Authorization
GMail Postmaster
Prerequisites
Before creating a Gmail Postmaster credential, you need to have a Google account with access to Gmail Postmaster Tools and have OAuth2 credentials (Client ID and Client Secret) configured in the Google Cloud Console. The OAuth2 credentials are required to authenticate with the Gmail Postmaster API.
To obtain OAuth2 credentials, you need to create a project in the Google Cloud Console and enable the Gmail Postmaster API for that project. Once the API is enabled, you can create OAuth2 credentials (OAuth 2.0 Client ID) in the Credentials section of the Google Cloud Console. The OAuth2 credentials include a Client ID and Client Secret that are used to authenticate API requests. The default access scope is https://www.googleapis.com/auth/postmaster.readonly, which provides read-only access to your Gmail Postmaster data. For detailed information about setting up OAuth2 credentials and enabling the Gmail Postmaster API, refer to the Gmail Postmaster API documentation.
Create a Gmail Postmaster Credential
- To create a new Gmail Postmaster credential, after selecting the data source/destination type, click the Add Credential tile to open the Add New Credential overlay.
New Credential Overlay – Gmail Postmaster
Credential Name & Description
-
Enter a name for the credential in the Credential Name field and a short, meaningful description in the Credential Description field.
Resource descriptions are recommended but are not required. They should be used provide information about the resource purpose, data freshness, etc. that can help the owner and other users efficiently understand and utilize the resource.
OAuth2 Authentication
Gmail Postmaster uses OAuth2 authentication to securely access the Gmail Postmaster API. OAuth2 is an industry-standard authorization protocol that allows applications to access user data without requiring users to share their passwords.
-
Click the Authorize button to begin the OAuth2 authorization flow. This will redirect you to Google's authorization page where you will be asked to sign in with your Google account and grant permissions to Nexla to access your Gmail Postmaster data.
During the OAuth2 authorization flow, you will be redirected to Google's authorization page. You must sign in with a Google account that has access to the Gmail Postmaster Tools you want to connect. After signing in, you will be asked to grant permissions to Nexla to access your Gmail Postmaster data. The required scope is
https://www.googleapis.com/auth/postmaster.readonly, which provides read-only access to your Gmail Postmaster data. Once you grant permissions, you will be redirected back to Nexla, and the authorization will be completed automatically. -
After completing the OAuth2 authorization flow, Nexla will automatically obtain and store the access token and refresh token needed to authenticate API requests. The access token is used to authenticate each API request, and the refresh token is used to obtain new access tokens when the current access token expires.
OAuth2 access tokens expire after a certain period for security reasons. Nexla automatically refreshes expired access tokens using the refresh token, so you typically do not need to re-authorize unless you revoke access or the refresh token expires. The access token is sent in the
Authorizationheader with theBearerprefix for all API requests to the Gmail Postmaster API. For detailed information about OAuth2 authentication and token management, see the Gmail Postmaster API documentation.
Save the Credential
-
Once all of the relevant steps in the above sections have been completed, click the Save button at the bottom of the overlay to save the configured credential.
-
The newly added credential will now appear in a tile on the Authenticate screen during data source/destination creation and can be selected for use with a new data source or destination.