Repository files navigation

Node.js client library for using Google APIs. Support for authorization and authentication with OAuth 2.0, API Keys and JWT tokens is included.

• Google APIs
• Getting started
  • Installation
  • Using the client library
  • Samples
  • API Reference
• Authentication and authorization
  • OAuth2 client
  • Using API keys
  • Application default credentials
  • Service account credentials
  • Setting global or service-level auth
• Usage
  • Specifying request body
  • Media uploads
  • Request Options
  • Using a Proxy
  • Supported APIs
  • TypeScript
  • HTTP/2
• License
• Contributing
• Questions/problems?

The full list of supported APIs can be found on theGoogle APIs Explorer. The API endpoints are automatically generated, so if the API is not in the list, it is currently not supported by this API client library.

When utilizing Google Cloud Platform APIs like Datastore, Cloud Storage, or Pub/Sub, it is advisable to leverage the @google-cloud client libraries. These libraries are purpose-built, idiomatic Node.js clients designed for specific Google Cloud Platform services. We recommend installing individual API packages, such as@google-cloud/storage. To explore a comprehensive list of Google Cloud Platform API-specific packages, please refer tohttps://cloud.google.com/nodejs/docs/reference.

These client libraries are officially supported by Google. However, these libraries are considered complete and are in maintenance mode. This means that we will address critical bugs and security issues but will not add any new features. For Google Cloud Platform APIs, we recommend usinggoogle-cloud-node which is under active development.

This library supports the maintenance LTS, active LTS, and current release of node.js. See thenode.js release schedule for more information.

This library is distributed onnpm. In order to add it as a dependency, run the following command in your terminal:

npm install googleapis

If you need to reduce startup times, you can alternatively install a submodule as its own dependency. We make an effort to publish submodules that arenot in thislist. In order to add it as a dependency, run the following sample command in your terminal, replacing with your preferred API:

npm install @googleapis/docs

You can runthis search onnpm, to find a list of the submodules available.

This is a very simple example. This creates a Blogger client and retrieves the details of a blog given the blog Id:

const{google}=require('googleapis');// Each API may support multiple versions. With this sample, we're getting// v3 of the blogger API, and using an API key to authenticate.constblogger=google.blogger({version:'v3',auth:'YOUR API KEY'});constparams={blogId:'3213900'};// get the blog detailsblogger.blogs.get(params,(err,res)=>{if(err){console.error(err);throwerr;}console.log(`The blog url is${res.data.url}`);});

Instead of using callbacks you can also use promises!

blogger.blogs.get(params).then(res=>{console.log(`The blog url is${res.data.url}`);}).catch(error=>{console.error(error);});

Or async/await:

asyncfunctionrunSample(){constres=awaitblogger.blogs.get(params);console.log(`The blog url is${res.data.url}`);}runSample().catch(console.error);

Alternatively, you can make calls directly to the APIs by installing a submodule:

constdocs=require('@googleapis/docs')constauth=newdocs.auth.GoogleAuth({keyFilename:'PATH_TO_SERVICE_ACCOUNT_KEY.json',// Scopes can be specified either as an array or as a single, space-delimited string.scopes:['https://www.googleapis.com/auth/documents']});constauthClient=awaitauth.getClient();constclient=awaitdocs.docs({version:'v1',auth:authClient});constcreateResponse=awaitclient.documents.create({requestBody:{title:'Your new document!',},});console.log(createResponse.data);

There are a lot ofsamples 🤗 If you're trying to figure out how to use an API ... look there first! You can also search for a given API'sREST documentation on cloud.google.com, as well as documentation embedded in the source code comments (under src/apis/api-name/version).

This library has a full set ofAPI Reference Documentation. This documentation is auto-generated, and the location may change.

There are multiple ways to authenticate to Google APIs. Some services support all authentication methods, while others may only support one or two.

• OAuth2 - This allows you to make API calls on behalf of a given user. In this model, the user visits your application, signs in with their Google account, and provides your application with authorization against a set of scopes.Learn more.

• API Key - With an API key, you can access your service from a client or the server. Typically less secure, this is only available on a small subset of services with limited scopes.Learn more.

• Application default credentials - Provides automatic access to Google APIs using theGoogle Cloud SDK for local development, or theGCE Metadata Server for applications deployed to Google Cloud Platform.Learn more.

• Service account credentials - In this model, your application talks directly to Google APIs using a Service Account. It's useful when you have a backend application that will talk directly to Google APIs from the backend.Learn more.

To learn more about the authentication client, see theGoogle Auth Library.

