Nodemailer: oauth gmail error: { [Error: unauthorized_client] code: 'EAUTH' }

Created on 13 Feb 2016  ·  6Comments  ·  Source: nodemailer/nodemailer

I have login with google oauth set up. I pasted in the accessToken field from what got returned from login with google. I cannot get past this error { [Error: unauthorized_client] code: 'EAUTH' }.

var express = require('express'),
    nodemailer = require('nodemailer'),
    xoauth2 = require('xoauth2'),
    router = express.Router();

// create reusable transporter object using the default SMTP transport
var transporter = nodemailer.createTransport({
    service: 'gmail',
    auth: {
        xoauth2: xoauth2.createXOAuth2Generator({
            user: "[email protected]",
            clientId: '925......4cui6indku1jgr7g7kpg6.apps.googleusercontent.com',
            clientSecret: "Y1l..........N7xkKd1x",
            refreshToken: "1/LFVq94wxy6uWMP............QqEWxIgOrJDtdun6zK6XiATCKT",
            accessToken: 'eyJ0eXAiOiJKV....................Zxd4uAPJlZqAdJwcHO3prmVSOtTo4PvEXkzhFJJo'
        })
    }
});

/*

 |--------------------------------------------------------------------------
 | POST /sendEmails
 |--------------------------------------------------------------------------
 */
 router.post('/sendToList', function(req, res){
    console.log(req.body);

    // setup e-mail data with unicode symbols
    var mailOptions = {
        from: '[email protected]', // sender address
        to: '[email protected], [email protected]', // list of receivers
        subject: 'Hello ✔', // Subject line
        text: 'Hello world 🐴', // plaintext body
        html: '<b>Hello world 🐴</b>' // html body
    };

    // send mail with defined transport object
    transporter.sendMail(mailOptions, function(error, info){
        if(error){
            return console.log(error);
        }
        console.log('Message sent: ' + info.response);
    });

 });

 module.exports = router;
picture connor11528

Most helpful comment

For anyone having "unauthorized_client" issues whilst the following apply:

Using a service account
Have a google suite account attached
Have followed all the 2 leg instructions at: https://nodemailer.com/smtp/oauth2/#oauth-2lo
I finally solved it following the documentation here: https://developers.google.com/identity/protocols/OAuth2ServiceAccount#delegatingauthority

In essence going to
https://admin.google.com/yourgsuitedomain.com/ManageOauthClients
Adding a client id (from service account) and scope: https://mail.google.com/ (final slash important)

Emails started working after that.

picture AdamCraven on 16 Oct 2019
👍6 🎉1

All 6 comments

Can't help much here, Gmail is really picky. Sometimes the client needs to be re-authorized, sometimes the correct scope ("https://mail.google.com/") is missing. Nodemailer just passes on the access token to Gmail as it is, or generates next one using the refresh token but does not modify any permissions etc.

andris9 picture andris9 on 13 Feb 2016

Mixed blessing, glad gmail has such good security but a pain for developers!

connor11528 picture connor11528 on 15 Feb 2016

Hi @connor11528 did you fix the issue

ferchichi01 picture ferchichi01 on 20 Sep 2019
👎1

For anyone having "unauthorized_client" issues whilst the following apply:

Using a service account
Have a google suite account attached
Have followed all the 2 leg instructions at: https://nodemailer.com/smtp/oauth2/#oauth-2lo
I finally solved it following the documentation here: https://developers.google.com/identity/protocols/OAuth2ServiceAccount#delegatingauthority

In essence going to
https://admin.google.com/yourgsuitedomain.com/ManageOauthClients
Adding a client id (from service account) and scope: https://mail.google.com/ (final slash important)

Emails started working after that.

AdamCraven picture AdamCraven on 16 Oct 2019
👍6 🎉1

@AdamCraven

Thank you for the message above.
I have been trouble shooting the crap out of the 2LO OAuth method for sending gmail through nodemailer. (the less secure, and 3LO methods work, but for easiest replication, I am trying to get the 2LO method to work)

I noticed that you have a G Suite account attached - my setup is through Firebase (and I am running the nodemailer code on Firebase Cloud Functions with a service account attached to a Firebase project) and am wondering if my woes are due to the fact that I do not have a G Suite account.

Thanks for any additional info you might have!

gyoon-dev picture gyoon-dev on 11 Mar 2020

I was able to try signing up for G Suite for the domain linked to our Firebase web project and this seems to solve the issue.
Thank you again for the tip above!

gyoon-dev picture gyoon-dev on 12 Mar 2020
Was this page helpful?
0 / 5 - 0 ratings

Related issues

ryanrolds picture ryanrolds  ·  4Comments
curlynux picture curlynux  ·  5Comments
molerat619 picture molerat619  ·  3Comments
maggialejandro picture maggialejandro  ·  5Comments
abhishekdgeek picture abhishekdgeek  ·  5Comments