> ## Documentation Index
> Fetch the complete documentation index at: https://docs.ravenna.ai/llms.txt
> Use this file to discover all available pages before exploring further.

# OAuth setup for Google Cloud

> End-to-end walkthrough: create an OAuth client in Google Cloud, register it as a custom OAuth provider in Ravenna, and use it from a Foundry function.

Use this walkthrough to connect anything in the Google ecosystem, including Google Workspace, Calendar, Drive, and Gmail. The screens are the same across all of them. Only the APIs you enable and the scopes you pick change.

<Callout icon="link" color="#6B7280">
  New here? Start with the [OAuth setup overview](/guides/how-to/foundry/setup-oauth/overview) for the shape and prerequisites that apply to every provider.
</Callout>

***

## Before you begin

You'll need:

* **Organization admin** access in Ravenna.
* Access to the [Google Cloud Console](https://console.cloud.google.com).
* A rough idea of which Google APIs your function will call (Calendar, Gmail, Drive, etc.) so you know which scopes to ask for.

***

## 1. Create the OAuth client in Google Cloud

<Steps>
  <Step title="Open a project">
    Go to the [Google Cloud Console](https://console.cloud.google.com) and either create a new project or pick an existing one. The project is where your OAuth client and consent screen live.
  </Step>

  <Step title="Enable the APIs you need">
    Go to **APIs & Services → Library** and enable each Google API your function will call. For example, **Google Calendar API**, **Gmail API**, or **Google Drive API**. If you don't enable an API, calls to it will fail at runtime even if the OAuth flow succeeds.
  </Step>

  <Step title="Configure the OAuth consent screen">
    Go to **APIs & Services → OAuth consent screen**.

    * Choose **Internal** if every user will be in your Google Workspace. Choose **External** if any user might sign in from outside it.
    * Fill in the app name, support email, and developer contact email.
    * Add the **scopes** your function will need. Start with the smallest set and add more as you build. For example:
      * `https://www.googleapis.com/auth/calendar.readonly` for read-only calendar access.
      * `https://www.googleapis.com/auth/gmail.send` to send email as the user.
    * For External apps, add any test users who will connect during development.
  </Step>

  <Step title="Create the OAuth client">
    Go to **APIs & Services → Credentials**, click **Create Credentials → OAuth client ID**, and choose **Web application**.

    Add Ravenna's callback URL under **Authorized redirect URIs**:

    ```
    https://app.ravenna.ai/api/integrations/foundry-oauth/callback
    ```

    Save the client. Google shows you a **Client ID** and **Client secret**. Keep these handy for the next section.
  </Step>
</Steps>

<Info>
  If your Ravenna deployment uses a custom domain, replace `app.ravenna.ai` with your own domain in the redirect URI. Your Ravenna team can confirm the exact value.
</Info>

***

## 2. Register the provider in Ravenna

<Steps>
  <Step title="Open Settings → OAuth Providers">
    In Ravenna, go to **Settings → OAuth Providers** and click **Add Provider**.
  </Step>

  <Step title="General tab">
    Fill in:

    * **Name**. For example, "Google Workspace."
    * **Slug**. A short identifier used in generated code (for example, `google`).
    * **Description** and **Logo**. Optional but helpful.
    * **Base URL**. The root of the API. For Google APIs this is `https://www.googleapis.com`.
    * **Docs URL**. The API reference you want Foundry to research. For Calendar, `https://developers.google.com/calendar/api/v3/reference` works well.
  </Step>

  <Step title="OAuth tab">
    Fill in the details from Google:

    * **Authorization URL**. `https://accounts.google.com/o/oauth2/v2/auth`
    * **Token URL**. `https://oauth2.googleapis.com/token`
    * **Scopes**. Paste the same scopes you added to the Google consent screen, space-separated.
    * **Client ID** and **Client secret**. Paste the values Google generated.

    For Google specifically, also set these extras so refresh tokens work and the consent screen shows every time:

    * **Authorization URL parameters**:
      ```json theme={"system"}
      { "access_type": "offline", "prompt": "consent" }
      ```
  </Step>

  <Step title="Research and save">
    Foundry researches the docs URL the same way it does for custom API integrations. Once it finishes, the provider is enabled and shows up in **Settings → Integrations** under the **Custom** category.
  </Step>
</Steps>

***

## 3. Connect an account

Each user who runs a function needs to connect their own Google account once:

1. Go to **Settings → Integrations** and find the provider you registered in the **Custom** category.
2. Click **Connect** and complete the standard Google sign-in flow.
3. Tokens refresh automatically after that; the user doesn't need to reconnect unless they revoke access.

***

## 4. Build a function on top

Open **Foundry**, click **New Function**, and connect the new Google provider in the function's **Integrations** tab. Pick which connected Google account the function should run as. Then describe what you want it to do:

* "List my next five calendar events and return their title, start time, and meeting link."
* "Find all unread emails from `@acme.com` in the last 24 hours and return the subject and snippet."

Foundry generates and tests the function, and you can refine it in chat the same way as any other Foundry function.

<Callout icon="link" color="#6B7280">
  Full build → test → refine → publish loop: [Building functions](/documentation/automate/foundry/actions).
</Callout>
