Google Authentication Library for OAuth 2.0

1.3.0 verified Tue May 12 auth: no python install: verified quickstart: stale

A Python library that provides OAuth 2.0 support for the google-auth library, enabling secure authentication for Google APIs. Current version: 1.3.0, released on February 27, 2026. Maintained with regular updates.

pip install google-auth-oauthlib

Common errors

error ModuleNotFoundError: No module named 'google_auth_oauthlib' ↓

cause The 'google-auth-oauthlib' library is not installed in your Python environment or the environment where your script is being executed.

fix

Run 'pip install --upgrade google-auth-oauthlib google-auth-httplib2' to install the necessary packages.

error Error 400: redirect_uri_mismatch ↓

cause The redirect URI configured in your application code does not exactly match one of the authorized redirect URIs specified for your OAuth 2.0 client ID in the Google Cloud Console.

fix

Go to the Google Cloud Console, navigate to 'APIs & Services' -> 'Credentials', edit your OAuth 2.0 client ID, and ensure that the 'Authorized redirect URIs' precisely match the URI used in your application's Flow configuration, including scheme (http/https), case, and trailing slashes.

error AttributeError: 'Credentials' object has no attribute 'to_json' ↓

cause The `google.oauth2.credentials.Credentials` object from the `google-auth` library does not directly expose a `to_json()` method for serialization as it was present in older, deprecated libraries like `oauth2client`.

fix

Use the credentials.to_dict() method to convert the credentials object to a dictionary, then serialize this dictionary to JSON using Python's json module, and use Credentials.from_dict() to load them back.

error oauthlib.oauth2.rfc6749.errors.InvalidGrantError: (invalid_grant) Token has been expired or revoked. ↓

cause This error indicates that the refresh token used to obtain a new access token is no longer valid, either because it has expired (e.g., after 7 days in 'Testing' mode), was explicitly revoked by the user, or remained unused for six months.

fix

Prompt the user to re-authenticate to obtain a new set of credentials, and ensure your Google Cloud project's OAuth consent screen publishing status is set to 'Production' if your application is intended for external users beyond test accounts.

error InvalidClientSecretsError: File not found: "client_secret.json" ↓

cause The `client_secrets.json` file, which contains your OAuth 2.0 client credentials, is either missing from the specified or implied path, or the file name is incorrect.

fix

Download the client_secrets.json file from the Google Cloud Console and place it in the same directory as your Python script, or provide the correct absolute path to Flow.from_client_secrets_file(). Ensure the file is not corrupted and contains the expected 'client_id' and 'client_secret' properties.

Warnings

breaking PKCE is enabled by default in version 1.0.0 and later. ↓

fix Ensure your application supports PKCE or adjust your implementation accordingly.

breaking Deprecated OOB code removed in version 1.0.0. ↓

fix Update your application to use supported redirect URIs.

gotcha Ensure 'client_secrets.json' is in the correct directory to avoid FileNotFoundError. ↓

fix Place 'client_secrets.json' in the same directory as your script or provide the correct path.

gotcha Running the script without internet access will cause the OAuth flow to fail. ↓

fix Ensure your machine has internet access during the OAuth flow.

gotcha Using an outdated version of google-auth-oauthlib may lead to compatibility issues. ↓

fix Upgrade to the latest version using 'pip install --upgrade google-auth-oauthlib'.

breaking Incorrect f-string syntax due to mismatched quotes when accessing dictionary keys within the f-string. ↓

fix Use different quote types for the f-string and the dictionary keys (e.g., `f"{item['name']}"` or `f'{item["name"]}'`) or escape the inner quotes.

breaking The script failed because the 'googleapiclient' library was not found. This typically means the library is not installed in the environment. ↓

fix Install the required library using `pip install google-api-python-client`.

Install compatibility verified last tested: 2026-05-12

python os / libc status wheel install import disk

3.10 alpine (musl) - - 1.14s 43.1M

3.10 slim (glibc) - - 0.84s 43M

3.11 alpine (musl) - - 1.59s 46.4M

3.11 slim (glibc) - - 1.27s 47M

3.12 alpine (musl) - - 1.68s 38.0M

3.12 slim (glibc) - - 1.58s 38M

3.13 alpine (musl) - - 1.54s 37.6M

3.13 slim (glibc) - - 1.86s 38M

3.9 alpine (musl) - - 1.04s 43.1M

3.9 slim (glibc) - - 0.95s 44M

Imports

InstalledAppFlow
```
from google_auth_oauthlib.flow import InstalledAppFlow
```
Ensure correct import path to avoid ImportError.

Quickstart stale last tested: 2026-04-23

A complete example demonstrating OAuth 2.0 authentication and accessing Google Drive API to list files.

import os
from google_auth_oauthlib.flow import InstalledAppFlow
from googleapiclient.discovery import build

# Set up the OAuth 2.0 flow
flow = InstalledAppFlow.from_client_secrets_file(
    'client_secrets.json',
    scopes=['https://www.googleapis.com/auth/drive.readonly']
)

# Run the flow to get credentials
credentials = flow.run_local_server(port=0)

# Build the service
service = build('drive', 'v3', credentials=credentials)

# Call the Drive API
results = service.files().list(pageSize=10, fields='files(id, name)').execute()
items = results.get('files', [])

if not items:
    print('No files found.')
else:
    print('Files:')
    for item in items:
        print(f'{item['name']} ({item['id']})')