How to set up Gmail mail Settings?
Setting up Gmail email integration
This guide covers both account types: Google Workspace (business) and Personal Gmail. Follow the section that matches your email address.
Step 0 — Identify your account type
Check which type of Gmail account your support email uses before starting.
|
|
Google Workspace (business) | Personal Gmail |
| Email format |
name@yourcompany.com (company domain) |
name@gmail.com name@googlemail.com |
| Google Cloud access | Use your existing Google Workspace admin account | Sign in with your personal Google account |
| OAuth consent screen type | Internal (easier — no review needed) | External (requires adding test users) |
| Who can complete setup? | IT admin preferred for Cloud Console steps | Anyone — no admin needed |
| Difficulty level | Moderate | Low to moderate |
|
📌 How to tell which type you have If your email ends in @gmail.com or @googlemail.com — you have a personal Gmail account. Go to Section B. If your email ends in your company’s own domain (e.g. @yourcompany.com) and was provided by your employer through Google — you have Google Workspace. Go to Section A. |
Fields overview — what you need to fill in
Here is a quick reference for all 5 fields on the Gmail settings page. All values are the same for both account types — only the setup steps to obtain them differ slightly.
| Field | What it is | Workspace value | Gmail value |
| Email ID | Your Gmail support address. | support@company.com | name@gmail.com |
| Client ID | Unique ID of the OAuth app you create in Google Cloud. | xxxxx.apps.googleusercontent.com | xxxxx.apps.googleusercontent.com |
| Client Secret | Secret key from Google Cloud. Treat like a password. | GOCSPX-xxxxxxxxxxxx | GOCSPX-xxxxxxxxxxxx |
| Client Scope | The Gmail permission scope — copy exactly as shown. | https://mail.google.com/ | https://mail.google.com/ |
| Refresh Token | A long-lived token you generate via OAuth Playground. Gives the system ongoing access to your Gmail. | Long string starting with 1// | Long string starting with 1// |
|
📌 About the Client Scope field The Client Scope tells Google what access the ticketing system needs. For Gmail email integration, the scope is always: https://mail.google.com/ Copy and paste this exactly as shown. Do not add or remove anything. This single scope covers reading incoming emails, sending replies, and managing email status. |
SECTION A — Google Workspace accounts
For email addresses on your company domain (e.g. support@yourcompany.com)
|
📌 You may need your IT administrator The Google Cloud Console steps (A1–A5) require access to your organisation’s Google Cloud project. If your company restricts this, ask your IT administrator to complete Steps A1–A5 and share the Client ID, Client Secret, and Refresh Token with you. You can then fill in the ticketing system fields yourself (Step A6). |
Step A1 — Sign in to Google Cloud Console
Open your browser and go to:
https://console.cloud.google.com
Sign in with your Google Workspace administrator account.
Step A2 — Create or select a project
• At the top of the page, click the project dropdown (it shows the current project name or ‘Select a project’).
• If you already have a project for this purpose, select it. Otherwise, click New Project, give it a name (e.g. TicketSystem-Gmail), and click Create.
|
📌 Tip If your organisation already uses Google Cloud for other services, check with your IT team before creating a new project. You may be able to use an existing one. |
Step A3 — Enable the Gmail API
• In the left sidebar, go to APIs & Services → Library.
• In the search box, type Gmail API and press Enter.
• Click on Gmail API in the results.
• Click Enable. If it already says ‘Manage’, the API is already enabled.
Official guide: Enable the Gmail API
Step A4 — Configure the OAuth consent screen
This is a one-time setup that tells Google what your app is called when users see a permission screen.
• Go to APIs & Services → OAuth consent screen.
• For User Type, select Internal (this means only users in your organisation can use it — no review needed).
• Click Create.
• Fill in the form:
◦ App name: Enter something descriptive, e.g. TicketSystem Email Access
◦ User support email: Enter your admin email address.
◦ Developer contact email: Enter your admin email address.
• Click Save and Continue through the remaining screens. You do not need to add scopes here.
Step A5 — Create OAuth credentials (Client ID and Client Secret)
• Go to APIs & Services → Credentials.
• Click + Create Credentials → OAuth client ID.
• For Application type, select Web application.
• Give it a name (e.g. TicketSystem Web Client).
• Under Authorised redirect URIs, click + Add URI and enter exactly:
https://developers.google.com/oauthplayground
• Click Create.
|
⚠️ Copy both values before closing the popup Google shows a popup with your Client ID and Client Secret immediately after creation. Copy both values and save them in a secure notepad. The Client Secret cannot be fully viewed again after you close this popup (you would need to create a new one). |
Official guide: Create OAuth 2.0 credentials
Step A6 — Generate the Refresh Token via OAuth Playground
The Refresh Token is what gives the ticketing system ongoing access to your Gmail without needing you to log in each time. You generate it once using Google’s OAuth Playground tool.
|
ℹ️ What is the OAuth Playground? The OAuth Playground (developers.google.com/oauthplayground) is a free tool by Google that lets you test and generate OAuth tokens for any Google account. You will use it here to generate the Refresh Token that goes into the ticketing system. |
Follow these steps carefully:
Step 6a — Configure the Playground with your credentials
• Open a new tab and go to: https://developers.google.com/oauthplayground
• Click the gear icon (⚙️) in the top right corner.
