Gmail OAuth errors
The most common issues when connecting Gmail, and what actually causes each one.
"accessNotConfigured" / "SERVICE_DISABLED"
Cause: the connection itself succeeded, but the Gmail API isn't enabled on your Google Cloud project.
Fix: in Google Cloud Console, go to APIs & Services → Library, search Gmail API, and click Enable. This is the single most common thing missed during Gmail setup — the OAuth app can be fully configured and still fail here if this one step is skipped.
"error=access_denied" on the callback
Cause: you (or the Google account you signed in with) declined the consent screen, or that account wasn't added as a test user while the app is in Testing mode.
Fix: retry and accept every permission on the consent screen. If it's rejected before you even see a consent screen, confirm the Gmail address you're connecting is listed under OAuth consent screen → Test users.
"redirect_uri_mismatch"
Cause: the redirect URI Google receives doesn't exactly match what's registered on the OAuth client.
Fix: in Google Cloud Console, confirm Authorized redirect URIs contains exactly https://your-domain.com/oauth/google/callback — matching scheme, domain, and path precisely, no trailing slash.
"Google hasn't verified this app"
Cause: this is expected, not an error. A Testing-mode OAuth app always shows this warning to its test users.
Fix: nothing needs fixing — click Advanced → Go to [app name] (unsafe) to proceed. See BYOC, explained for why staying in Testing mode is the intended setup, not a workaround.