This module comes with anOAuth2 client that allows you to retrieve an access token, refresh it, and retry the request seamlessly. The basics of Google's OAuth2 implementation is explained onGoogle Authorization and Authentication documentation.

In the following examples, you may need aCLIENT_ID,CLIENT_SECRET andREDIRECT_URL. You can find these pieces of information by going to theDeveloper Console, clicking your project --> APIs & auth --> credentials.

• Navigate to the Cloud Console andCreate a new OAuth2 Client Id
• SelectWeb Application for the application type
• Add an authorized redirect URI with the valuehttp://localhost:3000/oauth2callback (or applicable value for your scenario)
• ClickCreate, andOk on the following screen
• Click theDownload icon next to your newly created OAuth2 Client Id

Make sure to store this file in safe place, anddo not check this file into source control!

For more information about OAuth2 and how it works,see here.

A complete sample application that authorizes and authenticates with the OAuth2 client is available atsamples/oauth2.js.

To ask for permissions from a user to retrieve an access token, you redirect them to a consent page. To create a consent page URL:

const{google}=require('googleapis');constoauth2Client=newgoogle.auth.OAuth2(YOUR_CLIENT_ID,YOUR_CLIENT_SECRET,YOUR_REDIRECT_URL);// generate a url that asks permissions for Blogger and Google Calendar scopesconstscopes=['https://www.googleapis.com/auth/blogger','https://www.googleapis.com/auth/calendar'];consturl=oauth2Client.generateAuthUrl({// 'online' (default) or 'offline' (gets refresh_token)access_type:'offline',// If you only need one scope, you can pass it as a stringscope:scopes});

IMPORTANT NOTE - Therefresh_token is only returned on the first authorization. More detailshere.

Once a user has given permissions on the consent page, Google will redirect the page to the redirect URL you have provided with a code query parameter.

    GET /oauthcallback?code={authorizationCode}

With the code returned, you can ask for an access token as shown below:

// This will provide an object with the access_token and refresh_token.// Save these somewhere safe so they can be used at a later time.const{tokens}=awaitoauth2Client.getToken(code)oauth2Client.setCredentials(tokens);

With the credentials set on your OAuth2 client - you're ready to go!

Access tokens expire. This library will automatically use a refresh token to obtain a new access token if it is about to expire. An easy way to make sure you always store the most recent tokens is to use thetokens event:

oauth2Client.on('tokens',(tokens)=>{if(tokens.refresh_token){// store the refresh_token in my database!console.log(tokens.refresh_token);}console.log(tokens.access_token);});

This tokens event only occurs in the first authorization, and you need to have set youraccess_type tooffline when calling thegenerateAuthUrl method to receive the refresh token. If you have already given your app the requisite permissions without setting the appropriate constraints for receiving a refresh token, you will need to re-authorize the application to receive a fresh refresh token. You can revoke your app's access to your accounthere.

To set therefresh_token at a later time, you can use thesetCredentials method:

oauth2Client.setCredentials({refresh_token:`STORED_REFRESH_TOKEN`});

Once the client has a refresh token, access tokens will be acquired and refreshed automatically in the next call to the API.

Refresh tokens may stop working after they are granted, either because:

• The user has revoked your app's access
• The refresh token has not been used for 6 months
• The user changed passwords and the refresh token contains Gmail scopes
• The user account has exceeded a max number of live refresh tokens
• The application has a status of 'Testing' and the consent screen is configured for an external user type, causing the token to expire in 7 days

As a developer, you should write your code to handle the case where a refresh token is no longer working.

You may need to send an API key with the request you are going to make. The following uses an API key to make a request to the Blogger API service to retrieve a blog's name, url, and its total amount of posts:

const{google}=require('googleapis');constblogger=google.blogger_v3({version:'v3',auth:'YOUR_API_KEY'// specify your API key here});constparams={blogId:'3213900'};asyncfunctionmain(params){constres=awaitblogger.blogs.get({blogId:params.blogId});console.log(`${res.data.name} has${res.data.posts.totalItems} posts! The blog url is${res.data.url}`)};main().catch(console.error);

To learn more about API keys, please see thedocumentation.

Rather than manually creating an OAuth2 client, JWT client, or Compute client, the auth library can create the correct credential type for you, depending upon the environment your code is running under.

For example, a JWT auth client will be created when your code is running on your local developer machine, and a Compute client will be created when the same code is running on a configured instance of Google Compute Engine. The code below shows how to retrieve a default credential type, depending upon the runtime environment.

