I have followed the instructions on the nodemailer site to the letter, but OAuth2 for google service accounts simply does not work for me.
Either I get ECONN timeouts when setting "host" to mail.google.com or some combination of "401, user/pwd not accepted, can not create access token" errors when using smtp.gmail.com as the host.
There seems to be an endless supply of answers for 3LO, but none that I've tried for 2LO that work. Now, having said all that.
var nodemailer = require("nodemailer");
var { google } = require("googleapis");
var accessToken;
var expires;
var key = require(“path/to/secrets.json");
var privateKey = key.private_key;
var jwtClient = new google.auth.JWT(key.client_email, null, key.private_key, ["https://mail.google.com/"], null);
jwtClient.authorize(function(err, tokens) {
    if (err) {
        return;
     } else {
    token = tokens
    accessToken = tokens.access_token //this **IS** a valid token
    expires = tokens.expiry_date
     }
 var transporter = nodemailer.createTransport({
        host: "smtp.gmail.com",
        port: 465,
        secure: true,
        auth: {
            type: "OAuth2",
            user: key.client_email, //I've also used my email here
            serviceClient: key.client_id,
            privateKey: privateKey,
            accessToken: accessToken,
            expires: expires,
        },
    });
var mailOptions = {
    from: “[email protected]”
    to: “[email protected]",
    subject: "Ready",
    text: “Really Ready"
    }
transporter.sendMail(mailOptions, function(error, info) {
    if (error) {
        return;
    }
    console.log("Message %s sent: %s", info.messageId, info.response);
});
});
which generated the error:
535-5.7.8 Username and Password not accepted.
But as I mentioned, I've tried differing configurations and settings and gotten just as many different errors...
SO... Has anyone had success in using service accounts for 2LO using nodemailer?
I'm using node 9.5.0 and nodemailer ^4.6.0
I got it working (2021!), these were the steps:
https://mail.google.com/ as the scope.
const nodemailer = require('nodemailer');
const json = require('./service-account-name-accountid.json');
const sendEmail = async (email, subject, text) => {
    try {
        const transporter = nodemailer.createTransport({
            host: 'smtp.gmail.com',
            port: 465,
            secure: true,
            auth: {
                type: 'OAuth2',
                user: email, //your permissioned service account member e-mail address
                serviceClient: json.client_id,
                privateKey: json.private_key
            }
        });
        await transporter.verify();
        
        await transporter.sendMail({
                from: json.service_email,
                to: email, //you can change this to any other e-mail address and it should work!
                subject,
                text
        });
        console.log('success!');
        return {
            status : 200
        }
    } catch (error) {
        console.log(error);
        return {
            status : 500,
            error
        }
    }
}
sendEmail('your_permissioned_service_account_email_address@some_place.com, 'testing 123', 'woohoo!');
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With