# Using Google accounts and data with Nylas

Source: https://developer.nylas.com/docs/provider-guides/google/

You can create a Google connector in your Nylas application, then use that connector to authenticate your users' Google accounts. This lets your application access their Gmail, Google Calendar, and Google Contacts information using the [OAuth 2.0 protocol](https://auth0.com/intro-to-iam/what-is-oauth-2).

## Set up your Google auth app

First, you need to connect your Nylas application to a Google provider auth app. This lets your users authenticate to your application with their Google accounts, and provides your project access to the data you specify in the Google API. Follow the steps in [Create a Google provider auth app](/docs/provider-guides/google/create-google-app/) to set up a Google Cloud Platform project.

### Use the Nylas Shared GCP Project


Nylas maintains a GCP project that supports all the scopes your application might need. This lets you use Google authentication in your project without having to create a GCP project or go through Google's security review and verification process. This can help accelerate your go-to-market timelines.

The Shared GCP App is an add-on for Nylas Contract plans. For setup instructions and details, see [Using the Nylas Shared GCP App](/docs/provider-guides/google/shared-gcp-app/). To add it to your contract, reach out to your Account Manager or [contact our Sales Team](https://www.nylas.com/contact-sales/).

## Google verification and security assessment

> **Warn:** 
> **The Google verification and security assessment processes can take several weeks or longer**. Be sure to plan your development timeline around this.


You might need to take extra steps to comply with Google's OAuth 2.0 policies and complete their verification process before you can publish your GCP project.

Be sure to request the most restrictive [scopes](/docs/dev-guide/scopes/) that you need for your project. If you request any of [Google's restricted scopes](/docs/provider-guides/google/google-verification-security-assessment-guide/#google-scopes), Google will require your application to complete a security assessment. This could extend your verification timeline significantly, or cause Google to fail your review.

For more information, see Nylas' [Google verification and security assessment guide](/docs/provider-guides/google/google-verification-security-assessment-guide/).


### "Sign in with Google" branding guidelines

Your GCP project needs to include a "Sign in with Google" button that meets [Google's branding guidelines](https://developers.google.com/identity/branding-guidelines). This applies to the OAuth flow for both personal Gmail (`@gmail.com`) and Workspace email addresses.

### Google OAuth verification

When you create your Google Cloud Platform project, you need to list the scopes that your Nylas application will use.


If your application accesses Google user data with the Google APIs and requests certain scopes, you might have to complete the Google verification process and a separate security assessment process. The processes that you need to complete depends on whether your application requests [_sensitive_ or _restricted_ scopes](/docs/provider-guides/google/google-verification-security-assessment-guide/#google-scopes).

| Scope type | Required processes                          | Google policy and requirements                                                                                                                                                                                                                                                                                      |
| ---------- | ------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
| Sensitive  | Google verification                         | Your application must follow [Google’s API Services User Data Policy](https://developers.google.com/terms/api-services-user-data-policy).                                                                                                                                                                           |
| Restricted | Google verification and security assessment | Your application must follow [Google’s API Services User Data Policy](https://developers.google.com/terms/api-services-user-data-policy) and meet [additional requirements for specific scopes](https://developers.google.com/terms/api-services-user-data-policy#additional_requirements_for_specific_api_scopes). |


## Google provider limitations

- The Gmail API has a set of usage limits that apply to all requests made from your Nylas application. This includes the number of messages you can send per day. For more information, see Google's official [Usage limits documentation](https://developers.google.com/gmail/api/reference/quota).
- The Google Calendar API has two sets of usage limits: the number of requests your application can make each minute, and the number of requests your application can make _per user_ each minute. For more information, see Google's official [Manage quotas documentation](https://developers.google.com/calendar/api/guides/quota).
- If an attachment file name includes non-ASCII characters (for example, accented characters like `ü`), Google can't detect its content type. Because of this, Nylas returns an empty `content_type` field.

### One-click unsubscribe headers


As of February 2024, Google requires that users who send more than 5,000 messages per day to Gmail email addresses include one-click unsubscribe headers in their marketing and subscribed messages (see Google’s official [Email sender guidelines](https://support.google.com/a/answer/81126?visit_id=638454429489933730-1375591047&rd=1#subscriptions)). This is along with the visible unsubscribe links that must be in the body content of all marketing and subscribed messages.

To set up one-click unsubscribe headers using Nylas, include the `custom_headers` object in your [Send Message](/docs/reference/api/messages/send-message/) or [Create Draft](/docs/reference/api/drafts/post-draft/) request. This object accepts a set of key-value pairs, each of which represents the header’s `name` and its `value`. You must include the following headers:

- `List-Unsubscribe-Post`: `List-Unsubscribe=One-Click`
- `List-Unsubscribe`: The unsubscribe link (for example, a `mailto` link that uses the user’s email address, or a link to your list management software).

```json
"custom_headers":[
  {
    "name": "List-Unsubscribe-Post",
    "value": "List-Unsubscribe=One-Click"
  },
  {
    "name": "List-Unsubscribe",
    "value": "<mailto: nyla@example.com?subject=unsubscribe>,  <https://mailinglist.example.com/unsubscribe.html>"
  }
]
```


## What's next

- [List Gmail emails from the CLI](https://cli.nylas.com/guides/list-gmail-emails) - Read and search Gmail messages from the terminal after setup