Google Workspace MCP Server
@taylorwilsdon
Control Gmail, Google Calendar, Docs, Sheets, Slides, Chat, Forms, Tasks, Search & Drive with AI - Comprehensive Google Workspace / G Suite MCP Server & CLI Tool
Full natural language control over Google Calendar, Drive, Gmail, Docs, Sheets, Slides, Forms, Tasks, Contacts, and Chat through all MCP clients, AI assistants and developer tools.
Includes a full featured CLI & Code Mode for use with tools like Claude Code and Codex!
The most feature-complete Google Workspace MCP server, it can do things that Google's own tooling and the built in integrations with Claude and ChatGPT can't even dream of. With Remote OAuth2.1 multi-user support, fine-grained editing tools and the most extensive coverage of any Google Workspace tool in existance, Workspace MCP is in a different class. Offering native OAuth 2.1, stateless mode and external auth server support, it's also the only Workspace MCP you can host for your whole organization centrally & securely!
Support for all free Google accounts & Google Workspace plans (Starter, Standard, Plus, Enterprise, Non Profit) with expanded app options like Chat & Spaces.
Interested in a private, managed cloud instance? That can be arranged.
|
⚡ Start Quick Start · Prerequisites Google Cloud · Credentials |
🧰 Tools All Tools · Tool Tiers CLI · Start Server |
🔌 Connect Quick Start · Claude Desktop Claude Code · VS Code · LM Studio |
🚀 Deploy OAuth 2.1 · Stateless External OAuth · Reverse Proxy |
📐 Develop Architecture · Dev Setup Security · License |
See it in action:
Overview
Workspace MCP is the single most complete MCP server, the only that integrates all major Google Workspace services with AI assistants and all agent platforms. The entire toolset is available for CLI usage supporting both local and remote instances.
Features
12 services — Gmail · Drive · Calendar · Docs · Sheets · Slides · Forms · Chat · Apps Script · Tasks · Contacts · Search
|
📧 Gmail — Complete email management, end-to-end coverage |
⚡ Apps Script — Cross-application workflow automation ✅ Tasks — Task & list management with hierarchy 🔐 Authentication & Security |
Security & Compliance
|
For Security Teams This server sends no data anywhere except Google's APIs, on behalf of the authenticated user, using your own OAuth client credentials. There is no telemetry, no usage reporting, no analytics, no license server, and no SaaS dependency. The entire data path is: your infrastructure → Google APIs.
Full dependency tree in |
For Legal & Procurement This project is MIT licensed — not "open core," not "source available," not "free with a CLA." There is no dual licensing, no commercial tier gating features, and no contributor license agreement.
The license is 21 lines and says what it means. |
Quick Start
Set credentials → pick a launch command → connect your client
💡 New to Workspace MCP? Check out the Interactive Quick Start Guide → with step-by-step setup, screenshots, and troubleshooting tips!
|
Confidential Client Quick Start
|
Secretless / Public OAuth 2.1 (PKCE) Quick Start
|
Credential setup → · All launch options → · Tier details →
Environment Variable Reference
| Variable | Purpose | |
|---|---|---|
| 🔐 Authentication | ||
GOOGLE_OAUTH_CLIENT_ID | required | OAuth client ID from Google Cloud |
GOOGLE_OAUTH_CLIENT_SECRET | OAuth client secret for confidential clients; optional for public OAuth 2.1 PKCE clients | |
OAUTHLIB_INSECURE_TRANSPORT | required* | Set to 1 for development — allows http:// redirect |
USER_GOOGLE_EMAIL | Default email for single-user auth | |
GOOGLE_CLIENT_SECRET_PATH | Custom path to client_secret.json | |
GOOGLE_MCP_CREDENTIALS_DIR | Credential directory — default ~/.google_workspace_mcp/credentials | |
| 🖥️ Server | ||
WORKSPACE_MCP_BASE_URI | Base server URI (no port) — default http://localhost | |
WORKSPACE_MCP_PORT | Listening port — default 8000. Also controls the stdio-mode OAuth callback port. The PORT env var takes precedence if set. | |
WORKSPACE_MCP_HOST | Bind host — default 0.0.0.0 for OAuth 2.1 HTTP, 127.0.0.1 for legacy streamable HTTP. | |
WORKSPACE_MCP_TRANSPORT | stdio or streamable-http; used when --transport is not passed | |
WORKSPACE_MCP_HTTP_PORT | Advanced legacy-stdio sidecar /mcp port for local workspace-cli access. Disabled when empty. Binds to 127.0.0.1 only and is accessible to local processes. | |
WORKSPACE_EXTERNAL_URL | External URL for reverse proxy setups | |
WORKSPACE_MCP_BRAND_NAME | OAuth 2.1 consent-page server name — default FastMCP's name | |
