's URL.

idpiframe_initialization_failed: Failed to read the 'localStorage' property from 'Window'

This error occurs when 3rd party cookies and data storage aren't enabled in your browser. These options are required by the Google Sign-in library. For further information, refer to 3rd party cookies and data storage.

idpiframe_initialization_failed: Not a valid origin for the client

This error occurs when the domain registered as a Prerequisite doesn't match the domain being used to host the web page. Ensure that the origin you registered as a Prerequisite matches the URL in the browser.

This app isn't verified

If the OAuth consent screen displays the warning "This app isn't verified," your app is requesting scopes that provide access to sensitive user data. If your application uses sensitive scopes, your app must go through the verification process to remove that warning and other limitations. During the development phase, you can continue past this warning by selecting Advanced > Go to {Project Name} (unsafe).

Further reading

For further information on the APIs used in this quickstart, refer to the Google API Client Library for JavaScript section of GitHub.