# Google

There are two authentication methods available for Google services nodes, OAuth2 (opens new window) and the Service Account (opens new window) authentication. Refer to the official Google documentation to learn which is appropriate for your case case.

Note that while all nodes are compatible with OAuth2 authentication, only some also support Service Account authentication.

# Prerequisites

# Compatible nodes

Once configured, you can use your credentials to authenticate the following nodes:

Node OAuth Service Account
G Suite Admin
Gmail
Google Analytics
Google BigQuery
Google Books
Google Calendar
Google Contacts
Google Cloud Firestore
Google Cloud Natural Language
Google Cloud Realtime Database
Google Docs
Google Drive
Google Sheets
Google Slides
Google Tasks
Google Translate
YouTube

⛅️ Note for n8n.cloud users

For the following nodes, you only need to enter the Credentials Name and click on the Sign in with Google button in the OAuth section to connect your Google account to n8n:

# Using OAuth

From your Google Cloud Console (opens new window) dashboard:

  1. Click on the hamburger menu and select APIs & Services > Credentials.

  2. Click on + CREATE CREDENTIALS and select OAuth client ID.

    ❗️ Note for new users

    If you're creating OAuth credentials for the first time, you will have to configure the consent screen (opens new window).

  3. From the Application type dropdown select Web application. A name is automatically generated, change it if desired.

  4. From the Authorized redirect URIs section, select + Add URI.

  5. Enter the OAuth Callback URL provided in the Google node credential modal: OAuth Callback URL

  6. Click the CREATE button.

From your n8n instance:

  1. Enter your new Client ID and Client Secret from Google Cloud Console in the n8n Credentials modal.
  2. Enter a Credentials Name.
  3. Click on the Sign in with Google button to complete your Google authentication.
  4. Save your new credentials in n8n.

Now you must enable each Google service (e.g. Sheets, Drive, etc.) API that you want to use.

The following video demonstrates the steps mentioned above.

# Using Service Account

From your Google Cloud Console (opens new window) dashboard:

  1. Click on the hamburger menu and select APIs & Services > Credentials.
  2. Click on + CREATE CREDENTIALS and select Service account.
  3. Enter a name in the Service account name field.
  4. Click on the CREATE button.
  5. Based on your use-case, you may want to Select a role and Grant users access to this service account using the corresponding sections.
  6. Click Done.
  7. Select your newly created service account under the Service Accounts section and open the Keys tab.
  8. Click on ADD KEY and select Create new key.
  9. In the modal that appears, select JSON and click Create. The file is saved to your computer.

From you n8n instance:

  1. Enter a Credentials Name.
  2. In the Service Account Email field, enter the email associated with your new Service Account (visible in the Details tab).
  3. Enter the Private Key from the downloaded JSON file. Be sure to replace all instances of \n in the JSON file with new lines.
  4. (Optional) Click the toggle to enable Impersonate a User (opens new window) and enter the desired email.
  5. Save your credentials.

Now you must enable each Google service (e.g. Sheets, Drive, etc.) API that you want to use.

The following video demonstrates the steps mentioned above.

# Enable APIs

To enable an API, follow the steps below:

  1. Access your Google Cloud Console (opens new window).
  2. From the hamburger menu select APIs & Services > Library.
  3. Search for and select the API(s) you want to enable.
  4. Click on the ENABLE button.

# FAQs

# Google hasn't verified this app

If using the OAuth authentication method, you might come across the warning "Google hasn't verified this app". To avoid this, you can create OAuth credentials from the same account you want to authenticate. However, if you're using credentials that were generated by another account (by a developer or another third party), you can follow the steps mentioned below:

  1. Click on Advanced.
  2. Click on ***Go to CREDENTIALS_NAME (unsafe)***. CREDENTIALS_NAME is the name of the credentials created by the third party.
  3. Grant the requested permissions.