You can use Google Cloud to create OAuth credentials—the client ID and
client secret. If you haven't yet configured a consent screen, you need to do so
before you can create OAuth credentials. For more information about OAuth, see
Using OAuth 2.0 to Access Google APIs.
To create OAuth credentials and configure the consent screen, do the following:
In the Google Cloud console, go to the project selector dashboard and select the
project that you want to use to create OAuth credentials.
If you haven't yet configured your consent screen for this Google Cloud
project, the Configure consent screen button appears. In that case,
configure your consent screen using the following procedure. Otherwise, skip
to step 4.
Click Configure consent screen. The OAuth consent screen page
displays.
Depending on your use case, select Internal or External, and
then click Create. The OAuth consent screen pane displays.
Enter information on the App information page according to the
on-screen instructions, and then click Save and continue. The
Scopes pane displays.
Click Add or remove scopes. The Update selected scopes pane
appears.
Select the scope or scopes appropriate for your use case, and then click
Update.
Click Save and continue. The Test users pane displays.
If you want to add users to test access to your app, click Add
users. The Add users pane displays.
In the empty field, add one or more email addresses from Google
accounts, and then click Add.
Click Save and continue. The Summary pane displays.
Review your OAuth consent screen information, and then click Back to
dashboard.
If you want to publish your app to production now, click Publish
app, and then click Confirm in the confirmation dialog. Your
consent screen is configured.
On the navigation menu, click Credentials.
Click Create credentials, and then click OAuth client ID.
In the Application type field, click Web application.
In the Name field, enter a name for your client.
In the Authorized JavaScript origins area, click Add IRI.
In the URIs field, enter
https://TENANT_NAME.ccaiplatform.com, replacing
TENANT_NAME with your tenant name.
In the Authorized redirect URIs area, click Add URI.
In the URIs field, enter
https://TENANT_NAME.ccaiplatform.com/v1/email_accounts/oauth_callback,
replacing TENANT_NAME with your tenant name.
Click Create. The OAuth client created dialog displays.
Click Download JSON to download to your computer a JSON file containing
your client ID and client secret, and then click OK.
In the OAuth 2.0 Client IDs area, click the client that you want the
client ID and client secret for. Your client ID and client secret are
displayed in the Additional information area.
Configure SSO settings for the email channel
Use the client ID and client secret that you created in Create OAuth
credentials to configure single sign-on (SSO)
settings for the email channel.
To configure SSO settings, do the following:
In the CCAI Platform portal, click menuMenu, and then click Settings
> Developer settings.
Go to the Email account management pane, and then click Manage email
account.
On the Email account management page, click Email SSO.
In the Email SSO pane, configure the settings as shown in the following
list:
Authorization URL. Enter https://accounts.google.com/o/oauth2/v2/auth?prompt=select_account consent.
Token URL. Enter https://oauth2.googleapis.com/token.
Clear the Include the Grant Type as part of the Authorization URL and
Token URL checkbox.
Select the Include the Redirect URL as part of the Authorization URL
and Token URL checkbox, and then click Save. Your email channel is
configured for OAuth.
[[["Easy to understand","easyToUnderstand","thumb-up"],["Solved my problem","solvedMyProblem","thumb-up"],["Other","otherUp","thumb-up"]],[["Hard to understand","hardToUnderstand","thumb-down"],["Incorrect information or sample code","incorrectInformationOrSampleCode","thumb-down"],["Missing the information/samples I need","missingTheInformationSamplesINeed","thumb-down"],["Other","otherDown","thumb-down"]],["Last updated 2025-08-25 UTC."],[],[],null,["# Configure your email channel for OAuth with Gmail\n\nThis page explains how to use Google Cloud to create OAuth credentials for\nconfiguring your Contact Center AI Platform (CCAI Platform) email channel.\n\nBefore you begin\n----------------\n\nBe sure that you have the following:\n\n- A Google Cloud account. For more information, see [Get started with Google\n Cloud](https://cloud.google.com/docs/get-started).\n\n- A Google Cloud project. For more information, see [Creating and managing\n projects](https://cloud.google.com/resource-manager/docs/creating-managing-projects).\n\nAlso, make sure that billing is enabled for your Google Cloud project. For\nmore information, see [Verify the billing status of your\nprojects](https://cloud.google.com/billing/docs/how-to/verify-billing-enabled).\n\nCreate OAuth credentials\n------------------------\n\nYou can use Google Cloud to create OAuth credentials---the client ID and\nclient secret. If you haven't yet configured a consent screen, you need to do so\nbefore you can create OAuth credentials. For more information about OAuth, see\n[Using OAuth 2.0 to Access Google APIs](https://developers.google.com/identity/protocols/oauth2).\n\nTo create OAuth credentials and configure the consent screen, do the following:\n\n1. In the Google Cloud console, go to the project selector dashboard and select the\n project that you want to use to create OAuth credentials.\n\n\n [Project selector dashboard](https://console.cloud.google.com/projectselector2/home/dashboard)\n\n \u003cbr /\u003e\n\n2. Go to the **APIs and Services** page, and in the navigation menu, click\n **Credentials**.\n\n\n [Credentials](https://console.cloud.google.com/apis/credentials)\n\n \u003cbr /\u003e\n\n3. If you haven't yet configured your consent screen for this Google Cloud\n project, the **Configure consent screen** button appears. In that case,\n configure your consent screen using the following procedure. Otherwise, skip\n to step 4.\n\n 1. Click **Configure consent screen** . The **OAuth consent screen** page\n displays.\n\n 2. Depending on your use case, select **Internal** or **External** , and\n then click **Create** . The **OAuth consent screen** pane displays.\n\n 3. Enter information on the **App information** page according to the\n on-screen instructions, and then click **Save and continue** . The\n **Scopes** pane displays.\n\n 4. Click **Add or remove scopes** . The **Update selected scopes** pane\n appears.\n\n 5. Select the scope or scopes appropriate for your use case, and then click\n **Update**.\n\n 6. Click **Save and continue** . The **Test users** pane displays.\n\n 7. If you want to add users to test access to your app, click **Add\n users** . The **Add users** pane displays.\n\n 8. In the empty field, add one or more email addresses from Google\n accounts, and then click **Add**.\n\n 9. Click **Save and continue** . The **Summary** pane displays.\n\n 10. Review your OAuth consent screen information, and then click **Back to\n dashboard**.\n\n 11. If you want to publish your app to production now, click **Publish\n app** , and then click **Confirm** in the confirmation dialog. Your\n consent screen is configured.\n\n4. On the navigation menu, click **Credentials**.\n\n5. Click **Create credentials** , and then click **OAuth client ID**.\n\n6. In the **Application type** field, click **Web application**.\n\n7. In the **Name** field, enter a name for your client.\n\n8. In the **Authorized JavaScript origins** area, click **Add IRI**.\n\n9. In the **URIs** field, enter\n `https://`\u003cvar translate=\"no\"\u003eTENANT_NAME\u003c/var\u003e`.ccaiplatform.com`, replacing\n \u003cvar translate=\"no\"\u003eTENANT_NAME\u003c/var\u003e with your tenant name.\n\n10. In the **Authorized redirect URIs** area, click **Add URI**.\n\n11. In the **URIs** field, enter\n `https://`\u003cvar translate=\"no\"\u003eTENANT_NAME\u003c/var\u003e`.ccaiplatform.com/v1/email_accounts/oauth_callback`,\n replacing \u003cvar translate=\"no\"\u003eTENANT_NAME\u003c/var\u003e with your tenant name.\n\n12. Click **Create** . The **OAuth client created** dialog displays.\n\n13. Click **Download JSON** to download to your computer a JSON file containing\n your client ID and client secret, and then click **OK**.\n\n | **Important:** Keep this JSON file in a safe place, as it contains your OAuth credentials.\n\nGet your client ID and client secret\n------------------------------------\n\nAfter you [create OAuth credentials](#create-oauth-credentials), you can get\nyour client ID and client secret at any time.\n\nTo get your client ID and client secret, do the following:\n\n1. In the Google Cloud console, go to the **APIs and Services** page. In the\n navigation menu, click **Credentials**.\n\n\n [Credentials](https://console.cloud.google.com/apis/credentials)\n\n \u003cbr /\u003e\n\n2. In the **OAuth 2.0 Client IDs** area, click the client that you want the\n client ID and client secret for. Your client ID and client secret are\n displayed in the **Additional information** area.\n\nConfigure SSO settings for the email channel\n--------------------------------------------\n\nUse the client ID and client secret that you created in [Create OAuth\ncredentials](#create-oauth-credentials) to configure single sign-on (SSO)\nsettings for the email channel.\n\nTo configure SSO settings, do the following:\n\n1. In the CCAI Platform portal, click menu **Menu** , and then click **Settings\n \\\u003e Developer settings**.\n\n2. Go to the **Email account management** pane, and then click **Manage email\n account**.\n\n3. On the **Email account management** page, click **Email SSO**.\n\n4. In the **Email SSO** pane, configure the settings as shown in the following\n list:\n\n - **Authorization URL** . Enter `https://accounts.google.com/o/oauth2/v2/auth?prompt=select_account consent`.\n\n | **Important:** Include the space before `consent`.\n - **Token URL** . Enter `https://oauth2.googleapis.com/token`.\n\n - **Client ID** . Enter the client ID that you created in [Create OAuth\n credentials](#create-oauth-credentials). If you didn't save your client\n ID, see [Get your client ID and client\n Secret](#get-client-id-and-client-secret).\n\n - **Client secret** . Enter the client secret that you created in [Create\n OAuth credentials](#create-oauth-credentials). If you didn't save your\n client secret, see [Get your client ID and client\n Secret](#get-client-id-and-client-secret).\n\n - **Scope** . Enter `https://mail.google.com/`.\n\n - **State**. Leave this field empty.\n\n - **Access type** . Enter `offline`.\n\n - **Grant type** . Enter `Authorization Code`.\n\n - Clear the **Include the Grant Type as part of the Authorization URL and\n Token URL** checkbox.\n\n - Select the **Include the Redirect URL as part of the Authorization URL\n and Token URL** checkbox, and then click **Save**. Your email channel is\n configured for OAuth."]]