• Tick Use your own OAuth credentials.
• Paste your Client ID and Client Secret from Step A5 into the two fields shown.
• Close the settings panel.
Step 6b — Authorise Gmail access
• In the left panel under Step 1 — Select & Authorize APIs, look for the text field labelled Input your own scopes.
• Type or paste the following scope exactly:
https://mail.google.com/
• Click Authorize APIs.
• A Google sign-in screen will appear. Sign in with your support email address (e.g. support@yourcompany.com).
• Click Allow when asked to grant permissions.
|
📌 Seeing a warning that the app is unverified? This is expected. Since this is your own app, click Advanced at the bottom of the warning screen, then click Go to [your app name] (unsafe). This message appears because the app has not gone through Google’s public verification process. It is safe to proceed since you created the app yourself. |
Step 6c — Exchange the code for tokens
• You will be redirected back to the OAuth Playground. On the left panel, you are now on Step 2 — Exchange authorization code for tokens.
• Click the Exchange authorization code for tokens button.
• The panel will now show both an Access Token and a Refresh Token.
• Copy the Refresh Token value. It will start with 1//. Save it securely.
|
🚨 Do NOT close the Playground before copying the Refresh Token The Refresh Token is only shown once in this session. If you navigate away before copying it, you will need to go through the Authorize APIs steps again to get a new one. |
Step A7 — Publish your app to keep the Refresh Token permanent
This is a step most guides skip — but it is critical.
|
⚠️ Your Refresh Token will expire in 7 days if you skip this step By default, Google sets new apps to Testing mode. In Testing mode, all refresh tokens expire after 7 days, which means the integration will stop working every week and require you to regenerate a token. To make the Refresh Token permanent, you must publish your app to In production status. This does not mean making it public — it simply removes the 7-day expiry. |
• Go back to APIs & Services → OAuth consent screen.
• At the top, under Publishing status, click Publish App.
• A confirmation dialog will appear. Click Confirm.
• The status will change from Testing to In production. Your Refresh Token will now not expire.
Step A8 — Enter all details in the ticketing system
Go to Settings › Email Settings in your ticketing system and select Gmail. Fill in each field as follows:
| Field | What to enter |
| Email ID | Your support email address (e.g. support@yourcompany.com) |
| Client ID | Paste the Client ID from Step A5 |
| Client Secret | Paste the Client Secret from Step A5 |
| Client Scope | Copy and paste exactly: https://mail.google.com/ |
| Refresh Token | Paste the Refresh Token from Step A6 |
Once all fields are filled, click Save.
Step A9 — Complete email verification
After saving, a verification email will be sent to your Gmail support address. The integration is not active until this step is complete.
• Open the inbox of the Gmail address you linked.
• Find the verification email from the ticketing system and click the verification link inside.
• Once verified, the status in Settings will update to Verified / Active.
|
⚠️ Did not receive the verification email? Check spam or junk. If it is not there within 5 minutes, return to email settings and use the resend verification option. |
SECTION B — Personal Gmail accounts
For @gmail.com or @googlemail.com email addresses
|
ℹ️ Good news — no IT admin needed Personal Gmail accounts can be set up entirely by yourself. You will need a free Google account (which you already have if you have Gmail) to access Google Cloud Console. |
Step B1 — Sign in to Google Cloud Console
Open your browser and go to:
https://console.cloud.google.com
Sign in with your personal Gmail account (the one you want to use as the support address).
Step B2 — Create a new project
• Click the project dropdown at the top and select New Project.
• Name it something recognisable, e.g. TicketSystem-Gmail, and click Create.
• Wait a few seconds, then select the new project from the dropdown.
Step B3 — Enable the Gmail API
• In the left sidebar, go to APIs & Services → Library.
• Search for Gmail API and click on it.
• Click Enable.
Step B4 — Configure the OAuth consent screen
• Go to APIs & Services → OAuth consent screen.
• For User Type, select External (this is the only option for personal accounts). Click Create.
• Fill in the form:
◦ App name: Enter something descriptive, e.g. TicketSystem Email Access
◦ User support email: Select your Gmail address.
◦ Developer contact email: Enter your Gmail address.
• Click Save and Continue through the remaining screens.
