NodeMailer - G-Suite - Service Account - Send as Group Email

3
votes

Problem:

I'd like to send emails from a group email via Gmail and a service account. However, when trying to send via [email protected] instead of [email protected] I get:

Error: unauthorized_client
    at /Users/fabianbosler/Projects/fb/fb-flow-app/server/node_modules/nodemailer/lib/xoauth2/index.js:264:33
    at PassThrough.<anonymous> (/Users/fabianbosler/Projects/fb/fb-flow-app/server/node_modules/nodemailer/lib/xoauth2/index.js:333:20)
    at Object.onceWrapper (events.js:421:28)
    at PassThrough.emit (events.js:315:20)
    at PassThrough.EventEmitter.emit (domain.js:547:15)
    at endReadableNT (_stream_readable.js:1201:12)
    at processTicksAndRejections (internal/process/task_queues.js:84:21) {
  code: 'EAUTH',
  command: 'AUTH XOAUTH2'
}

Setup:

I have the following setup:

  1. G-Suite (Basic) Account with one User ([email protected])
  2. Enabled Gmail API in Google Cloud Console and Domain Wide Delegation (-> Service Account)
  3. Granted relevant permissions to the Service Account from step 2
  4. Group ([email protected]) of which [email protected] is the manager

This setup works to send emails as [email protected] (from step1) via the service account:

const conf = require('../config/config');

import nodemailer from 'nodemailer';
import { to } from 'await-to-js';

const SENDER = '[email protected]'
const SENDER_NAME = 'User'

const transporter = nodemailer.createTransport({
    host: 'smtp.gmail.com',
    port: 465,
    secure: true,
    auth: {
        type: 'OAuth2',
        user: SENDER,
        serviceClient: conf.GMAIL_CLIENT_ID,
        privateKey: conf.GMAIL_CLIENT_PRIVATE_KEY,
    },
});

transporter.on('token', (token) => {
    console.log('A new access token was generated');
    console.log('User: %s', token.user);
    console.log('Access Token: %s', token.accessToken);
    console.log('Expires: %s', new Date(token.expires));
});

export default async (sendTo, content) => {
    return new Promise(async (resolve, reject) => {
        let err, verify, result;

        const contacts = {
            from: {
                name: HUMAN_READABLE_NAME,
                address: SENDER,
            },
            to: sendTo,
        };

        const email = Object.assign({}, content, contacts);

        [err, verify] = await to(transporter.verify());
        if (err) {
            console.log(err);
            return reject(`verification failed:  ${err}`);
        }

        [err, result] = await to(transporter.sendMail(email));
        if (err) {
            console.log(`sending failed:  ${err}`);
            return reject(err);
        }

        return resolve(result);
    });
};
1
node.jsgmailnodemailergoogle-workspaceservice-accounts
I am having a similar issue, getting "530-5.7.0 Authentication Required". Did you solve this issue? TIA - Thushar G R

1 Answers

0
votes

Check the answer in this post: send a group email address with Nodemailer with G Suite OAuth2

I guess you didn't set up the send as in the mail.