Skip to main content
All endpoints require authentication. See Authentication.

Start OAuth flow

GET /api/email/oauth/authorize
Redirects the user to Google’s OAuth consent screen. After authorization, Google redirects back to the callback URL.

OAuth callback

GET /api/email/oauth/callback
Handles the OAuth redirect from Google, exchanges the authorization code for tokens, and stores them securely.

Get OAuth tokens

GET /api/email/oauth/tokens
Returns the stored OAuth token metadata for the team (not the raw tokens). Used by the service in remote mode to fetch emails.

Revoke OAuth access

POST /api/email/oauth/revoke
Revokes the Gmail OAuth tokens and removes the stored credentials.

Gmail webhook

POST /api/email/webhook
Receives push notifications from Google Cloud Pub/Sub when new emails arrive. This endpoint is called by Google, not by users directly. The webhook:
  1. Validates the Pub/Sub message
  2. Queues an event in the event_queue table
  3. The service picks up the event via the SSE stream at GET /api/events/stream