To use Application default credentials locally with theGoogle Cloud SDK, run:

$ gcloud auth application-default login

When running in GCP, service authorize is automatically provided via the GCE Metadata server.

const{google}=require('googleapis');constcompute=google.compute('v1');asyncfunctionmain(){constauth=newgoogle.auth.GoogleAuth({// Scopes can be specified either as an array or as a single, space-delimited string.scopes:['https://www.googleapis.com/auth/compute']});constauthClient=awaitauth.getClient();// obtain the current project Idconstproject=awaitauth.getProjectId();// Fetch the list of GCE zones within a project.constres=awaitcompute.zones.list({ project,auth:authClient});console.log(res.data);}main().catch(console.error);

Service accounts allow you to perform server-to-server, app-level authentication using a robot account. You will create a service account, download a keyfile, and use that to authenticate to Google APIs. To create a service account:

• Go to theCreate Service Account Key page
• SelectNew Service Account in the drop down
• Click theCreate button

Save the service account credential file somewhere safe, anddo not check this file into source control! To reference the service account credential file, you have a few options.

You can start process with an environment variable namedGOOGLE_APPLICATION_CREDENTIALS. The value of this env var should be the full path to the service account credential file:

$ GOOGLE_APPLICATION_CREDENTIALS=./your-secret-key.json node server.js

Alternatively, you can specify the path to the service account credential file via thekeyFile property in theGoogleAuth constructor:

const{google}=require('googleapis');constauth=newgoogle.auth.GoogleAuth({keyFile:'/path/to/your-secret-key.json',scopes:['https://www.googleapis.com/auth/cloud-platform'],});

You can set theauth as a global or service-level option so you don't need to specify it every request. For example, you can setauth as a global option:

const{google}=require('googleapis');constoauth2Client=newgoogle.auth.OAuth2(YOUR_CLIENT_ID,YOUR_CLIENT_SECRET,YOUR_REDIRECT_URL);// set auth as a global defaultgoogle.options({auth:oauth2Client});

Instead of setting the option globally, you can also set the authentication client at the service-level:

const{google}=require('googleapis');constoauth2Client=newgoogle.auth.OAuth2(YOUR_CLIENT_ID,YOUR_CLIENT_SECRET,YOUR_REDIRECT_URL);constdrive=google.drive({version:'v2',auth:oauth2Client});

See theOptions section for more information.

The body of the request is specified in therequestBody parameter object of the request. The body is specified as a JavaScript object with key/value pairs. For example, this sample creates a watcher that posts notifications to a Google Cloud Pub/Sub topic when emails are sent to a gmail account:

constres=awaitgmail.users.watch({userId:'me',requestBody:{// Replace with `projects/${PROJECT_ID}/topics/${TOPIC_NAME}`topicName:`projects/el-gato/topics/gmail`}});console.log(res.data);

This client supports multipart media uploads. The resource parameters are specified in therequestBody parameter object, and the media itself is specified in themedia.body parameter with mime-type specified inmedia.mimeType.

This example uploads a plain text file to Google Drive with the title "Test" and contents "Hello World".

constdrive=google.drive({version:'v3',auth:oauth2Client});constres=awaitdrive.files.create({requestBody:{name:'Test',mimeType:'text/plain'},media:{mimeType:'text/plain',body:'Hello World'}});

You can also upload media by specifyingmedia.body as aReadable stream. This can allow you to upload very large files that cannot fit into memory.

constfs=require('fs');constdrive=google.drive({version:'v3',auth:oauth2Client});asyncfunctionmain(){constres=awaitdrive.files.create({requestBody:{name:'testimage.png',mimeType:'image/png'},media:{mimeType:'image/png',body:fs.createReadStream('awesome.png')}});console.log(res.data);}main().catch(console.error);

For more examples of creation and modification requests with media attachments, take a look at thesamples/drive/upload.js sample.

For more fine-tuned control over how your API calls are made, we provide you with the ability to specify additional options that can be applied directly to the'gaxios' object used in this library to make network calls to the API.

You may specify additional options either in the globalgoogle object or on a service client basis. The options you specify are attached to thegaxios object so whatevergaxios supports, this library supports. You may also specify global or per-service request parameters that will be attached to all API calls you make.

A full list of supported options can befound here.

