Team Drives-related fields in the Vault API are being replaced. Learn more.

Java Quickstart

Complete the steps described in the rest of this page to create a simple Java command-line application that makes requests to the Google Vault API.


To run this quickstart, you need the following prerequisites:

Step 1: Turn on the Google Vault API

Click this button to create a new Cloud Platform project and automatically enable the Google Vault API:

Enable the Google Vault API

In resulting dialog click DOWNLOAD CLIENT CONFIGURATION and save the file credentials.json to your working directory.

Step 2: Prepare the project

  1. In your working directory, run the following commands to create a new project structure:

    gradle init --type basic
    mkdir -p src/main/java src/main/resources 
  2. Copy the credentials.json file you downloaded in Step 1 into the src/main/resources/ directory you just created.

  3. Open the default build.gradle file and replace its contents with the following code:

apply plugin: 'java'
apply plugin: 'application'

mainClassName = 'Quickstart'
sourceCompatibility = 1.8
targetCompatibility = 1.8
version = '1.0'

repositories {

dependencies {
    compile ''
    compile ''
    compile '' 

Step 3: Set up the sample

Create a file in the src/main/java/ folder with the following filename and code:


import java.util.Arrays;
import java.util.List;

public class Quickstart {
    /** Application name. */
    private static final String APPLICATION_NAME =
        "Google Vault API Java Quickstart";

    /** Directory to store authorization tokens for this application. */
    private static final DATA_STORE_DIR = new"tokens");

    /** Global instance of the {@link FileDataStoreFactory}. */
    private static FileDataStoreFactory DATA_STORE_FACTORY;

    /** Global instance of the JSON factory. */
    private static final JsonFactory JSON_FACTORY =

    /** Global instance of the HTTP transport. */
    private static HttpTransport HTTP_TRANSPORT;

    /** Global instance of the scopes required by this quickstart.
     * If modifying these scopes, delete your previously saved credentials
     * at ~/.credentials/
    private static final List<String> SCOPES =

    static {
        try {
            HTTP_TRANSPORT = GoogleNetHttpTransport.newTrustedTransport();
            DATA_STORE_FACTORY = new FileDataStoreFactory(DATA_STORE_DIR);
        } catch (Throwable t) {

     * Creates an authorized Credential object.
     * @return an authorized Credential object.
     * @throws IOException
    public static Credential authorize() throws IOException {
        // Load client secrets.
        InputStream in =
        if (in == null) {
            throw new FileNotFoundException("Resource not found: " + CREDENTIALS_FILE_PATH);
        GoogleClientSecrets clientSecrets =
                GoogleClientSecrets.load(JSON_FACTORY, new InputStreamReader(in));

        // Build flow and trigger user authorization request.
        GoogleAuthorizationCodeFlow flow =
                new GoogleAuthorizationCodeFlow.Builder(
                        HTTP_TRANSPORT, JSON_FACTORY, clientSecrets, SCOPES)
        Credential credential = new AuthorizationCodeInstalledApp(
            flow, new LocalServerReceiver()).authorize("user");
                "Credentials saved to " + DATA_STORE_DIR.getAbsolutePath());
        return credential;

     * Build and return an authorized Vault client service.
     * @return an authorized Vault client service
     * @throws IOException
    public static Vault getVaultService() throws IOException {
        Credential credential = authorize();
        return new Vault.Builder(HTTP_TRANSPORT, JSON_FACTORY, credential)

    public static void main(String[] args) throws IOException {
        // Build a new authorized API client service.
        Vault service = getVaultService();

        // List the first 10 matters.
        ListMattersResponse response = service.matters().list()
        List<Matter> matters = response.getMatters();
        if (matters == null || matters.size() == 0) {
            System.out.println("No matters found.");
        } else {
            for (Matter matter: matters) {
                System.out.printf("%s (%s)\n", matter.getName(),

Step 4: Run the sample

Build and run the quickstart with the command:

gradle run

The first time you run the sample, it will prompt you to authorize access:

  1. The sample will attempt to open a new window or tab in your default browser. If this fails, copy the URL from the console and manually open it in your browser.

    If you are not already logged into your Google account, you will be prompted to log in. If you are logged into multiple Google accounts, you will be asked to select one account to use for the authorization.

  2. Click the Accept button.
  3. The sample will proceed automatically, and you may close the window/tab.


  • Authorization information is stored on the file system, so subsequent executions will not prompt for authorization.
  • The authorization flow in this example is designed for a command-line application. For information on how to perform authorization in a web application, see Using OAuth 2.0 for Web Server Applications.


This section describes some common issues that you may encounter while attempting to run this quickstart and suggests possible solutions.

This app isn't verified.

The OAuth consent screen that is presented to the user may show the warning "This app isn't verified" if it is requesting scopes that provide access to sensitive user data. These applications must eventually go through the verification process to remove that warning and other limitations. During the development phase you can continue past this warning by clicking Advanced > Go to {Project Name} (unsafe).

Further reading