• On the Test users screen, click + Add Users and add your own Gmail address. Click Save and Continue.
|
📌 Why add yourself as a test user? Personal Gmail apps start in Testing mode, which only allows specific test users to authorise the app. By adding your own email as a test user, you allow yourself to complete the Refresh Token step in OAuth Playground. |
Step B5 — Create OAuth credentials (Client ID and Client Secret)
• Go to APIs & Services → Credentials.
• Click + Create Credentials → OAuth client ID.
• For Application type, select Web application.
• Give it a name (e.g. TicketSystem Web Client).
• Under Authorised redirect URIs, click + Add URI and enter exactly:
https://developers.google.com/oauthplayground
• Click Create.
|
⚠️ Copy both values before closing the popup Copy your Client ID and Client Secret from the popup that appears and save them securely. You will not be able to see the full Client Secret again after closing. |
Step B6 — Generate the Refresh Token via OAuth Playground
Same process as Section A — you will use Google’s OAuth Playground to generate the Refresh Token.
Step 6a — Configure the Playground
• Go to: https://developers.google.com/oauthplayground
• Click the gear icon (⚙️) at the top right.
• Tick Use your own OAuth credentials.
• Paste your Client ID and Client Secret from Step B5.
• Close the settings panel.
Step 6b — Authorise Gmail access
• In the left panel under Step 1 — Select & Authorize APIs, find the field labelled Input your own scopes.
• Type or paste: https://mail.google.com/
• Click Authorize APIs.
• Sign in with your Gmail address when prompted and click Allow.
|
📌 Seeing ‘This app isn’t verified’? Click Advanced at the bottom of the warning, then click Go to [app name] (unsafe). This is expected and safe — you are authorising your own app. |
Step 6c — Get the Refresh Token
• On Step 2 in the Playground, click Exchange authorization code for tokens.
• Copy the Refresh Token value (starts with 1//) and save it securely.
|
🚨 Copy the Refresh Token before navigating away The Refresh Token is only visible in this session. If you leave the page without copying it, repeat Steps 6b–6c to generate a new one. |
Step B7 — Publish your app to keep the Refresh Token permanent
|
⚠️ Your Refresh Token will expire in 7 days if you skip this step Apps in Testing mode issue refresh tokens that expire every 7 days. Your integration will stop working weekly until you change this. Publishing to In production removes this expiry entirely. |
• Go to APIs & Services → OAuth consent screen.
• Under Publishing status, click Publish App and confirm.
• Status will change to In production. Your Refresh Token is now permanent.
Step B8 — Enter all details in the ticketing system
Go to Settings › Email Settings in your ticketing system and select Gmail. Fill in as follows:
| Field | What to enter |
| Email ID | Your Gmail address (e.g. name@gmail.com) |
| Client ID | Paste the Client ID from Step B5 |
| Client Secret | Paste the Client Secret from Step B5 |
| Client Scope | Copy and paste exactly: https://mail.google.com/ |
| Refresh Token | Paste the Refresh Token from Step B6 |
Once all fields are filled, click Save.
Step B9 — Complete email verification
• Open the inbox of the Gmail address you linked.
• Find the verification email from the ticketing system and click the verification link.
• Status in Settings will update to Verified / Active once confirmed.
Troubleshooting
| Issue | What to do |
| Integration stops working after 7 days | You left the app in Testing mode. Complete Step A7 or B7 to publish to In production. Then regenerate the Refresh Token and update it in settings. |
| Refresh Token shows as invalid or expired | Regenerate: go to OAuth Playground, repeat the Authorize APIs and Exchange authorization code steps, copy the new Refresh Token, and update it in the ticketing system settings. |
| Client Secret popup was closed before copying | Go to APIs & Services → Credentials, click your OAuth client, and create a new secret. Update the ticketing system with the new value. |
| OAuth Playground shows ‘redirect_uri_mismatch’ | The Authorized redirect URI in your OAuth client is missing or incorrect. Go to your OAuth client settings and add https://developers.google.com/oauthplayground exactly as shown. |
| Seeing ‘Access blocked: app not verified’ | Your app is External and you are not listed as a test user. Go to the OAuth consent screen → Test users and add your Gmail address. |
| Gmail API error: ‘API not enabled’ | The Gmail API was not enabled. Go to APIs & Services → Library, search Gmail API, and click Enable. |
| Verification email not received | Check spam/junk. Make sure the Email ID field matches the Gmail address you authorised in OAuth Playground. |
Helpful Google resources
• Google Cloud Console — create and manage projects
• OAuth 2.0 Playground — generate your Refresh Token
• Enable the Gmail API — official quickstart guide
• Setting up OAuth 2.0 credentials — Google Cloud Console Help
• OAuth 2.0 for web server applications — Google for Developers
• Refresh token expiry and revocation — Google OAuth 2.0 reference
Need help? Contact your IT administrator or reach out to our support team.