Docs · Setup
Connect Gmail (Google OAuth) in 7 minutes
One-time setup in Google Cloud Console. After this every café manager can “Sign in with Google” on the Settings page → outbound POs are sent from their own Gmail address, in their own thread, looking like a personal email.
Open Google Cloud Console
Go to console.cloud.google.com/apis/credentials. Sign in. If you don't have a project yet, create one named StockPilot.
Enable the Gmail API
Top search bar: type “Gmail API”, click the result → Enable. Wait for it to flip to “API enabled”. Free tier covers ~1B quota units/day — way more than any café will use.
Configure the OAuth consent screen
Left nav → OAuth consent screen → Get started (if first time):
- App name:
StockPilot - User support email: your email
- App logo: optional but improves trust
- Audience: External (so any Gmail user can sign in, not just your Google Workspace)
- Developer contact: your email
Save. The app starts in Testingmode — you can add up to 100 test users that can sign in immediately. To open it up to the whole internet, you'll later submit for Google verification (see /docs/google-verification).
Add the gmail.send scope
Same OAuth consent screen → Data access → Add or remove scopes. Filter for gmail, check ONLY:
- .../auth/gmail.send
- .../auth/userinfo.email
- .../auth/userinfo.profile
Save. We do NOT request gmail.readonly or gmail.modify— narrow scope means Google verification is much easier (no security assessment required) AND café managers see “send email on your behalf” in the consent screen, not the scary “read all your email”.
Create the OAuth client ID
Left nav → Credentials → + Create credentials → OAuth client ID:
- Application type: Web application
- Name:
StockPilot Gmail - Authorized JavaScript origins:
https://stockpilot-app-production-2a53.up.railway.app - Authorized redirect URIs:
Redirect URI
https://stockpilot-app-production-2a53.up.railway.app/api/auth/google/gmail/callback
Click Create. A modal pops up showing Client ID (ends with .apps.googleusercontent.com) and Client Secret (starts with GOCSPX-). Copy both.
Paste into Railway
Railway → Variables → + New Variable twice:
GOOGLE_CLIENT_ID=paste the Client IDGOOGLE_CLIENT_SECRET=paste the Client Secret
Add yourself as a test user + sign in
While the app is in Testing mode, only Google accounts you explicitly add can sign in. OAuth consent screen → Audience → + Add users → paste your café manager email(s). Save.
Reload /settings. The Email row offers Sign in with Google. Click → consent → return. Your sending address now appears under the Email row.