Skip to main content

Authorization

Follow this guide to create a new Gmail credential that will allow Nexla to authenticate to and exchange data with your Gmail account.
gmail_api_v2_auth.png

Gmail

Prerequisites

Before creating a Gmail credential in Nexla, ensure the following requirements are met:

Google Account

An active Google account with access to the Gmail mailbox you want to connect is required. The account must have Gmail enabled and accessible.

Required Permissions

The Nexla Gmail connector uses OAuth 2.0 to authenticate with the Gmail API. During the authorization process, you will be prompted to grant the following access scopes:

  • gmail.readonly -- Allows Nexla to read messages, labels, and attachments from your Gmail account.
  • gmail.send -- Allows Nexla to send messages and drafts on your behalf.
  • gmail.modify -- Allows Nexla to modify message labels (such as marking messages as read or archiving them) and manage drafts.

These scopes are requested together during the OAuth authorization flow. You must approve all requested scopes for full connector functionality. If you only need to read data from Gmail, the connector will still function with limited permissions, but destination endpoints (such as sending messages or modifying labels) may not be available.

Google Workspace Considerations

If you are using a Google Workspace (formerly G Suite) account, your organization's administrator may need to approve third-party application access. If you encounter an authorization error during the OAuth flow, contact your Google Workspace administrator to ensure that the Nexla application is permitted to access Gmail data. For additional details, refer to Google's documentation on controlling third-party app access.

Create a Gmail Credential

  • To create a new Gmail credential, after selecting the data source/destination type, click the Add Credential tile to open the Add New Credential overlay.

Credential Name & Description

  1. Enter a name for the credential in the Credential Name field and a short, meaningful description in the Credential Description field.

    Resource descriptions are recommended but are not required. They should be used provide information about the resource purpose, data freshness, etc. that can help the owner and other users efficiently understand and utilize the resource.

Authorize with Google

  1. Click the Authorize button to initiate the OAuth 2.0 authorization flow. A new browser window will open, directing you to the Google sign-in page.

  2. Sign in with the Google account that has access to the Gmail mailbox you want to connect. If you are already signed in, select the appropriate account from the list.

  3. Review the permissions that Nexla is requesting, and click Allow to grant access. Google will redirect you back to Nexla once authorization is complete.

    The OAuth authorization flow is managed entirely by Google. Nexla does not have access to your Google account password. The authorization grants Nexla a secure token that allows it to access Gmail data on your behalf, and this access can be revoked at any time from your Google Account permissions page.

Save the Credential

  1. Once all of the relevant steps in the above sections have been completed, click the Save button at the bottom of the overlay to save the configured credential.

  2. The newly added credential will now appear in a tile on the Authenticate screen during data source/destination creation and can be selected for use with a new data source or destination.