Hey guys,
I’m starting to create a Google Meet transcription system, but I’m stuck on the credential part, how can I create the Google Drive credential without giving access to my N8N server?
I even thought about creating a webhook, to see if I could do something to receive the credential, but without success.
Hello htnrodrigues
I hope you are well!
I have some suggestions on what can be done, however, here is the documentation if you want to go deeper. After the documentation, I will leave my suggestion.
The solution to connect N8N to Google Drive (and other Google services) without exposing your server is to use Service Account Credentials.
Service Accounts are special Google Cloud identities designed for server-to-server or application-to-application interactions, where no end user is directly involved in the authentication flow. They use a JSON key file for authentication, eliminating the need for browser redirection.
Access the Google Cloud Console:
Go to
Select the Google Cloud project you want to use (or create a new one).
Enable the Google Drive API;
In the navigation menu, go to “APIs & Services” > “Library”.
Search for “Google Drive API” and click “Enable”.
Create a Service Account.
Still under “APIs & Services”, go to “Credentials”.
Click “+ CREATE CREDENTIALS” and select “Service account”.
Give the service account a name (e.g. n8n-drive-transcriber) and an optional description.
Click “CREATE AND CONTINUE”.
Skip the step of granting access to the project (usually not necessary for this use case) and click “CONTINUE”.
Skip the step of granting access to users and click “DONE”.
Generate a JSON Key for the Service Account
In the list of credentials, find the service account you just created.
Click on the email address of the service account.
Go to the “KEYS” tab.
Click “ADD KEY” > “Create new key”.
Select JSON as the key type and click “CREATE”.
A .json file will automatically download to your computer. Save it in a safe place.
Share the Google Drive Folder with the Service Account
Go to Google Drive in your browser.
Create a specific folder where the Google Meet files will be saved (or use an existing one).
Right-click on the folder, select “Share”.
In the “Add people and groups” field, paste the email address of the service account you created (you can find it on the service account details page in the Google Cloud Console, it usually ends with @.iam.gserviceaccount.com).
Grant the necessary permissions to the service account (at least “Viewer” to read files, or “Editor” if N8N needs to modify or organize the files).
Click “Send” or “Share”.
Set up the Credential in N8N.
On your N8N, go to “Credentials”.
Click “Add credential”.
Find and select the “Google Service Account” type.
Give the credential a name (e.g. Google Drive Service Account - Transcriber).
In the “Service Account Key” field, open the .json file you downloaded, copy the entire contents of the file and paste it into this field.
In the “Scopes” field, add the necessary scopes to access Google Drive. To read files, you usually need:
https://www.googleapis.com/auth/drive.readonly
If you need full access (read, write, modify), use:
https://www.googleapis.com/auth/drive
I hope this helps in some way
Hey @interss,
How will the system be used by the service account? Because the drive will not be in the same organization.
Using Google Drive’s standard sharing system, you can share a folder directly to the Service Account’s email address.
When the folder owner (in a different organization or personal account) clicks “Share” and enters their Service Account email, they are granting that specific identity direct access to that specific folder (or file). The Service Account does not need to “belong” to the same organization to receive this shared access.
When N8N uses the Service Account’s credential (with the JSON key), it authenticates to Google as that Service Account. Once authenticated, it can access all resources (folders, files) that have been explicitly shared to that Service Account’s email, regardless of where those resources reside.
The Service Account (created in your Google Cloud project) acts as an independent entity.
The owner of the folder in Google Drive (even in another organization) must share the folder directly with the Service Account email address, granting the necessary permissions (Viewer, Editor, etc.).
N8N, using the JSON key, acts on behalf of the Service Account and accesses the shared folder.
You may encounter this obstacle below.
The only caveat is if the organization that owns the Google Drive folder has very strict security policies that explicitly prohibit sharing files/folders with anyone outside the organization. In this case, the Google Workspace administrator of that organization would need to adjust the sharing policies to allow sharing with the iam.gserviceaccount.com domain or specifically with your Service Account email. Personal Gmail accounts generally do not have these restrictions.
So as long as the folder is shared correctly with the Service Account email, the system should work as expected.
Did this help you?
Hello, could you kindly mark my previous post as the solution (blue box with check mark) so that this ongoing discussion does not distract others who want to find out the answer to the original question? Thanks.
This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.