Skip to content

Google#

There are two authentication methods available for Google services nodes, OAuth2 and the Service Account authentication. Refer to the official Google documentation to learn which is appropriate for your case case.

Note that while most nodes are compatible with OAuth2 authentication, only some also support Service Account authentication.

Prerequisites#

Compatible nodes#

Once configured, you can use your credentials to authenticate the following nodes:

Node OAuth Service Account
G Suite Admin ✅ ❌
Gmail ✅ ✅
Google Analytics ✅ ❌
Google BigQuery ✅ ❌
Google Books ✅ ✅
Google Calendar ✅ ❌
Google Chat ❌ ✅
Google Contacts ✅ ❌
Google Cloud Firestore ✅ ❌
Google Cloud Natural Language ✅ ❌
Google Cloud Realtime Database ✅ ❌
Google Docs ✅ ✅
Google Drive ✅ ✅
Google Drive Trigger ✅ ✅
Google Perspective ✅ ❌
Google Sheets ✅ ✅
Google Slides ✅ ✅
Google Tasks ✅ ❌
Google Translate ✅ ✅
YouTube ✅ ❌

Note for n8n.cloud users

For the following nodes, you only need to enter the Credentials Name and click on the Sign in with Google button in the OAuth section to connect your Google account to n8n:

Using OAuth#

From your Google Cloud Console dashboard:

  1. Click on the hamburger menu and select APIs & Services > Credentials.
  2. Click on + CREATE CREDENTIALS and select OAuth client ID.

    Note for new users

    If you're creating OAuth credentials for the first time, you will have to configure the consent screen.

  3. From the Application type dropdown select Web application. A name is automatically generated, change it if desired.

  4. From the Authorized redirect URIs section, select + Add URI.
  5. Enter the OAuth Callback URL provided in the Google node credential modal: OAuth Callback URL
  6. Click the CREATE button.

From your n8n instance:

  1. Enter your new Client ID and Client Secret from Google Cloud Console in the n8n Credentials modal.
  2. Enter a Credentials Name.
  3. Click on the Sign in with Google button to complete your Google authentication.
  4. Save your new credentials in n8n.

Now you must enable each Google service (e.g. Sheets, Drive, etc.) API that you want to use.

The following video demonstrates the steps mentioned above.

Using Service Account#

From your Google Cloud Console dashboard:

  1. Click on the hamburger menu and select APIs & Services > Credentials.
  2. Click on + CREATE CREDENTIALS and select Service account.
  3. Enter a name in the Service account name field.
  4. Click on the CREATE button.
  5. Based on your use-case, you may want to Select a role and Grant users access to this service account using the corresponding sections.
  6. Click Done.
  7. Select your newly created service account under the Service Accounts section and open the Keys tab.
  8. Click on ADD KEY and select Create new key.
  9. In the modal that appears, select JSON and click Create. The file is saved to your computer.

From you n8n instance:

  1. Enter a Credentials Name.
  2. In the Service Account Email field, enter the email associated with your new Service Account (visible in the Details tab).
  3. Enter the Private Key from the downloaded JSON file. If you are running an n8n version older than 0.156.0: Replace all instances of \n in the JSON file with new lines.
  4. (Optional) Click the toggle to enable Impersonate a User and enter the desired email.
  5. Save your credentials.

Now you must enable each Google service (e.g. Sheets, Drive, etc.) API that you want to use.

The following video demonstrates the steps mentioned above.

Enable APIs#

To enable an API, follow the steps below:

  1. Access your Google Cloud Console.
  2. From the hamburger menu select APIs & Services > Library.
  3. Search for and select the API(s) you want to enable.
  4. Click on the ENABLE button.

FAQs#

Google hasn't verified this app#

If using the OAuth authentication method, you might come across the warning "Google hasn't verified this app". To avoid this, you can create OAuth credentials from the same account you want to authenticate. However, if you're using credentials that were generated by another account (by a developer or another third party), you can follow the steps mentioned below:

  1. Click on Advanced.
  2. Click on Go to CREDENTIALS_NAME (unsafe). CREDENTIALS_NAME is the name of the credentials created by the third party.
  3. Grant the requested permissions.