Overview
This tutorial shows how to create and configure Google account credentials for use in n8n. You’ll learn how to set up OAuth 2.0 client credentials for Google APIs (Gmail, Drive, Sheets), configure the OAuth consent screen, add authorized redirect URIs, and — when appropriate — create a Google Service Account JSON key for server-to-server integrations. The guide includes troubleshooting tips and best practices so you can securely connect Google services to your n8n workflows.
Who this is for
- Beginner to intermediate n8n users who need to connect Google APIs
- People self-hosting n8n who must configure redirect URIs and a public base URL
- Developers automating Gmail, Google Sheets, or Drive tasks with n8n
- An n8n instance accessible over HTTPS (or localhost during development)
- A Google account with access to Google Cloud Console
- Basic understanding of OAuth2 concepts (client ID, client secret, redirect URI)
Prerequisites
> Note: For production use, ensure your n8n instance runs on HTTPS and has a stable public URL.
Quick summary of the process
1. Create a Google Cloud Project
2. Enable the Google APIs you need (Gmail API, Drive API, Sheets API)
3. Configure the OAuth consent screen
4. Create OAuth 2.0 Client ID (Web application) and add redirect URI(s)
5. Copy client ID and secret into n8n Credentials
6. Authenticate from n8n to generate refresh/access tokens
Step-by-step: Create OAuth credentials in Google Cloud Console
1. Open the Google Cloud Console: https://console.cloud.google.com/
2. Create a new project or select an existing one.
3. Enable the APIs you need:
– Go to “APIs & Services” → “Library”
– Search for and enable: Gmail API, Google Drive API, Google Sheets API (as required)
4. Configure the OAuth consent screen:
– Go to “APIs & Services” → “OAuth consent screen”
– Choose Internal (if you are using a Google Workspace account and only internal users) or External (if others will authenticate)
– Fill in App name, Support email, and Developer contact information
– Add the scopes n8n needs (n8n will request scopes when you authenticate, but listing key scopes helps)
– If you choose External and use sensitive/limited scopes, you may need to submit the app for verification. For personal/testing use, you can set the app to “Testing” and add your Google account as a test user.
5. Create the OAuth 2.0 Client ID:
– Go to “APIs & Services” → “Credentials” → “Create Credentials” → “OAuth client ID”
– Select Web application as the application type
– Give it a name like `n8n OAuth Client`
– Add Authorized redirect URIs. n8n’s callback URI format is:
https://YOUR_N8N_BASE_URL/rest/oauth2-credential/callback
– Example for local n8n: `http://localhost:5678/rest/oauth2-credential/callback`
– Example for self-hosted: `https://n8n.yourdomain.com/rest/oauth2-credential/callback`
– Save and copy the Client ID and Client Secret.
Step-by-step: Add credentials in n8n
1. In n8n open the Credentials manager (Credentials → New Credentials).
2. Choose the credential type matching the node you will use, for example:
– Google Drive OAuth2 API
– Google Sheets OAuth2 API
– Google Gmail OAuth2 API
3. Paste the Client ID and Client Secret from Google Cloud into the credential form. For the Redirect URI field in Google Cloud, ensure you used the n8n callback URL described earlier.
4. Click Connect* (or *OAuth2 authorize) — n8n will open the Google OAuth dialog and request permission. Log in and grant the requested scopes.
5. n8n will receive the OAuth callback and store the access and refresh tokens in the credential.
Now your n8n nodes that use that credential can access the Google APIs.
Using a Service Account (server-to-server workflows)
For server-to-server integrations (no user consent), create a Google Service Account and key JSON:
1. In Google Cloud Console go to “IAM & Admin” → “Service Accounts”.
2. Create a service account and give it a name.
3. Grant the minimum roles required (for Drive/Sheets you may need roles like Drive API Service Agent or custom role).
4. Create a JSON key (Go to Keys → Add Key → Create new key → JSON). Download the JSON file.
5. In n8n, for nodes that support service accounts (e.g., Google Cloud, some Sheets/Drive integrations depending on the node), choose the service account credential type and paste/upload the JSON content.
For Google Drive/Sheets service accounts, you may also need to share specific files or a shared drive with the service account email so it can access them.
Common errors and troubleshooting
– Ensure the redirect URI added in Google Cloud exactly matches the n8n callback URL (including trailing slash and protocol).
– Confirm the OAuth consent screen is configured and your account is listed as a test user (if app is in testing)
– When first authorizing, choose a flow that requests offline access so a refresh token is granted. Re-authenticate if necessary.
– If your app uses sensitive scopes and you want external users, you may need to submit for verification. For internal or small-scale use, use Testing mode and add test users.
– Ensure the service account has been granted access to the specific Drive files/folders or appropriate IAM roles.
Best practices
Example: Sample Redirect URIs
http://localhost:5678/rest/oauth2-credential/callback
https://n8n.example.com/rest/oauth2-credential/callback
Example: Minimal list of Google scopes (illustrative)
n8n will request the exact scopes it needs during the OAuth flow, but being aware of them helps when configuring the consent screen and verification.
Conclusion and next steps
You now know how to create Google OAuth client credentials and service account keys for use in n8n, how to add them in the n8n Credentials manager, and how to troubleshoot common errors. Next steps:
If you run into a specific error, collect the exact error message (e.g., redirect_uri_mismatch) and the redirect URI you configured — that information will help pinpoint the issue quickly.