Gmail

The Gmail provider uses a dedicated adapter (GmailAdapter) rather than the generic HTTP adapter — it handles OAuth token refresh, MIME construction, and thread resolution transparently.

Setup

1. Create a Google Cloud OAuth client

• Google Cloud Console → APIs & Services → Credentials → OAuth client ID
• Type: Web application
• Scopes (configured on the consent screen):
  • https://www.googleapis.com/auth/gmail.send
  • https://www.googleapis.com/auth/gmail.readonly
  • https://www.googleapis.com/auth/gmail.modify
• Redirect: https://tappass.example.com/providers/gmail/callback

2. Configure TapPass server

GOOGLE_CLIENT_ID=<id>.apps.googleusercontent.com
GOOGLE_CLIENT_SECRET=<secret>

3. Authorise per mailbox

tappass provider connect gmail --agent support-bot --user support@yourcompany.com

Operations

Operation	Op group	Description
send	write	Send an email
list	read	List messages / threads
get	read	Get a single message
search	read	Search messages by query
label_message	write	Add/remove labels
create_draft	write	Create a draft

Usage

# Send (subject to PII detection + policy)
agent.call_provider(
    provider="gmail",
    operation="send",
    params={
        "to": "customer@example.com",
        "subject": "Your ticket has been updated",
        "body": "Hello — we've resolved your ticket...",
    },
)

# Search
threads = agent.call_provider(
    provider="gmail",
    operation="search",
    params={"q": "from:customer@example.com subject:refund"},
)

Email mirror / redirect

Governance flags let you route agent emails for review before they go out:

agent = Agent(
    "https://tappass.example.com",
    "tp_...",
    flags={"email": "mirror:supervisor@yourcompany.com"},
)

agent.call_provider(
    provider="gmail",
    operation="send",
    params={"to": "customer@example.com", ...},
)
# Supervisor gets a copy; original still sends.
# Use "redirect:..." to send only to the supervisor instead.

See Governance Flags → email.

Policy example

Block outbound Gmail to anyone outside your corporate domain:

package tool_decision

deny[msg] {
    input.provider == "gmail"
    input.operation == "send"
    not endswith(input.params.to, "@yourcompany.com")
    msg := "external recipients blocked"
}