Using OAuth2 for Authentication

OAuth Credentials

OAuth credentials can be generated in several different ways using the oauth2client library provided by Google. If you are editing spreadsheets for yourself then the easiest way to generate credentials is to use Signed Credentials stored in your application (see example below). If you plan to edit spreadsheets on behalf of others then visit the Google OAuth2 documentation for more information.

Using Signed Credentials

  1. Head to Google Developers Console and create a new project (or select the one you have.)
  2. Under “API & auth”, in the API enable “Drive API”.
Enabled APIs
  1. Go to “Credentials” and choose “New Credentials > Service Account Key”.
Google Developers Console

You will automatically download a JSON file with this data.

Download Credentials JSON from Developers Console

This is how this file may look like:

    "private_key_id": "2cd … ba4",
    "private_key": "-----BEGIN PRIVATE KEY-----\nNrDyLw … jINQh/9\n-----END PRIVATE KEY-----\n",
    "client_email": "",
    "client_id": "473 …",
    "type": "service_account"

In the next step you’ll need the value of client_email from the file.

  1. Go to your spreadsheet and share it with a client_email from the step above. Otherwise you’ll get a SpreadsheetNotFound exception when trying to access this spreadsheet with gspread.
  2. Install oauth2client:
pip install --upgrade oauth2client

Depending on your system setup you may need to install PyOpenSSL:

pip install PyOpenSSL
  1. Now you can read this file, and use the data when constructing your credentials:
import gspread
from oauth2client.service_account import ServiceAccountCredentials

scope = ['',

credentials = ServiceAccountCredentials.from_json_keyfile_name('gspread-april-2cd … ba4.json', scope)

gc = gspread.authorize(credentials)

wks ="Where is the money Lebowski?").sheet1


oauth2client.client.CryptoUnavailableError: No crypto library available

If you’re getting the “No crypto library available” exception, make sure you have PyOpenSSL library installed in your environment.

Custom Credentials Objects

If you have another method of authenticating you can easily hack a custom credentials object.

class Credentials (object):
  def __init__ (self, access_token=None):
    self.access_token = access_token

  def refresh (self, http):
    # get new access_token
    # this only gets called if access_token is None