Google Services for OpenClaw

Gmail, Calendar & Drive Integration Guide

20-30 min Beginner Google Account Required

What You'll Get

Gmail API access (read/send emails)
Google Calendar API (read/create events)
Google Drive API (read/upload files)
OAuth2 credentials for secure authentication

Note: This guide covers Google Cloud setup. OpenClaw integration varies by configuration — check your OpenClaw docs for specific config format.

Step 1: Create Google Cloud Project

Go to Google Cloud Console
Click Select a project → New Project
Enter project name: OpenClaw Integration
Click Create
Select your new project from the dropdown

# Direct link to create project
https://console.cloud.google.com/projectcreate

Step 2: Enable Required APIs

Navigate to APIs & Services → Library and enable each:

📧

Gmail API

Read, send, and manage emails

https://console.cloud.google.com/apis/library/gmail.googleapis.com

📅

Google Calendar API

Read and manage calendar events

https://console.cloud.google.com/apis/library/calendar-json.googleapis.com

📁

Google Drive API

Read and manage Drive files

https://console.cloud.google.com/apis/library/drive.googleapis.com

Step 3: Configure OAuth Consent Screen

Go to APIs & Services → OAuth consent screen

3.1 Choose User Type

Internal

Best for G Suite/Workspace accounts. Only visible to your organization.

External

For personal Gmail accounts. Requires verification if publishing publicly.

3.2 Fill Required Fields

App name: OpenClaw User support email: [email protected] Developer contact: [email protected]

3.3 Add OAuth Scopes

Click Add or Remove Scopes and add these:

https://www.googleapis.com/auth/gmail.readonly
https://www.googleapis.com/auth/gmail.send
https://www.googleapis.com/auth/gmail.modify
https://www.googleapis.com/auth/calendar.readonly
https://www.googleapis.com/auth/calendar.events
https://www.googleapis.com/auth/drive.readonly
https://www.googleapis.com/auth/drive.file

Use .readonly scopes if you only need read access.

Step 4: Create OAuth Credentials

Go to APIs & Services → Credentials

4.1 Create OAuth Client ID

Click Create Credentials → OAuth client ID
Application type: Desktop app (for local OpenClaw)
Name: OpenClaw Desktop
Click Create

4.2 Download Credentials

Click the download icon (⬇️) next to your OAuth client
Save as credentials.json
Store securely — this file contains your client secret!

# Store in OpenClaw config directory
mkdir -p ~/.openclaw
mv ~/Downloads/client_secret_*.json ~/.openclaw/google_credentials.json
chmod 600 ~/.openclaw/google_credentials.json

Security: Never commit credentials.json to git! Add to .gitignore.

Step 5: Test OAuth Flow

Before integrating with OpenClaw, test that your credentials work:

5.1 Install Google Client Library

pip install google-auth-oauthlib google-api-python-client

5.2 Test Authentication

Create a test script:

#!/usr/bin/env python3
"""Test Google OAuth authentication."""
from google_auth_oauthlib.flow import InstalledAppFlow
from google.auth.transport.requests import Request
import pickle, os

SCOPES = [
    'https://www.googleapis.com/auth/gmail.readonly',
    'https://www.googleapis.com/auth/calendar.readonly',
    'https://www.googleapis.com/auth/drive.readonly'
]

def main():
    creds = None
    token_path = os.path.expanduser('~/.openclaw/google_token.pkl')
    creds_path = os.path.expanduser('~/.openclaw/google_credentials.json')
    
    if os.path.exists(token_path):
        with open(token_path, 'rb') as f:
            creds = pickle.load(f)
    
    if not creds or not creds.valid:
        if creds and creds.expired and creds.refresh_token:
            creds.refresh(Request())
        else:
            flow = InstalledAppFlow.from_client_secrets_file(creds_path, SCOPES)
            creds = flow.run_local_server(port=0)
        with open(token_path, 'wb') as f:
            pickle.dump(creds, f)
        print(f"✅ Token saved to {token_path}")
    
    print(f"✅ Credentials valid: {creds.valid}")
    print(f"✅ Expires: {creds.expiry}")

if __name__ == '__main__':
    main()

5.3 Run Test

python3 test_google_auth.py

This opens a browser for you to authorize access. After approval, a token is saved for future use.

Step 6: Integrate with OpenClaw

Configuration varies by setup. Check your OpenClaw documentation for the exact config format.

6.1 Store Credentials Path

In your OpenClaw environment or config:

export GOOGLE_CREDENTIALS=~/.openclaw/google_credentials.json
export GOOGLE_TOKEN=~/.openclaw/google_token.pkl

6.2 Create a Skill

File: ~/.openclaw/workspace/skills/google-tools/SKILL.md

---
name: google-tools
description: Gmail, Calendar, and Drive integration for OpenClaw
---

# Google Tools Skill

## Setup
1. Place credentials at ~/.openclaw/google_credentials.json
2. First run will open browser for OAuth
3. Token cached at ~/.openclaw/google_token.pkl

## Scripts
- check_email.py - List recent emails
- send_email.py - Send email via Gmail
- calendar.py - List/create events
- drive.py - List/upload files

## Usage
Say "check my email" or "what's on my calendar today"

6.3 Example Email Check Script

#!/usr/bin/env python3
"""Check Gmail for recent emails."""
from googleapiclient.discovery import build
from google.auth.transport.requests import Request
from google_auth_oauthlib.flow import InstalledAppFlow
import pickle, os

SCOPES = ['https://www.googleapis.com/auth/gmail.readonly']

def get_service():
    creds_path = os.path.expanduser('~/.openclaw/google_credentials.json')
    token_path = os.path.expanduser('~/.openclaw/google_token.pkl')
    
    creds = None
    if os.path.exists(token_path):
        with open(token_path, 'rb') as f:
            creds = pickle.load(f)
    
    if not creds or not creds.valid:
        if creds and creds.expired and creds.refresh_token:
            creds.refresh(Request())
        else:
            flow = InstalledAppFlow.from_client_secrets_file(creds_path, SCOPES)
            creds = flow.run_local_server(port=0)
        with open(token_path, 'wb') as f:
            pickle.dump(creds, f)
    
    return build('gmail', 'v1', credentials=creds)

def get_recent_emails(max_results=10):
    service = get_service()
    results = service.users().messages().list(
        userId='me', maxResults=max_results, labelIds=['INBOX']
    ).execute()
    
    for msg in results.get('messages', []):
        details = service.users().messages().get(
            userId='me', id=msg['id'], format='metadata',
            metadataHeaders=['From', 'Subject', 'Date']
        ).execute()
        headers = {h['name']: h['value'] for h in details['payload']['headers']}
        print(f"From: {headers.get('From')}")
        print(f"Subject: {headers.get('Subject')}")
        print("---")

if __name__ == '__main__':
    get_recent_emails()

Step 7: Verify Setup

Google Cloud project created

APIs enabled: Gmail, Calendar, Drive

OAuth consent screen configured

Credentials downloaded

Test script authenticates successfully

Token file created

Troubleshooting

"Access blocked: This app's request is invalid"

Add http://localhost to Authorized redirect URIs in Credentials settings.

"This app isn't verified"

For development, click Advanced → Go to app (unsafe). For production, submit for verification.

"Token has been expired or revoked"

Delete ~/.openclaw/google_token.pkl and re-authenticate.

Quota exceeded

Check quotas in Google Cloud Console → APIs & Services → Dashboard.

Video Tutorial

Watch the complete walkthrough on YouTube:

Watch on YouTube