To be clear:
Code:
import base64
from google.oauth2 import service_account
from email.message import EmailMessage
from googleapiclient.discovery import build
creds = service_account.Credentials.from_service_account_file(
filename = 'client_secret.json',
scopes = ['https://mail.google.com/'],
)
service = build('gmail', 'v1', credentials=creds)
mime_message = EmailMessage()
mime_message['To'] = '[email protected]'
mime_message['From'] = '[email protected]'
mime_message['Subject'] = 'Test Subject'
mime_message.set_content('Test Message')
encoded_message = base64.urlsafe_b64encode(mime_message.as_bytes()).decode()
create_draft_request_body = {
'message': {'raw': encoded_message}
}
draft = service.users().drafts().create(userId="myuserid",body=create_draft_request_body).execute()
Error:
shell <HttpError 400 when requesting https://gmail.googleapis.com/gmail/v1/users/myclientid/drafts?alt=json returned "Precondition check failed.". Details: "[{'message': 'Precondition check failed.', 'domain': 'global', 'reason': 'failedPrecondition'}]">
failedPrecondition means that one of the conditions of using a service account with the gmail api has not been meet.
In order to use a service account with the Gmail api. You must configure domain wide delegation to a user on your google workspace account.
Service accounts by themselves do not have access to send emails. To be 100% clear: What you want to do is not possible. You must configure the subject in the authorization configuration to be that of a user on your workspace domain. [email protected]
does not have access to send an email.
def _create_client(subject):
credentials = service_account.Credentials
credentials = credentials.from_service_account_file('credentials/service_account.json',
scopes=['https://www.googleapis.com/auth/gmail.settings.sharing',
'https://www.googleapis.com/auth/gmail.settings.basic'],
subject=subject)
service = discovery.build('gmail', 'v1', credentials=credentials)
return service
What I normally recommend for my clients is to create a dummy [email protected]
user and send the emails from that.