logoNodeDrop
Credentials

OAuth Setup

Configure OAuth credentials for external services

OAuth Setup

OAuth allows NodeDrop to access external services on your behalf without storing your password.

How OAuth Works

  1. You authorize NodeDrop to access a service
  2. The service provides an access token
  3. NodeDrop uses the token for API requests
  4. Tokens are automatically refreshed

Setting Up OAuth Credentials

Google (Gmail, Sheets, etc.)

  1. Go to Google Cloud Console
  2. Create a new project or select existing
  3. Enable the APIs you need (Gmail, Sheets, etc.)
  4. Go to Credentials > Create Credentials > OAuth Client ID
  5. Select Web Application
  6. Add authorized redirect URI: 
    https://your-nodedrop-url/oauth/callback/google
  7. Copy Client ID and Client Secret
  8. In NodeDrop, create a Google OAuth credential with these values

GitHub

  1. Go to GitHub Developer Settings
  2. Click New OAuth App
  3. Set Authorization callback URL: 
    https://your-nodedrop-url/oauth/callback/github
  4. Copy Client ID and Client Secret
  5. Create credential in NodeDrop

Generic OAuth2

For services not specifically supported:

  1. Find the service's OAuth documentation
  2. Create an OAuth app in their developer portal
  3. Note the authorization and token URLs
  4. In NodeDrop, create a Generic OAuth2 credential:
FieldDescription
Client IDFrom the service
Client SecretFrom the service
Authorization URLService's auth endpoint
Token URLService's token endpoint
ScopesRequired permissions

Authorizing Credentials

After creating an OAuth credential:

  1. Click Connect or Authorize
  2. You'll be redirected to the service
  3. Log in and grant permissions
  4. You're redirected back to NodeDrop
  5. The credential is now active

Token Refresh

OAuth tokens expire. NodeDrop automatically:

  • Detects expired tokens
  • Uses refresh tokens to get new access tokens
  • Retries failed requests with new tokens

Troubleshooting

Authorization Failed

  • Verify Client ID and Secret are correct
  • Check redirect URI matches exactly
  • Ensure required APIs are enabled

Token Expired

  • Re-authorize the credential
  • Check if refresh token was revoked
  • Verify scopes haven't changed

Permission Denied

  • Review requested scopes
  • Check service-side permissions
  • Ensure account has access to resources

Security Notes

  • OAuth tokens are encrypted like other credentials
  • Refresh tokens allow long-term access
  • Revoking access in the service invalidates tokens
  • Use minimum required scopes

Credentials

Securely manage API keys and authentication

Configuration

Configure NodeDrop for your environment

On this page

OAuth SetupHow OAuth WorksSetting Up OAuth CredentialsGoogle (Gmail, Sheets, etc.)GitHubGeneric OAuth2Authorizing CredentialsToken RefreshTroubleshootingAuthorization FailedToken ExpiredPermission DeniedSecurity Notes