Creating an OAuth App for Google Drive

Introduction

Google Drive is a popular cloud storage service that allows users to store and share files online. Google Drive is one of the connectors available on our File Storage API. Integrating Google Drive into your application can enhance its functionality, allowing users to access their files directly from your app. This guide will walk you through the steps to create an OAuth app for Google Drive integration.

Our sandbox application didn't go through the full Google security audit. If the app or site doesn't meet Google's security standards, Google might block you from signing into your account via it by default. This can be turned off if you understand the risk: https://myaccount.google.com/lesssecureapps. This guide describes how to create your own sandbox application.

Step 1: Prerequisites

Before you begin, make sure you have the following:

1. A Google account
2. An Apideck account

Step 2: Setting up the Google Developer Console

1. Navigate to the Google Developer Console (https://console.developers.google.com/).
2. Sign in with your Google account.
3. If you haven't created a project yet, click the "Create Project" button and follow the prompts. Otherwise, select an existing project.

Step 3: Enabling the Google Drive API

1. In the Google Developer Console, click on the "Enable APIs and Services" button.
2. Search for "Google Drive API" in the search bar and click on it.
3. Click the "Enable" button to enable the Google Drive API for your project.

Step 4: Creating OAuth 2.0 credentials

1. Navigate to the "Credentials" tab on the left side of the Google Developer Console.
2. Click on the "Create credentials" button and select "OAuth client ID" from the dropdown menu.
3. Choose the appropriate application type, depending on your project (e.g., Web application, Android, iOS, etc.).
4. Fill in the required fields, such as "Name," "Authorized JavaScript origins," and "Authorized redirect URIs." Make sure to use the correct redirect URIs for your app.
5. Click "Create" to generate your OAuth client ID and secret. Note down these values, as you'll need them in your application.

Step 5: Configuring your OAuth consent screen

1. Navigate to the "OAuth consent screen" tab on the left side of the Google Developer Console.
2. Choose "External" or "Internal" user type, depending on your app's target audience.
3. Fill in the required fields, such as "App name," "User support email," "App logo," "Developer contact information," etc.
4. Under "Scopes," click the "Add or Remove Scopes" button and add the "https://www.googleapis.com/auth/drive" scope to request access to the user's Google Drive.
5. Save your changes and submit your consent screen for verification if required.

Google App Verification Process Details

If your app will be used by more than 100 users or requests sensitive scopes (which Google Drive access is considered), you need to complete Google's verification process:

1. Complete your OAuth consent screen: Ensure all required fields are filled in (app name, support email, developer contact information, privacy policy URL, etc.)

2. Add appropriate scopes: For Google Drive, add

   https://www.googleapis.com/auth/drive

   and any other necessary scopes

3. Submit for verification: Click "Submit for verification" button on the OAuth consent screen page

4. Verification requirements:

   • Valid privacy policy URL that properly describes data collection and usage
   • A homepage or landing page for your application
   • Demonstration of legitimate use case for requested scopes
   • Screenshots or video of your application's OAuth implementation flow

5. Verification timeline:

   • Basic verification typically takes 3-5 business days
   • Apps requesting sensitive scopes may require 4-6 weeks for review

6. During review period:

   • You can test with up to 100 users (Developer Identity) even without verification
   • For internal company use, consider using "Internal" user type which doesn't require verification

Important: While waiting for verification, you can still use your application in development/testing mode with up to 100 users, or by having users click "Advanced" and then "Continue to [your app]" when they see the unverified app warning.

Step 6: Configure a Custom redirect URI

To enable the connection to your Google Drive instance and be compliant with the Google certification, it is required to use your own white label auth URIs.

💡 IMPORTANT: Once you have applied one of the options, don't forget to update the "Redirect URI" in your Google Drive configuration as described in step 5.

Setup a custom subdomain for Apideck Vault

Add a custom domain name for Apideck Vault. This will allow you to white label the reference to Apideck's Vault.

1. Create a CNAME record

Sign in to your DNS name server host and navigate to your DNS settings. Add a CNAME record with the value

cname.vercel-dns.com

[REPLACE_WITH_DESIRED_SUBDOMAIN] CNAME cname.vercel-dns.com.

2. Contact Apideck

Get in touch with your Apideck contact or support@apideck.com to let us know about the custom domain you want to use, so we can configure & enable it for Apideck Vault.

3. Wait for the changes to propagate

Congratulations! You have now pointed your custom domain to Apideck Vault! When DNS changes are made, you can expect a propagation time up to 24 hours (but mostly much less than that). This is because it takes time for the DNS to take effect across the internet. The actual time of propagation may vary in some locations based on your network setup.

4. Update the "Redirect URI"

Update the "Redirect URI" in your Google Drive configuration as described in step 5.

5. Save your changes and submit your consent screen for verification.

Step 7: Implementing OAuth 2.0 in your application

Now that you've set up your OAuth app, you can configure the Google Drive connector in Apideck using the client ID and secret generated earlier.

Conclusion

By following this guide, you have successfully created an OAuth app for Google Drive integration.