# Gmail Setup (oAuth2) {% hint style="info" %} Setting up OAuth 2.0 in Google requires using the **station's URL address**.\ The easiest way is to create a DNS record on the local server **or** add an IP address-to-domain name mapping in the `hosts` file on the device from which the configuration is being performed. {% endhint %} ## Google Account Settings 1. Before starting the setup, you need to change some Google account parameters. To do this, go to the account management page ([link](https://myaccount.google.com/)).

2. Go to the "**Security and sign-in**" section. Make sure that two-step authentication is configured.

3. Go to the Google Cloud Console, to the "**APIs & Services**" section ([link](https://console.cloud.google.com/apis/dashboard)). Create a project for the current task.

"APIs & Services" section in Google Cloud

4. Go to the APIs library (the "**Library**" section).

5. Enter "gmail api" in the search bar. Open the Gmail API card.

6. Click "**Enable**" to connect.

7. Go to the main **APIs & Services** page. Then click "**OAuth consent screen**".

"OAuth consent screen" section in APIs & Services

8. Create a project (click "**Get started**"). Fill in an arbitrary name and your email. Select "**Internal**" as the Audience. Click "**Create**" to finish.

"Audience" parameter in project creation process

9. Return to the main **APIs & Services** page. Then go to the "**Credentials**" section. Click "**Create credentials**". Select "OAuth client ID" to create.

10. Select "**Web application**" as the Application type. Then enter an arbitrary name. Click "**Create**".

11. Add a new "**Authorized redirect URI**". {% hint style="info" %} Format: `https://mikopbx.station.com/pbxcore/api/v3/mail-settings/oauth2-callback` Replace "mikopbx.station.com" with your station's URL. {% endhint %}

12. An OAuth client will be created. Save the Client ID and Client Secret to your notes. You will need this data for the connection in the future.

## Settings in MikoPBX 1. Go to the "**System**" -> "**Mail and notifications**" section:

"Mail and Notifications" section in MikoPBX

2. Next, go to "SMTP Settings". Fill in the following parameters: * **Sender address, Sender name** — your email and the name from which the emails will be sent. * **Authentication type** — OAuth2. * **SMTP login** — your email. * **OAuth2 Provider** — Google/Gmail. * **Application ID (Client ID), Secret key (Client Secret)** — the data saved from Google Cloud (step 12 from the previous section of this guide). Leave all other settings at their default values. A more detailed description can be found in the main article about mail parameters ([link](https://docs.mikopbx.com/mikopbx/english/manual/system/mail-settings-1)). After that, click "**Save**"!

3. Click the blue "**Connect via OAuth2**" button. Then select your Gmail account.

4. Confirm the sign-in: click "**Continue**".

5. Confirm granting the required permissions (click "**Allow**").

Upon successful authorization, you will see the following window.

#### Troubleshooting Access blocked: Authorization Error (\*\*Error 400: invalid\_request)

Solution: enter the station's URL address in the MikoPBX web interface: "**Network and Firewall**" -> "**Network Interfaces**". Go to the "Network Topology" section and enter the hostname in the "**External hostname of your router**" field. (Enable "**This station is located behind a NAT router**".)