You can choose default options that will be sent with each request. These options will be used for every service instantiated by the google client. In this example, thetimeout property ofGaxiosOptions will be set for every request:

const{google}=require('googleapis');google.options({// All requests made with this object will use these settings unless overridden.timeout:1000,auth:auth});

You can also modify the parameters sent with each request:

const{google}=require('googleapis');google.options({// All requests from all services will contain the above query parameter// unless overridden either in a service client or in individual API calls.params:{quotaUser:'user123@example.com'}});

You can also specify options when creating a service client.

constblogger=google.blogger({version:'v3',// All requests made with this object will use the specified auth.auth:'API KEY';});

By doing this, every API call made with this service client will use'API KEY' to authenticate.

Note: Created clients areimmutable so you must create a new one if you want to specify different options.

Similar to the examples above, you can also modify the parameters used for every call of a given service:

constblogger=google.blogger({version:'v3',// All requests made with this service client will contain the// blogId query parameter unless overridden in individual API calls.params:{blogId:'3213900'}});// Calls with this drive client will NOT contain the blogId query parameter.constdrive=google.drive('v3');...

You can specify anauth object to be used per request. Each request also inherits the options specified at the service level and global level.

For example:

const{google}=require('googleapis');constbigquery=google.bigquery('v2');asyncfunctionmain(){// This method looks for the GCLOUD_PROJECT and GOOGLE_APPLICATION_CREDENTIALS// environment variables.constauth=newgoogle.auth.GoogleAuth({scopes:['https://www.googleapis.com/auth/cloud-platform']});constauthClient=awaitauth.getClient();constprojectId=awaitauth.getProjectId();constrequest={    projectId,datasetId:'<YOUR_DATASET_ID>',// This is a "request-level" optionauth:authClient};constres=awaitbigquery.datasets.delete(request);console.log(res.data);}main().catch(console.error);

You can also overridegaxios options per request, such asurl,method, andresponseType.

For example:

constres=awaitdrive.files.export({fileId:'asxKJod9s79',// A Google DocmimeType:'application/pdf'},{// Make sure we get the binary dataresponseType:'stream'});

You can use the following environment variables to proxy HTTP and HTTPS requests:

• HTTP_PROXY /http_proxy
• HTTPS_PROXY /https_proxy

When HTTP_PROXY / http_proxy are set, they will be used to proxy non-SSL requests that do not have an explicit proxy configuration option present. Similarly, HTTPS_PROXY / https_proxy will be respected for SSL requests that do not have an explicit proxy configuration option. It is valid to define a proxy in one of the environment variables, but then override it for a specific request, using the proxy configuration option.

You can programmatically obtain the list of supported APIs, and all available versions:

const{google}=require('googleapis');constapis=google.getSupportedAPIs();

This will return an object with the API name as object property names, and an array of version strings as the object values;

This library is written in TypeScript, and provides types out of the box. All classes and interfaces generated for each API are exported under the${apiName}_${version} namespace. For example, the Drive v3 API types are all available from thedrive_v3 namespace:

import{google,// The top level object used to access servicesdrive_v3,// For every service client, there is an exported namespaceAuth,// Namespace for auth related typesCommon,// General types used throughout the library}from'googleapis';// Note: using explicit types like `Auth.GoogleAuth` are only here for// demonstration purposes.  Generally with TypeScript, these types would// be inferred.constauth:Auth.GoogleAuth=newgoogle.auth.GoogleAuth();constdrive:drive_v3.Drive=google.drive({version:'v3',  auth,});// There are generated types for every set of request parametersconstlistParams:drive_v3.Params$Resource$Files$List={};constres=awaitdrive.files.list(listParams);// There are generated types for the response fields as wellconstlistResults:drive_v3.Schema$FileList=res.data;

This library has support forHTTP/2. To enable it, use thehttp2 option anywhere request parameters are accepted:

const{google}=require('googleapis');google.options({http2:true,});

HTTP/2 is often more performant, as it allows multiplexing of multiple concurrent requests over a single socket. In a traditional HTTP/2 API, the client is directly responsible for opening and closing the sessions made to make requests. To maintain compatibility with the existing API, this module will automatically re-use existing sessions, which are collected after idling for 500ms. Much of the performance gains will be visible in batch style workloads, and tight loops.

You can find a detailed list of breaking changes and new features in ourRelease Notes. If you've used this library before25.x, see ourRelease Notes to learn about migrating your code from24.x.x to25.x.x. It's pretty easy :)

This library is licensed under Apache 2.0. Full license text is available inLICENSE.

We love contributions! Before submitting a Pull Request, it's always good to start with a new issue first. To learn more, seeCONTRIBUTING.

• Ask your development related questions onStackoverflow.
• If you've found an bug/issue, pleasefile it on GitHub.