Connect your personal Google account for Gmail, Calendar, and Drive.

Overview

Google OAuth connects your personal Google account. Sign in and choose which permissions to grant your agents.

Best for:

• Personal Gmail inbox
• Your calendar
• Personal Drive files
• Sending emails as yourself

How it works

11. Click Connect → Redirect to Google sign-in22. Review scopes → Choose what to allow33. Approve → Tokens are encrypted and stored44. Done → Your agents can access the approved services

Connecting

1. Go to Settings → Secrets → Integrations
2. Find Google Account and click Connect
3. Sign in with your Google account
4. Review the requested permissions
5. Click Allow

You'll be redirected back to inference.sh with your integration active.

Adding permissions

Already connected but need more access? Add permissions incrementally:

1. Open your connected Google OAuth integration
2. Click Add Permissions
3. Select the capabilities you need (e.g., Gmail, Calendar)
4. You'll be redirected to Google to approve the new scopes
5. Return to inference.sh with updated permissions

This uses Google's incremental authorization — your existing permissions are preserved.

Available capabilities

Gmail

Calendar

Drive

Sheets & Docs

Security

Revoking access

You can revoke access two ways:

1. From inference.sh: Settings → Integrations → Disconnect
2. From Google: myaccount.google.com/permissions

Using in apps

Declare OAuth requirements in your app:

1integrations:2    - key: google.gmail.send3        description: Send order confirmations4 5    - key: google.calendar.readonly6        description: Check your availability7        optional: true

At runtime, your app receives:

1GOOGLE_OAUTH_ACCESS_TOKEN=ya29...2GOOGLE_OAUTH_TOKEN_EXPIRES_AT=2024-01-15T10:30:00Z

Example: Send an email

1import base642from email.mime.text import MIMEText3from googleapiclient.discovery import build4from google.oauth2.credentials import Credentials5 6creds = Credentials(token=os.environ["GOOGLE_OAUTH_ACCESS_TOKEN"])7service = build('gmail', 'v1', credentials=creds)8 9message = MIMEText("Hello from my agent!")10message['to'] = "[email protected]"11message['subject'] = "Automated message"12 13raw = base64.urlsafe_b64encode(message.as_bytes()).decode()14service.users().messages().send(15    userId='me',16    body={'raw': raw}17).execute()

Example: List calendar events

1from googleapiclient.discovery import build2from google.oauth2.credentials import Credentials3 4creds = Credentials(token=os.environ["GOOGLE_OAUTH_ACCESS_TOKEN"])5service = build('calendar', 'v3', credentials=creds)6 7events = service.events().list(8    calendarId='primary',9    maxResults=10,10    singleEvents=True,11    orderBy='startTime'12).execute()13 14for event in events.get('items', []):15    print(event['summary'], event['start'])

Troubleshooting

"Token expired" or "Invalid credentials"

• We auto-refresh tokens, but if the refresh token is revoked, you'll need to reconnect
• Go to Settings → Integrations and reconnect your Google account

"Insufficient permission"

• The requested scope isn't granted
• Use Add Permissions to request the missing capability
• Apps will prompt you if they need scopes you haven't granted

"Access blocked: This app's request is invalid"

• This usually means the OAuth configuration has an issue
• Contact support if this persists

Gmail not working but other services are

• Gmail requires specific scopes (gmail.readonly or gmail.send)
• Check that you've granted the Gmail-specific permissions

OAuth vs Service Account

Use OAuth for personal services. Use Service Account for team resources.

Next

→ Slack Integration