Creating Google OAuth 2.0 Client

📘

Enabling the Google Calendar API

You must enable the Google Calendar API in the project in order to interact with it

To enable this feature, first setup an OAuth2.0 client following the steps below.

1. Obtain Google OAuth 2.0 client credentials. You can follow the steps provided here.

2. Configure permission scopes calendar.events.readonly & userinfo.email in the consent screen section.

3. Add https://$REGION.recall.ai/api/v1/calendar/google_oauth_callback/ as a redirect URI for the OAuth client id. Replace $REGION with your Recall.ai Region such as us-west-2.

(Note: For development purpose, see below for moving app to production/submitting for verification)

📘

If you'd like to test out your OAuth integration by connecting your account directly from the dashboard, you can add the base URL of you Recall Region.

This must be removed before submitting your app for approval, as Google will require you to verify ownership of any authorized domains.

info here https://support.google.com/googleapi/answer/6158841

To enable this feature, first setup an OAuth2.0 client following the steps below.

1. Obtain Google OAuth 2.0 client credentials. You can follow the steps provided here https://support.google.com/cloud/answer/15549257.

2. Configure permission scopes `cal

4. Save the calendar client credentials in your Recall workspace.

You can access this at the following link, according to your Recall.ai region:

• (US) us-east-1
• (Pay-as-you-go) us-west-2
• (EU) eu-central-1
• (JP) ap-northeast-1

Building Google OAuth 2.0 URL

Each user in your application must connect their Google calendar via OAuth before using calendar integration. The process for connection is triggered by redirecting user to the OAuth URL.

The URL structure should be as follows:

https://accounts.google.com/o/oauth2/v2/auth?
    scope={SCOPES}
    &access_type=offline
    &prompt=consent
    &include_granted_scopes=true
    &response_type=code
    &state={STATE}
    &redirect_uri={REDIRECT_URI}
    &client_id={CLIENT_ID}

1. SCOPES
   This parameter should be space seperated string containing required scopes which are calendar.events.readonly & userinfo.email.

Sample value:

https://www.googleapis.com/auth/calendar.events.readonly https://www.googleapis.com/auth/userinfo.email

2. REDIRECT_URI
   This parameter should be one of the redirect_uris configured in your Google OAuth 2.0 client.

3. CLIENT_ID
   This parameter should be your Google OAuth 2.0 client's client_id property.

4. STATE
   This parameter needs to be a JSON stringified object, which should contain
   a. recall_calendar_auth_token: The calendar auth token for the user. (required)
   b. google_oauth_redirect_url: The redirect_uri (should be same as REDIRECT_URI parameter in the url) (required)
   c. success_url: The URL to redirect the user to once authentication has completed (optional)
   d. error_url: The URL to redirect the user if the authentication errored (optional)

Sample value:

state=JSON.stringify({
  recall_calendar_auth_token: AUTH_TOKEN_HERE,
  google_oauth_redirect_url: REDIRECT_URI_HERE,
  success_url: https://yourdomain.com/google-calendar-connection/success,
  error_url: https://yourdomain.com/google-calendar-connection/success,
})

Going to Production: Getting Approval

The first step in the approval process is to fill out your app information. You should do so at the following link: https://console.cloud.google.com/apis/credentials/consent/edit

You must use your own app's name because the Google app reviewer will need to identify your app during the app approval process.

The next step is to select the scopes you are requesting through the OAuth interaction. The 2 scopes you require for the Recall Calendar integration are

1. calendar.events.readonly(sensitive scope)
2. userinfo.email(non-sensitive scope)

For the "How will the scopes be used?" section, you should explain why your app requires calendar permissions as well as any other scopes you request. In terms of the calendar permissions specifically, something like:

"We need access to the /auth/calendar.events.readonly scope in order to automatically record our user's video conference meetings on their "primary" calendar. We read event data in order to find video conference events that our users have scheduled."

The demo video should walk through the process of signing up to your app, approving the permissions through the OAuth flow, and showing the interface to sync and mark meetings to be recorded. This is the official guide to the elements that need to be shown in the app demonstration video.

🚧

Remember to update your Redirect URI before submitting!

Before submitting your Google OAuth Application to production, please ensure to update the redirect_uri to be on your own domain (rather than being on recall.ai domain) as Google requires to verify domain ownership of each of the redirect URIs added in the app.

For example, add https://your_website_domain/api/google_oauth_callback as redirect_uri. In the request handler for above URL, return a HTTP redirect response tohttps://us-west-2.recall.ai/api/v1/calendar/google_oauth_callback/.

Do not process the authorization code in your redirect uri endpoint. Instead you should forward the entire request (including all request query parameters) to recall.ai's OAuth endpoint.