How to create Custom OAuths for Google Connectors

You can create custom OAuths for supported Google connectors. Custom OAuths can then be used to configure supported triggers and actions.

When you are configuring an action or a trigger, you are prompted to select an existing account or create a new account. To create custom OAuth, click the + icon located beside the Authorize {connector_name} label. You will be redirected to the Add Account page.

Here, you need to enter the relevant details associated with your Google service account to create custom OAuth

Retrieving Client ID and Client Secret

You need to have a relevant Google connector app in Google Cloud Platform to retrieve its Client ID and Client Secret. We will first understand how to create an app for a Google Connector (if you have already created an app, skip to step 4).

Let’s say you want to create an app for Dialogflow. To do this, follow the steps given below:

  1. Login to Google Cloud Platform and create a new project

    First, login to Google Cloud Platform. You will be prompted to create a new project.

    Once you have entered the relevant details, click Create. This will redirect you to the project dashboard.

  2. Enable service APIs

    Click on the + ENABLE APIS AND SERVICES button.

    This will take you to the Google API library where you can view a list of all services supported by Google.

    Click the service for which you want to create an app.

    This will set up the selected service API in your account. Click on Enable to enable it for your account.

  3. Set up OAuth Client ID

Once the API is enabled, you will be redirected to the API dashboard.

Click on the Credentials menu listed in the left-side panel, and then select the OAuth Client ID option from the CREATE CREDENTIALS drop-down menu.

You will be prompted to configure the consent screen details. Click the Configure consent screen button.

This will take you to the Auth Consent screen. Provide the following details:
  • Application type: Specify whether you want to create a public or private application.
  • Application name: Provide a suitable name for your application.
  • Authorized domains: Enter the domain (s) for which you want to enable OAuth access.

Once this is done, click Save.

Set Application type to Web in the next screen that appears and specify the redirect URL in the Authorized redirect URIs field.

Note: The redirect URI should match with the domain(s) you have specified earlier.

Once this is done, click Create. With this, your app will be successfully created. >

Retrieve the Client ID and the Client Secret.

As soon as the app is created, you will see the Client ID and Client Secret.

You can alternatively view the Client ID and Client Secret by navigating to relevant project dashboard, and clicking the Credentials menu listed in the left-side panel. You will see the list of all existing OAuths clients.

Locate the OAuth client of which Client ID and Client Secret keys you want to retrieve, and click on the Edit OAuth Client icon given against it.

This will take you to the OAuth Client configuration screen where you can see the Client ID and Client secret for the selected app at the top of the page.

Copy the Client ID and Client Secret from here and add them to the respective fields in the Add Account window.

Retrieving Access Token and Request Token

You can use services like Postman to retrieve the Access Token and Request Token. To do this, you need to perform two steps where you make two API requests to relevant Google service.

  1. Retrieve authorization code required to fetch access token and request token.

    Open Postman and set up the first request as given below:

    Key Value
    client_id {Enter client_id}
    redirect_uri {Enter redirect_uri}
    response_type code
    scope {Enter relevant scope from this list}
    include_granted_scopes true
    state pass through value
    prompt consent
    access_type offline

    Once this is done, you will notice that the params passed by you are appended to the request URL. Copy this modified request URL, paste it in any browser, and hit enter.

    You will be prompted to select the Gmail account you want to use. Once you do this, you will see the consent screen for the app created by you.

    Click Allow. This will take you to the homepage of your app. Copy the value of the code key displayed in the address bar and save it in any text editor. We will need this key in the next step when we send the request to retrieve the Access Token and Request Token.

  2. Retrieve Access Token and Refresh Token

    Open Postman and set up the second request as given below:

    Key Value
    client_id {Enter client_id}
    redirect_secret {Enter client_secret}
    redirect_uri {Enter redirect_uri}
    grant_type authorization_code
    code {code retrieved from step 1}

    Once you have entered all the details, click Send. This will return the Access Token and Request Token along with other details in the Body tab of the response.

    Copy the Access Token and Request Token from here and add them to the respective fields in the Add Account window.

Note: The value of Refresh URL will always be https://www.googleapis.com/oauth2/v4/token and the value of Grant Type will always be refresh_token for all Google connectors.

List of Scopes for Google Services

Table given below contains the scope(s) to be used while sending the first request in order to retrieve the Access Token and Refresh Token.

