Gmail integration

Gmail integration
Copy for LLM
Copy page as Markdown for LLMs
View as Markdown
Open this page as Markdown
Open in ChatGPT
Get insights from ChatGPT
Open in Claude
Get insights from Claude
Connect to Cursor
Install MCP server on Cursor
Connect to VS Code
Install MCP server on VS Code

Integrating Gmail with Frontegg allows your application to read, send, and manage email messages, threads, labels, and drafts in users' Gmail mailboxes — all through Frontegg's integration layer using Google OAuth 2.0.

Prerequisites

A Google account with access to Google Cloud Console
A Google Cloud project (you can create one during setup)

Enable the Gmail API

Step 1: Open the Gmail API in the API library

Go to the Gmail API page in the Google Cloud Console. Select your project from the top navigation, then click Enable if the API is not yet enabled. If you see Manage and API Enabled, the API is already active.

Gmail API page in Google Cloud Console

Create an OAuth client

Step 2: Go to the Credentials page

In the left sidebar, navigate to APIs & Services → Credentials. Click Create credentials.

Credentials page with Create credentials button highlighted

Step 3: Select OAuth client ID

From the dropdown, select OAuth client ID.

Create credentials dropdown with OAuth client ID highlighted

Step 4: Configure the OAuth client

On the Create OAuth client ID page:

Set Application type to Web application.
Enter a name for the client (for example, Frontegg Gmail Integration).
Under Authorized redirect URIs, click Add URI and add both of the following:
- https://YOUR_MCP_GATEWAY_URL/integration-callback

OAuth client form with name and redirect URIs filled in

Step 5: Create the client

Click Create to save the OAuth client. A dialog will display your Client ID and Client Secret — copy both values and store them securely.

Save your Client Secret now

The Client Secret is only shown once in this dialog. After you close it, you cannot retrieve it again — you can only create a new secret.

OAuth client created dialog showing Client ID and blurred Client Secret

Copy your credentials

Step 6: Copy the Client ID from the credentials list

After closing the dialog, your new client appears in the OAuth 2.0 Client IDs list on the Credentials page.

Credentials page showing the new Frontegg Gmail Integration client

Step 7: View Client ID in the client detail page

Click the client name to open its detail page. You can view and copy the Client ID at any time from the Additional information section.

OAuth client detail page showing Client ID

Configure the Frontegg portal

Once you have your Client ID and Client Secret, enter them in the Frontegg portal:

Open the Frontegg portal and navigate to [ENVIRONMENT] → Integrations → Gmail.
Enter the Client ID and Client Secret in the corresponding fields.
Select the required scopes:

Scope	Description
`https://www.googleapis.com/auth/gmail.modify`	Read, compose, send, and permanently delete threads and messages
`https://www.googleapis.com/auth/gmail.readonly`	Read all resources and their metadata
`https://www.googleapis.com/auth/gmail.compose`	Create, read, update, and delete drafts; send messages
`https://www.googleapis.com/auth/gmail.send`	Send messages only
`https://www.googleapis.com/auth/gmail.insert`	Insert and import messages
`https://www.googleapis.com/auth/gmail.labels`	Create, read, update, and delete labels
`https://mail.google.com/`	Full access to the account's mailboxes
`https://www.googleapis.com/auth/gmail.settings.basic`	Manage basic mail settings
`https://www.googleapis.com/auth/gmail.settings.sharing`	Manage sensitive mail settings including forwarding rules and aliases
`https://www.googleapis.com/auth/gmail.metadata`	View email metadata such as labels and headers, but not the email body

Click Save.

Keep your credentials secure

Never share or commit your Client Secret to version control.