Google APIs FAQ

December 31, 2020

For the last few months, I have been receiving a lot of queries on Google APIs. So I decided to create a FAQ article for the same. This article will be regularly updated, you can bookmark it if you want.

Can I pass the auth object directly to Google API endpoints?
No, the auth object contains various functions that will be stripped off if you send it in a request.

Can I pass access_token directly to Google API endpoints?
Yes, In fact, the npm module googleapis does the same under the hood.

Can I use third party APIs for handling requests to the Google API endpoints?
Yes, absolutely most of them will just require an access_token and the user’s email and return the response in a proper format. Check out this API for more info.

I am creating an application that uses one of the Google APIs, what should I store in my DB?
You should store the refresh_token and the user’s email in your database and access_token on your client because it will expire after half an hour.

How Do I refresh the access_token?
You will have to specify access_type as offline before asking for permissions, which will return a refresh_token as well which can be stored in your DB and can be used to generate a new access_token, without asking for user permission again.

Can I request additional permissions after a user is authorized?
Absolutely, and this is in fact the preferred way.

When requesting user permission to access user data or other resources, you can request all scopes up-front in the initial request or request scopes only as needed, using incremental authorization. Using incremental authorization, your app initially requests only the scopes required to start your app, then requests additional scopes as new permissions are required, in a context that identifies the reason for the request to the user.

For More Info refer to this article

Are there any usage limits for GMAIL API?
Yes, there is a daily usage limit and a per-user rate limit that applies to all the requests.
Daily Usage: Limited to 1,000,000,000 quota units every day.
Per User: 250 quota units per second.

Can I request Google to increase the quota for my app?
Yes, Simply navigate to the project dashboard in GCP and request for extending the usage limits.

What is a quota unit?
Every request consumes some amount of quota. For example, 1 request for creating a draft consumes 10 quota units. In this article, Google has listed all the quota limits.

Is GMAIL API free?
Yes, just like Gmail it's free to use. However, make sure you don’t exceed the daily quota limit.

Why Does my Authorization Screen says, “Not Verified”?
If you are using sensitive scopes, like reading and sending mails, you will have to first verify your app by Google. For more info refer to GCP Console Help.

How do I verify my App?
Navigate to the API and Services tab of your application dashboard on GCP, and click “OAuth Consent Screen”. There in the verification status, click the “Prepare for verification” button.

What do I need for verification?

A YouTube video showing how you plan to use the Google user data you get from scopes

A written explanation telling Google why you need access to sensitive and/or restricted user data

All your domains verified in Google Search Console

An official link to your app’s Privacy Policy

If your question is not answered, please leave it in the comments, and I will try to answer it in the article itself.