Sample code for 30+ languages & platforms
Swift

OAuth2 for a GMail using a JSON Service Account Key

See more GMail SMTP/IMAP/POP Examples

This example shows how to obtain an OAuth2 access token for Gmail using a Google Service Account and a JSON private key. Once acquired, the access token can be used to send emails. Remember, upon token expiration, this process needs to be repeated to obtain a new token. Note: This procedure is specific to OAuth2 with Google Service Account keys.

Chilkat Swift Downloads

Swift

func chilkatTest() {
    var success: Bool = false

    // This example requires the Chilkat API to have been previously unlocked.
    // See Global Unlock Sample for sample code.

    // --------------------------------------------------------------------------------
    // For a step-by-step guide for setting up your Google Workspace service account,
    // see Setup Google Workspace Account for Sending SMTP GMail from a Service Account
    // --------------------------------------------------------------------------------

    // First load the JSON key into a string.
    let fac = CkoFileAccess()!
    var jsonKey: String? = fac.readEntireTextFile(path: "qa_data/googleApi/chilkat25-b4214220e565.json", charset: "utf-8")
    if fac.lastMethodSuccess != true {
        print("\(fac.lastErrorText!)")
        return
    }

    // A Google service account JSON private key looks like this:

    // {
    //   "type": "service_account",
    //   "project_id": "chilkat25",
    //   "private_key_id": "b4214220f565881e19eeb97c2699bf5a0d1e3e0b",
    //   "private_key": "-----BEGIN PRIVATE KEY-----\nMIIEvQ...NXcM=\n-----END PRIVATE KEY-----\n",
    //   "client_email": "chilkatsvc@chilkat25.iam.gserviceaccount.com",
    //   "client_id": "109122032928932715958",
    //   "auth_uri": "https://accounts.google.com/o/oauth2/auth",
    //   "token_uri": "https://oauth2.googleapis.com/token",
    //   "auth_provider_x509_cert_url": "https://www.googleapis.com/oauth2/v1/certs",
    //   "client_x509_cert_url": "https://www.googleapis.com/robot/v1/metadata/x509/chilkatsvc%40chilkat25.iam.gserviceaccount.com",
    //   "universe_domain": "googleapis.com"
    // }

    let gAuth = CkoAuthGoogle()!
    gAuth.jsonKey = jsonKey

    // Specify a scope.
    gAuth.scope = "https://mail.google.com/"

    // Request an access token that is valid for this many seconds.
    gAuth.expireNumSeconds = 3600

    // When using a Google Workspace account with Gmail APIs, a service account can impersonate a user 
    // via a process called domain-wide delegation � and the "sub" claim in the JWT is what enables this.
    // Domain-wide delegation allows a Google Workspace administrator to authorize a service account to 
    // act on behalf of any user in the domain, without user interaction.

    // This is required for server-to-server access to user data � such as reading/sending Gmail from a background service.
    // This is your company email address.
    gAuth.subEmailAddress = "info@chilkat.xyz"

    // Connect to www.googleapis.com using TLS
    let tlsSock = CkoSocket()!
    success = tlsSock.connect(hostname: "www.googleapis.com", port: 443, ssl: true, maxWaitMs: 5000)
    if success != true {
        print("\(tlsSock.lastErrorText!)")
        return
    }

    // Send the request to obtain the access token.
    success = gAuth.obtainAccessToken(connection: tlsSock)
    if success != true {
        print("\(gAuth.lastErrorText!)")
        return
    }

    // Examine the access token:
    var accessToken: String? = gAuth.accessToken
    print("Access Token: \(accessToken!)")

    // Sample output:
    // ya29.a0AW4XtxjGTD67Z8 .... IRw0218

    // The access token allows us to send unlimited emails while it's valid. Once it expires, we must obtain and use a new one.

    // -----------------------------------------------------------------------
    let mailman = CkoMailMan()!

    // Set the properties for the GMail SMTP server:
    mailman.smtpHost = "smtp.gmail.com"
    mailman.smtpPort = 587
    mailman.startTLS = true

    mailman.smtpUsername = "info@chilkat.xyz"
    mailman.oAuth2AccessToken = accessToken

    // Create a new email object
    let email = CkoEmail()!

    email.subject = "This is a test"
    email.body = "This is a test"
    email.from = "Chilkat Test <info@chilkat.xyz>"
    success = email.add(to: "Chilkat Software", emailAddress: "info@chilkatsoft.com")
    // To add more recipients, call AddTo, AddCC, or AddBcc once per recipient.

    success = mailman.sendEmail(email: email)
    if success != true {
        print("\(mailman.lastErrorText!)")
        return
    }

    success = mailman.closeSmtpConnection()
    if success != true {
        print("Connection to SMTP server not closed cleanly.")
    }

    print("Successfully sent email using Gmail with a service account key.")

}