Note: Use space separator in case of multiple scopes.
Service Name Scope(s)
Gmail https://www.googleapis.com/auth/gmail.modify https://www.googleapis.com/auth/gmail.readonly https://www.googleapis.com/auth/gmail.compose
Dialogflow https://www.googleapis.com/auth/cloud-platform https://www.googleapis.com/auth/dialogflow
Google Contacts https://www.google.com/m8/feeds https://www.googleapis.com/auth/userinfo.email https://www.googleapis.com/auth/userinfo.profile
Google Forms https://spreadsheets.google.com/feeds https://www.googleapis.com/auth/userinfo.email https://www.googleapis.com/auth/userinfo.profile https://www.googleapis.com/auth/drive.readonly
Google Tasks https://www.googleapis.com/auth/tasks https://www.googleapis.com/auth/tasks.readonly https://www.googleapis.com/auth/taskqueue.consumer https://www.googleapis.com/auth/taskqueue https://www.googleapis.com/auth/userinfo.email https://www.googleapis.com/auth/userinfo.profile
Google Sheets https://spreadsheets.google.com/feeds/ https://www.googleapis.com/auth/userinfo.email https://www.googleapis.com/auth/userinfo.profile https://www.googleapis.com/auth/drive.readonly
Google Drive https://www.googleapis.com/auth/drive.metadata https://www.googleapis.com/auth/drive.file https://www.googleapis.com/auth/drive https://www.googleapis.com/auth/drive.apps.readonly https://www.googleapis.com/auth/drive.scripts https://www.googleapis.com/auth/drive.install https://www.googleapis.com/auth/drive.appdata https://www.googleapis.com/auth/userinfo.email https://www.googleapis.com/auth/userinfo.profile
Google Calendar https://www.googleapis.com/auth/calendar https://www.googleapis.com/auth/calendar.readonly https://www.googleapis.com/auth/userinfo.email https://www.googleapis.com/auth/userinfo.profile
Google Apps Admin https://www.googleapis.com/auth/admin.directory.device.mobile https://www.googleapis.com/auth/admin.directory.device.mobile.readonly https://www.googleapis.com/auth/admin.directory.device.mobile.action https://www.googleapis.com/auth/admin.directory.group.member https://www.googleapis.com/auth/admin.directory.group.member.readonly https://www.googleapis.com/auth/admin.directory.group https://www.googleapis.com/auth/admin.directory.group.readonly https://www.googleapis.com/auth/admin.directory.orgunit https://www.googleapis.com/auth/admin.directory.orgunit.readonly https://www.googleapis.com/auth/admin.directory.user https://www.googleapis.com/auth/admin.directory.user.readonly https://www.googleapis.com/auth/admin.directory.user.alias https://www.googleapis.com/auth/admin.directory.user.alias.readonly https://www.googleapis.com/auth/admin.directory.user.security https://www.googleapis.com/auth/admin.directory.rolemanagement https://www.googleapis.com/auth/admin.directory.rolemanagement.readonly https://www.googleapis.com/auth/admin.directory.userschema https://www.googleapis.com/auth/admin.directory.userschema.readonly https://www.googleapis.com/auth/admin.directory.notifications https://www.googleapis.com/auth/admin.directory.customer https://www.googleapis.com/auth/admin.directory.customer.readonly https://www.googleapis.com/auth/admin.directory.domain https://www.googleapis.com/auth/admin.directory.domain.readonly https://www.googleapis.com/auth/admin.directory.resource.calendar https://www.googleapis.com/auth/admin.directory.resource.calendar.readonly https://www.googleapis.com/auth/admin.directory.device.chromeos https://www.googleapis.com/auth/admin.directory.device.chromeos.readonly
Google Analytics https://www.googleapis.com/auth/analytics https://www.googleapis.com/auth/analytics.edit https://www.googleapis.com/auth/analytics.manage.users https://www.googleapis.com/auth/userinfo.email https://www.googleapis.com/auth/userinfo.profile
Google Cloud PubSub https://www.googleapis.com/auth/pubsub https://www.googleapis.com/auth/cloud-platform
Google Analytics Reporting https://www.googleapis.com/auth/analytics https://www.googleapis.com/auth/analytics.edit https://www.googleapis.com/auth/analytics.manage.users https://www.googleapis.com/auth/userinfo.email https://www.googleapis.com/auth/userinfo.profile
Google BigQuery https://www.googleapis.com/auth/bigquery https://www.googleapis.com/auth/bigquery.readonly https://www.googleapis.com/auth/cloud-platform https://www.googleapis.com/auth/devstorage.full_control https://www.googleapis.com/auth/devstorage.read_only https://www.googleapis.com/auth/devstorage.read_write https://www.googleapis.com/auth/userinfo.email https://www.googleapis.com/auth/userinfo.profile
Google Translator https://www.googleapis.com/auth/userinfo.email https://www.googleapis.com/auth/userinfo.profile https://www.googleapis.com/auth/cloud-translation https://www.googleapis.com/auth/cloud-platform
Google Cloud Storage https://www.googleapis.com/auth/devstorage.full_control https://www.googleapis.com/auth/devstorage.read_only https://www.googleapis.com/auth/devstorage.read_write https://www.googleapis.com/auth/userinfo.email https://www.googleapis.com/auth/userinfo.profile