Google Service Account - Precondition check failed

Questions
, ,
1

Describe the problem/error/question

Goal: I want to read gmail data from (all) accounts in my Google workspace project (domain-wide delegation).

I created the Google service account according to the n8n instructions wiki page. I tested it local with the following code:

from google.oauth2 import service_account
from googleapiclient.discovery import build

SERVICE_ACCOUNT_FILE = "/path/to/service_account.json"
USER_EMAIL = "[email protected]"
SCOPES = ['https://www.googleapis.com/auth/gmail.readonly']
credentials = service_account.Credentials.from_service_account_file(
    SERVICE_ACCOUNT_FILE, scopes=SCOPES, subject=USER_EMAIL
)
service = build('gmail', 'v1', credentials=credentials)

# Get messages
query = "from:[email protected] newer_than:1d"
results = service.users().messages().list(userId='me', q=query).execute()
messages = results.get('messages', [])

if not messages:
    print("No message found")
else:
    print(f"{len(messages)} message found")
    # Some more code to get the data of message here

This is working well. Now I want to add this in my n8n workflow. So I added my service account under Credentials → New → “Google Service Account API” → Filled region, email, private key.

By clicking on save it is successfull. Adding the HTTP Request node parameters like https://www.googleapis.com/auth/gmail.readonly it is successfull. Set “Impersonate a User” and add there my USER_EMAIL → Error 401 - {"error":"unauthorized_client","error_description":"Client is unauthorized to retrieve access tokens using this method, or client not authorized for any of the scopes requested."}.

But okay, I save it without the “Impersonate a User” option.

When I create now the Gmail node (Ressource “Message”, Get Many), I can choose my credential. Test step shows then { "error": { "code": 400, "message": "Precondition check failed.", "errors": [ { "message": "Precondition check failed.", "domain": "global", "reason": "failedPrecondition" } ], "status": "FAILED_PRECONDITION" } }.

Why is it working in my local python env, but not in n8n? Thanks!

Please share your workflow

Information on your n8n setup

  • n8n version: 1.75.2
  • Database (default: SQLite): SQLite
  • n8n EXECUTIONS_PROCESS setting (default: own, main): main
  • Running n8n via (Docker, npm, n8n cloud, desktop app): Docker
  • Operating system: Linux
2

I did not found a solution, but I found a solution with JWT token. This is working now, but I would wish if I can use the regular way with direct credentials. I hope someone can help :slight_smile: