Sample code for 30+ languages & platforms
Visual FoxPro

Get Google API Access Token using JSON Private Key

See more Google APIs Examples

Demonstrates how to get a Google API access token using a JSON service account private key.

Chilkat Visual FoxPro Downloads

Visual FoxPro
LOCAL lnSuccess
LOCAL loFac
LOCAL lcJsonKey
LOCAL loGAuth
LOCAL loTlsSock
LOCAL lcAccessToken
LOCAL loMailman
LOCAL loEmail

lnSuccess = 0

* This example requires the Chilkat API to have been previously unlocked.
* See Global Unlock Sample for sample code.

* --------------------------------------------------------------------------------
* For a step-by-step guide for setting up your Google Workspace service account,
* see Setup Google Workspace Account for Sending SMTP GMail from a Service Account
* --------------------------------------------------------------------------------

* First load the JSON key into a string.
loFac = CreateObject('Chilkat.FileAccess')
lcJsonKey = loFac.ReadEntireTextFile("qa_data/googleApi/chilkat25-b4214220e565.json","utf-8")
IF (loFac.LastMethodSuccess <> 1) THEN
    ? loFac.LastErrorText
    RELEASE loFac
    CANCEL
ENDIF

* A Google service account JSON private key looks like this:

* {
*   "type": "service_account",
*   "project_id": "chilkat25",
*   "private_key_id": "b4214220f565881e19eeb97c2699bf5a0d1e3e0b",
*   "private_key": "-----BEGIN PRIVATE KEY-----\nMIIEvQ...NXcM=\n-----END PRIVATE KEY-----\n",
*   "client_email": "chilkatsvc@chilkat25.iam.gserviceaccount.com",
*   "client_id": "109122032928932715958",
*   "auth_uri": "https://accounts.google.com/o/oauth2/auth",
*   "token_uri": "https://oauth2.googleapis.com/token",
*   "auth_provider_x509_cert_url": "https://www.googleapis.com/oauth2/v1/certs",
*   "client_x509_cert_url": "https://www.googleapis.com/robot/v1/metadata/x509/chilkatsvc%40chilkat25.iam.gserviceaccount.com",
*   "universe_domain": "googleapis.com"
* }

loGAuth = CreateObject('Chilkat.AuthGoogle')
loGAuth.JsonKey = lcJsonKey

* Specify a scope.
loGAuth.Scope = "https://mail.google.com/"

* Request an access token that is valid for this many seconds.
loGAuth.ExpireNumSeconds = 3600

* When using a Google Workspace account with Gmail APIs, a service account can impersonate a user 
* via a process called domain-wide delegation — and the "sub" claim in the JWT is what enables this.
* Domain-wide delegation allows a Google Workspace administrator to authorize a service account to 
* act on behalf of any user in the domain, without user interaction.

* This is required for server-to-server access to user data — such as reading/sending Gmail from a background service.
* This is your company email address.
loGAuth.SubEmailAddress = "info@chilkat.xyz"

* Connect to www.googleapis.com using TLS
loTlsSock = CreateObject('Chilkat.Socket')
lnSuccess = loTlsSock.Connect("www.googleapis.com",443,1,5000)
IF (lnSuccess <> 1) THEN
    ? loTlsSock.LastErrorText
    RELEASE loFac
    RELEASE loGAuth
    RELEASE loTlsSock
    CANCEL
ENDIF

* Send the request to obtain the access token.
lnSuccess = loGAuth.ObtainAccessToken(loTlsSock)
IF (lnSuccess <> 1) THEN
    ? loGAuth.LastErrorText
    RELEASE loFac
    RELEASE loGAuth
    RELEASE loTlsSock
    CANCEL
ENDIF

* Examine the access token:
lcAccessToken = loGAuth.AccessToken
? "Access Token: " + lcAccessToken

* Sample output:
* ya29.a0AW4XtxjGTD67Z8 .... IRw0218

* The access token allows us to send unlimited emails while it's valid. Once it expires, we must obtain and use a new one.

* -----------------------------------------------------------------------
loMailman = CreateObject('Chilkat.MailMan')

* Set the properties for the GMail SMTP server:
loMailman.SmtpHost = "smtp.gmail.com"
loMailman.SmtpPort = 587
loMailman.StartTLS = 1

loMailman.SmtpUsername = "info@chilkat.xyz"
loMailman.OAuth2AccessToken = lcAccessToken

* Create a new email object
loEmail = CreateObject('Chilkat.Email')

loEmail.Subject = "This is a test"
loEmail.Body = "This is a test"
loEmail.From = "Chilkat Test <info@chilkat.xyz>"
lnSuccess = loEmail.AddTo("Chilkat Software","info@chilkatsoft.com")
* To add more recipients, call AddTo, AddCC, or AddBcc once per recipient.

lnSuccess = loMailman.SendEmail(loEmail)
IF (lnSuccess <> 1) THEN
    ? loMailman.LastErrorText
    RELEASE loFac
    RELEASE loGAuth
    RELEASE loTlsSock
    RELEASE loMailman
    RELEASE loEmail
    CANCEL
ENDIF

lnSuccess = loMailman.CloseSmtpConnection()
IF (lnSuccess <> 1) THEN
    ? "Connection to SMTP server not closed cleanly."
ENDIF

? "Successfully sent email using Gmail with a service account key."

RELEASE loFac
RELEASE loGAuth
RELEASE loTlsSock
RELEASE loMailman
RELEASE loEmail