WORKSPACE_MCP_BRAND_ICON_URL | OAuth 2.1 consent-page logo (hosted URL or data: URI), shown at 64px wide — default FastMCP's logo | |
WORKSPACE_MCP_BRAND_WEBSITE_URL | OAuth 2.1 consent-page website link | |
WORKSPACE_ATTACHMENT_DIR | Downloaded attachments dir and default trusted local attachment directory — default ~/.workspace-mcp/attachments/ | |
WORKSPACE_MCP_URL | Remote MCP endpoint URL for CLI | |
ALLOWED_FILE_DIRS | Colon-separated allowlist for local file reads | |
| 🧰 Tool Selection | ||
WORKSPACE_MCP_TOOLS | Comma-separated services, e.g. gmail,drive,calendar; empty means all services | |
WORKSPACE_MCP_TOOL_TIER | core, extended, or complete; empty means all tools | |
WORKSPACE_MCP_READ_ONLY | true, 1, or yes to request read-only scopes and filter write tools | |
WORKSPACE_MCP_PERMISSIONS | Space-separated service:level entries, e.g. gmail:send drive:readonly; mutually exclusive with tools and read-only | |
| 🔑 OAuth 2.1 & Multi-User | ||
MCP_ENABLE_OAUTH21 | true to enable OAuth 2.1 multi-user support. Required for remote or shared HTTP endpoints (--transport streamable-http); optional for local-only legacy HTTP, which binds to 127.0.0.1 by default. | |
EXTERNAL_OAUTH21_PROVIDER | true for external OAuth flow with bearer tokens | |
WORKSPACE_MCP_STATELESS_MODE | true for stateless container-friendly operation | |
WORKSPACE_MCP_LOG_DIR | Directory for mcp_server_debug.log — defaults to ~/.google_workspace_mcp/logs | |
GOOGLE_OAUTH_REDIRECT_URI | Override OAuth callback URL — default auto-constructed | |
OAUTH_CUSTOM_REDIRECT_URIS | Comma-separated additional redirect URIs | |
OAUTH_ALLOWED_ORIGINS | Comma-separated additional CORS origins | |
WORKSPACE_MCP_OAUTH_PROXY_STORAGE_BACKEND | memory, disk, or valkey — see storage backends | |
FASTMCP_SERVER_AUTH_GOOGLE_JWT_SIGNING_KEY | Custom encryption key for OAuth proxy storage; required for public OAuth 2.1 clients when GOOGLE_OAUTH_CLIENT_SECRET is omitted | |
WORKSPACE_MCP_ALLOWED_CLIENT_REDIRECT_URIS | Comma-separated allowlist of redirect URIs that dynamically-registered OAuth clients may use. Default is unset (any URI permitted, per DCR). Supports FastMCP's glob patterns (*, *.example.com) | |
| 🗄️ Credential Store | ||
WORKSPACE_MCP_CREDENTIAL_STORE_BACKEND | local_directory (default) or gcs — see credential store system | |
WORKSPACE_MCP_CREDENTIALS_DIR | Directory for the local_directory backend | |
GOOGLE_MCP_CREDENTIALS_DIR | Backward-compatible alias for WORKSPACE_MCP_CREDENTIALS_DIR | |
WORKSPACE_MCP_GCS_BUCKET | Required when backend is gcs — GCS bucket name | |
WORKSPACE_MCP_GCS_PREFIX | Optional object-name prefix for the gcs backend | |
WORKSPACE_MCP_GCS_REQUIRE_CMEK | true to require a bucket default KMS key at startup (fails fast if unset) | |
| 🔧 Service Account | ||
GOOGLE_SERVICE_ACCOUNT_KEY_FILE | Path to service account JSON key file (domain-wide delegation) | |
GOOGLE_SERVICE_ACCOUNT_KEY_JSON | Inline service account JSON key (alternative to file) | |
DWD_ALLOWED_DOMAINS | Comma-separated domain allowlist for per-request impersonation (optional) | |
| 🔍 Custom Search | ||
GOOGLE_PSE_API_KEY | API key for Programmable Search Engine | |
GOOGLE_PSE_ENGINE_ID | Search Engine ID for PSE |
*Required for development only. Claude Desktop stores credentials securely in the OS keychain — set them once in the extension pane.
Quick Start — Connect Claude to Google Workspace
The recommended setup is to run an instance and connect Claude to it via a Connector. Full instructions at workspacemcp.com/quick-start.
Prerequisites
Python 3.10+ · uv/uvx · Google Cloud Project with OAuth 2.0 credentials
If you want the GCS credential store backend, install the optional dependency first:
uv sync --extra gcs
# or
pip install "workspace-mcp[gcs]"
Configuration
Google Cloud Setup
-
Create Project — Open Console → → Create new project
-
Create OAuth Credentials — APIs & Services → Credentials → Create Credentials → OAuth Client ID
- Choose Desktop Application for a public PKCE client (no redirect URIs needed) or Web Application for a confidential client
- Download and note your Client ID and, if issued, Client Secret
-
Enable APIs — APIs & Services → Library, then enable each service:
Calendar Drive Gmail Docs Sheets Slides Forms Tasks Chat People Custom Search Apps Script Google Chat needs extra setup. Enabling the API is not enough — you must also configure a Chat app and use a Workspace account. See Chat setup under the tool list.
