Google authentication
You created a Google application, and now you're ready to authenticate your Google application using either hosted or native authentication.
IMAP Authentication
Nylas recommends avoiding using IMAP. IMAP has reduced functionality and will eventually be deprecated by Google.
What you'll learn
In this tutorial, you'll learn how to authenticate your Google application.
Prerequisites
- Review Hosted authentication.
- Review Native authentication.
- Review Nylas’s Google auth guide.
- Create an application in the Google console.
Authenticate your app
You can use either hosted or native authentication.
Use hosted authentication
Use hosted authentication as you normally do.
Use native authentication
To use Google native authentication, you need to get a refresh token from Google. A refresh_token
is part of the OAuth 2.0 protocol and gives you access to Google APIs. You can use Google API Client Libraries to automate the refresh_token
implementation process.
Refresh tokens for Google Cloud Platform applications with the "Testing" publishing status expire in seven days. Learn more about refresh token expiration.

To implement native authentication, follow the steps below:
-
Redirect the user to your OAuth login page.
-
Google sends the authentication code to your application.
-
Request the refresh token from Google.
-
Google returns the
refresh_token
. -
Make a POST /connect/authorize request using the
google_client_id
,google_client_secret
andgoogle_refresh_token
.curl -X POST https://api.nylas.com/connect/authorize -d '{
"client_id": "nylas_client_id",
"name": "Nyla the Cheetah",
"email_address": "[email protected]",
"provider": "gmail",
"settings": {
"google_client_id": "{google_api_client_id}",
"google_client_secret": "{geoogle_api_client_secret}",
"google_refresh_token": "{google_api_refresh_token}"
},
"scopes": "email.read_only,calendar.read_only,contacts.read_only"
}' -
Nylas returns a one-time use authorization code.
-
Make a POST /connect/token request.
curl -X POST "https://api.nylas.com/connect/token" -d '{
"client_id": "{client-id}",
"client_secret": "{client-secret}",
"code": "{nylas_code}"
}' -
Nylas returns an
access_token
for the account.
Scopes
Before authorizing a user, make sure that you have the correct Nylas scopes in your request. If you change scopes, the user needs to re-authenticate.
Depending on the scopes you choose for production, your application might need to get a Google security review.
Example apps
The following are Google native authentication example applications that show you how to implement the process in your app: