GoogleOAuth2.0Nodemailer

Obtain a refresh token at Google OAuth2 Playground

1.- Go to the Google Oauth2.0 Playground.

2.- Click the Gear Button on the right-top. Set your Client ID and Client Secret obtained from the Google Developers Console, and select Access token location as Authorization header w/ Bearer prefix. Close this configuration overlay.

3.- You will need to list the URL https://developers.google.com/oauthplayground as a valid redirect URI in your Google APIs Console‘s project. Then enter the client ID and secret assigned to a web application on your project below:

4.- Set up the scopes. Use https://mail.google.com/ as it’s the one need by nodemailer. Then click the Authorize APIs button.

5.- After OAuth2.0 authorization, exchange authorization code for tokens and your refresh token is ready-to-use.

6.- Finally you can use above credentials to send emails via nodemailer without including passwords, as below:

1
2
3
4
5
6
7
8
9
10
11
12
// Create the STMP transporter using the Gmail API and OAuth 2.0.
const transporter = nodemailer.createTransport({
  service: 'Gmail',
  pool: mailConfig.gmail.pool,
  auth: {
    clientId:     mailConfig.clientID,
    clientSecret: mailConfig.clientSecret,
    type:         mailConfig.gmail.type,        // 'OAuth2'
    user:         mailConfig.gmail.user,
    refreshToken: mailConfig.gmail.refreshToken
  }
})