-
Set Credentials — see Environment Variable Reference above, or:
export GOOGLE_OAUTH_CLIENT_ID="your-client-id" export GOOGLE_OAUTH_CLIENT_SECRET="your-secret"For public OAuth 2.1 PKCE clients, omit
GOOGLE_OAUTH_CLIENT_SECRETand setFASTMCP_SERVER_AUTH_GOOGLE_JWT_SIGNING_KEYinstead.
Google Custom Search Setup
◆ Custom Search Configuration ← Enable web search capabilities
|
1. Create Search Engine
|
2. Get API Key
|
3. Set Variables
Configure in environment |
≡ Quick Setup Guide ← Step-by-step instructionsComplete Setup Process:
| ||
Start the Server
📌 Transport Mode Guidance: Use streamable HTTP mode (
--transport streamable-http) for all modern MCP clients including Claude Code, VS Code MCP, and MCP Inspector. For Claude Desktop, run an instance and connect via a Connector. Stdio mode is a legacy fallback. For deployments, prefer OAuth 2.1 with stateless mode (MCP_ENABLE_OAUTH21=true,WORKSPACE_MCP_STATELESS_MODE=true) unless you need local attachment or credential storage.
OAuth state safety: Legacy stdio starts a local-only OAuth callback server. In single-user mode only, it may recover a missing Google
stateparameter by consuming the most recent pending local OAuth state. This fallback is intentionally disabled outside single-user mode because it can cross session boundaries. Do not enable or emulate this behavior in streamable HTTP, hosted, or multi-user deployments; those modes must require an explicit state match.
▶ Launch Commands ← Choose your startup mode
|
▶ Legacy Mode
⚠️ Stdio mode (incomplete MCP clients only) |
◆ HTTP Mode (Recommended)
✅ Full MCP spec compliance & OAuth 2.1 |
@ Single User
Simplified authentication ⚠️ Cannot be used with OAuth 2.1 mode |
◆ Advanced Options ← Tool selection, tiers & Docker▶ Selective Tool Loading
🔒 Read-Only Mode
Read-only mode provides secure, restricted access by:
🔐 Granular Permissions
Granular permissions mode provides service-by-service scope control:
The Advanced legacy stdio sidecar
The sidecar is disabled unless ★ Tool Tiers
◆ Docker Deployment
Available Services: | ||
CLI
The workspace-cli command lists tools and calls them against a running server — with encrypted, disk-backed OAuth token caching so you only authenticate once. On first run it opens a browser for Google consent; subsequent runs reuse the cached tokens automatically.
Tokens are stored encrypted at ~/.workspace-mcp/cli-tokens/ using a Fernet key auto-generated at ~/.workspace-mcp/.cli-encryption-key.
To use workspace-cli globally, you'll want to start in this repo and run uv tool install .
Once complete, you'll have workspace-cli available globally via workspace-cli
Note: there is a public (but abandoned) pypi package with the same name - do not use uvx, as it will pull the wrong thing.
▶ workspace-cli Commands ← Persistent OAuth, no re-auth on every call
|
▶ List Tools
View all available tools |
◆ Call a Tool
Execute a tool with key=value arguments |
Set URL for remote endpoints with --url or the WORKSPACE_MCP_URL environment variable.
≡ Advanced: FastMCP CLI ← inspect, install, discover
The upstream FastMCP CLI is also bundled and provides additional commands for schema inspection, client installation, and editor discovery. Note that fastmcp uses in-memory token storage, so each invocation may re-trigger the OAuth flow.
fastmcp inspect fastmcp_server.py # print tools, resources, prompts
fastmcp install claude-code fastmcp_server.py # one-command client setup
fastmcp install cursor fastmcp_server.py
fastmcp discover # find servers configured in editors
See fastmcp --help or the FastMCP CLI docs for the full command reference.
Tool Tiers
The server organizes tools into three progressive tiers for simplified deployment. Choose a tier that matches your usage needs and API quota requirements.
Available Tiers● Core ( ● Extended ( ● Complete ( |
Important Notes▶ Start with |
Usage Examples
# Basic tier selection
uv run main.py --tool-tier core # Start with essential tools only
uv run main.py --tool-tier extended # Expand to include management features
uv run main.py --tool-tier complete # Enable all available functionality
# Selective service loading with tiers
uv run main.py --tools gmail drive --tool-tier core # Core tools for specific services
uv run main.py --tools gmail --tool-tier extended # Extended Gmail functionality only
uv run main.py --tools docs sheets --tool-tier complete # Full access to Docs and Sheets
# Combine tier selection with granular permission levels
uv run main.py --permissions gmail:organize drive:full --tool-tier core
📋 Credential Configuration
🔑 OAuth Credentials Setup ← Essential for all installations
|
🚀 Environment Variables
Best for production |
📁 File-based
Traditional method |
⚡ .env File
Best for development |
📖 Credential Lo | ||