This article walks you through the process of configuring Email OAuth 2.0 for Gmail in ACCELQ. It covers the steps needed to create a Google Cloud project, assign necessary permissions, and generate OAuth 2.0 authentication credentials for seamless email automation within ACCELQ.
Pre-requisite: Create App Registration and Configure the OAuth consent screen
Step 1: Create a Google Cloud project and enable Gmail API
- Navigate to this link to create a new project.
-
Navigate to Menu > More products > Google Workspace > Product Library and enable "Gmail API"
Step 2: Configure Gmail OAuth consent screen
- Navigate to Menu > APIs & Services > OAuth consent screen
-
Choose "Internal" if your Gmail account is a Google Workspace user within your organization. Otherwise, choose "External" and click the "CREATE" button.
- Enter the App Name as "ACCELQ Email"
- Select the currently logged-in Gmail user for "User support email" from the dropdown.
- Provide the "Developer contact information" with the same Gmail ID.
-
Finally, click the "SAVE AND CONTINUE" button.
Step 3: Configure the scope for your app registration
-
Click "ADD OR REMOVE SCOPES" button
- Filter for "Gmail API" and select the one with the scope "https://mail.google.com/".
-
Finally, click "Update"
- Click the "SAVE AND CONTINUE" button
Step 4: Add Test Users
- Add users who will be using this app registration
- Finally, click "SAVE AND CONTINUE"
-
Click "BACK TO DASHBOARD"
- Click "PUBLISH APP"
Step 5: Create an OAuth client secrets file
- Navigate to Menu > APIs & Services > Credentials
-
Click "CREATE CREDENTIALS" and select "OAuth client ID"
-
Select the option "Desktop App" from the "Application Type" dropdown and click the "CREATE" button
-
Download the client secrets JSON file (google client secret file) by clicking "DOWNLOAD JSON" button
-
Rename the JSON file downloaded as <user_id>.json. Where "user_id" is the email address being authorized, after replacing the special characters including the period "." character with "_" character. Only include the text before the "@" in the email address. For example, if the auth file is for the email address, "john.todd@gmail.com", rename this file as "john_todd.json".
Copy this file to the below directory on the Local Agent.
~\ACCELQAgent\AgentInstances\agent_5\user_data\auth_token\gmail
Generate OAuth 2.0 or Authentication credential files in ACCELQ
You may create a sample Action in your ACCELQ Project and insert the following command.
Command: Generate azure/google authentication token
Important: The above Action containing the setup command is used only to create the auth token (as part of a one-time setup), and must not be part of the actual Scenario flow.
Let's understand each parameter usage of this command generating Gmail OAuth 2.0 token cache:
-
Email ID: Enter the user's email ID.
Note: This email ID must be added as one of the test users for the App Registration, as mentioned in the previous section (Pre-requisite: Creating App Registration and Configuring OAuth consent screen [Step 4]). - Cache Folder Path: Directory to save the generated file (optional). You can leave this blank.
- Service: Choose "Gmail."
-
Google Client Secret File: Profile file path as shown below
auth_token\gmail\<user_id>.json
NOTE: Where "<user_id>" is the email address being authorized, replace all special characters, including the period ".", with an underscore "_". Only include the text before the "@" in the email address as mentioned in the previous section(Pre-requisite: Creating App Registration and Configuring OAuth consent screen [Step 5]) -
Scopes: This is an optional field and you can leave this blank. This allows users to provide required scopes that are supported by the provider. If you are providing custom scopes, be sure to separate the scopes with a "comma".
If no scopes are provided, it defaults to provider-recommended scopes. Below is the default scope automatically set internally if scopes are left blank:Note: The user's email ID used for email automation must have unrestricted permissions for the above scopes and must not require admin consent.
If there are challenges with the default policies, please reach out to your Email Admin to relax the policies on the email ID for automation purposes.
It is recommended to have a separate user email ID for test automation purposes, and any organization-level policies should be relaxed for this particular user ID.
After filling in all the parameters as described above, run the action as an independent job or playback the command statement. This will open an independent tab in your default browser and take you to a Gmail login page. You may see a warning page as shown below. You can click the "Advanced" link and then click "Go to ACCELQ Email" link.
Log in with the same email ID that you used in the command "Generate azure/google authentication token" statement.
Allow permissions to read, compose, and send email as shown below and click the "Continue" button
After a successful login, you will be redirected to a blank page with the message "Authentication complete. You can close the browser and return to the application"
Upon successful command execution, a file is generated in the below folder, with the name matching the email address.
~\ACCELQAgent\AgentInstances\agent\user_data\auth_token\gmail
This is a JSON file containing the required access token, refresh token and expiration details. The data in this credential file helps generate new tokens upon expiration for seamless automation.
Also, note that you are not supposed to manually edit the credentials file generated from this step or the cache generated by the command "Generate azure/google authentication token" at the following location:
`~\ACCELQAgent\AgentInstances\agent\user_data\auth_token\gmail`
Writing Automation Logic
You can now use all the Email library commands to write your Action logic. Here is an article explaining Email testing.
Comments
0 comments
Please sign in to leave a comment.