Skip to main content

Get Support
Have a question? Let's get you an answer!

How Do I...? Troubleshooting Code & Webhooks Developer Zone

Other Help Resources
Wait, there's more! Check out these Community sourced spaces for additional resources.

Zapier Help Center Hire an Expert

Learning Resources
All of our best learning resources can be found here.

Featured Articles Show & Tell Zapier's products AI Hub Zapier Tools Hub

Share your knowledge
Give back to the Community by sharing your automation wins and helping to answer questions.

Share your success See unanswered questions User Groups

Other Learning Resources
Some of our favorite additional ways to upskill your Zapier knowledge.

Zapier Learn Zapier Blog Zapier Webinars

Product Updates
Check out what is new and upcoming with Zapier with our regular product updates.

Product Updates

Early Access Program
Want to join Early Access? Learn more here.

I am currently developing an app that integrates Google OAuth with restricted scopes, such as Gmail Compose. Currently I am handling OAuth process in my app, however I ran into an issue that I am required to undergo security assessment when verifying Google App. I am exploring the option of using Zapier to handle these Google actions on behalf of my users to simplify the OAuth process. 

I imagine that the flow would look something like this:

  1. User connects his Google account via Zapier provided Google OAuth screen;
  2. User invokes “Create draft” or some other action in my system and calls Zapier webhook with some required data;
  3. Zapier creates a Gmail draft for that specific users.

So my question is - is it possible to fully rely on Zapier's native Google integrations to handle OAuth and Google API actions for all my users without requiring my app to undergo Google's OAuth verification and third-party security assessment or would this assessment be required regardless when working with restricted scopes?

 

Hello,

I am Patricia, from the Zapier team. Thank you for getting in touch! I’ll be glad to look into your request today.

 

From what I understand, you're building an app that uses restricted Google OAuth scopes like Gmail Compose, and you're exploring whether Zapier’s native Google integrations could help simplify that flow—especially to avoid undergoing Google’s OAuth verification and security assessment.

 

For building integrations and handling OAuth within Zapier, I’d recommend starting with our documentation here: https://docs.zapier.com/platform/build/oauth

 

That said, since this involves deeper technical guidance around authentication and platform architecture, the best next step would be to reach out directly to our Developer Platform team using this contact form:
https://developer.zapier.com/contact

 

They’ll be best equipped to confirm what’s possible with our native integrations and whether using Zapier as an intermediary still requires your app to undergo Google's verification.

 

Let me know if there's anything else I can assist with in the meantime!

 

Kind Regards

 

Terms & Conditions