Skip to main content

Gmail MCP Server — search, read, send, threads, labels, drafts, filters

Project description

Gmail Blade MCP

Production Gmail MCP server for AI agents. Token-efficient, write-safe, thread-intelligent.

Features

Category Tools Description
Read gmail_search, gmail_read, gmail_snippets, gmail_thread, gmail_mailboxes Search, read messages and threads, list labels
Meta gmail_info, gmail_state, gmail_changes, gmail_identities, gmail_filters Account info, incremental sync, send-as aliases, filter rules
Write gmail_send, gmail_reply, gmail_draft, gmail_flag, gmail_move, gmail_bulk, gmail_delete Send, reply, draft, label, move, batch ops, delete
Filter gmail_filter_create, gmail_filter_delete Create and delete Gmail filters
AI gmail_classify, gmail_summarise Gemini-powered classification and summarisation (requires GOOGLE_API_KEY)

What makes this different

  • Token-efficient by default — HTML→plaintext stripping, body truncation, quoted-reply deduplication, concise list format
  • Write-safeGMAIL_WRITE_ENABLED=true env gate + confirm=true on destructive operations
  • Thread-intelligentthread_mode=deduped strips quoted replies; latest shows only newest message
  • Incremental syncgmail_state + gmail_changes via Gmail history.list API
  • Rate-limit aware — automatic exponential backoff on 429 errors
  • Gemini AI — classify and summarise emails using Google Gemini (optional, requires GOOGLE_API_KEY)
  • Credential-safe — OAuth tokens scrubbed from error messages

Quick Start

1. Install

uv sync

2. Set up Gmail API credentials

  1. Go to Google Cloud Console
  2. Create a project (or select existing)
  3. Enable the Gmail API
  4. Create OAuth 2.0 credentials (Desktop application)
  5. On the OAuth consent screen, set publishing status to "In production" — in "Testing" status Google expires refresh tokens after 7 days, which breaks any long-running server. (The "unverified app" warning at consent is a one-time click-through; if you have a Google Workspace org, marking the app Internal avoids the warning entirely.)
  6. Download the JSON file and save as ~/.gmail-blade/credentials.json (or pass --client-id/--client-secret to the auth verb instead)

3. Authenticate

uv run gmail-blade-mcp auth            # mints modify+send scopes (default)
uv run gmail-blade-mcp auth --scopes read   # read-only grant

A browser window opens for OAuth consent. After authorising, the verb prints a paste-ready credential block:

GMAIL_OAUTH_CLIENT_ID=...
GMAIL_OAUTH_CLIENT_SECRET=...
GMAIL_OAUTH_REFRESH_TOKEN=...

and (unless --no-save-token) also saves the refresh token to ~/.gmail-blade/token.json (mode 0600) for standalone use.

The server itself never opens a browser. If no credentials are available it returns a typed error telling you to run gmail-blade-mcp auth. Verify current credentials any time with:

uv run gmail-blade-mcp auth --check    # prints account email + granted scopes

Stallari / headless deployments: set the three GMAIL_OAUTH_* env vars (e.g. paste them into Stallari → Connections → gmail-blade-mcp). When GMAIL_OAUTH_REFRESH_TOKEN is set the server builds credentials in memory and never touches ~/.gmail-blade/. Note the scope grant is fixed when the token is minted — to enable write tools later you need both GMAIL_WRITE_ENABLED=true and a token minted with --scopes write.

4. Configure MCP client

Claude Desktop (claude_desktop_config.json):

{
  "mcpServers": {
    "gmail-blade": {
      "command": "uv",
      "args": ["--directory", "/path/to/gmail-blade-mcp", "run", "gmail-blade-mcp"],
      "env": {
        "GMAIL_WRITE_ENABLED": "false"
      }
    }
  }
}

Environment Variables

Variable Default Description
GMAIL_OAUTH_CLIENT_ID (none) OAuth client ID (in-memory credential mode)
GMAIL_OAUTH_CLIENT_SECRET (none) OAuth client secret
GMAIL_OAUTH_REFRESH_TOKEN (none) OAuth refresh token — presence switches on in-memory credential mode (mint with gmail-blade-mcp auth)
GMAIL_WRITE_ENABLED false Enable write operations (send, reply, delete, etc.)
GMAIL_MCP_TRANSPORT stdio Transport: stdio or http
GMAIL_MCP_HOST 127.0.0.1 HTTP host (when transport=http)
GMAIL_MCP_PORT 8768 HTTP port (when transport=http)
GMAIL_MCP_API_TOKEN (none) Bearer token for HTTP transport auth
GOOGLE_API_KEY (none) Google AI Studio API key for Gemini classify/summarise tools

Security

  • Write operations disabled by default — set GMAIL_WRITE_ENABLED=true to enable
  • Permanent delete requires confirm=true — use gmail_move to TRASH for soft delete
  • OAuth tokens never appear in error messages — regex scrubbing on all error paths
  • The server can never open a browser — interactive consent exists only in the auth CLI verb; headless deployments get typed errors, not hangs
  • token.json written 0600 — and in env-credential mode nothing is written to disk at all
  • Bearer auth uses constant-time comparisonsecrets.compare_digest()
  • Credentials stored locally~/.gmail-blade/, never transmitted

Development

make install-dev    # Install with dev + test deps
make test           # Unit tests (no Gmail needed)
make check          # Lint + format + type check
make test-cov       # Tests with coverage

email-v1 Contract

This server implements the Sidereal email-v1 domain contract — the same tool semantics as fastmail-blade-mcp. Skills targeting email-v1 work with either provider.

License

MIT

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

gmail_blade_mcp-0.9.0.tar.gz (148.0 kB view details)

Uploaded Source

Built Distribution

If you're not sure about the file name format, learn more about wheel file names.

gmail_blade_mcp-0.9.0-py3-none-any.whl (36.8 kB view details)

Uploaded Python 3

File details

Details for the file gmail_blade_mcp-0.9.0.tar.gz.

File metadata

  • Download URL: gmail_blade_mcp-0.9.0.tar.gz
  • Upload date:
  • Size: 148.0 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? Yes
  • Uploaded via: twine/6.1.0 CPython/3.13.12

File hashes

Hashes for gmail_blade_mcp-0.9.0.tar.gz
Algorithm Hash digest
SHA256 ac604e32e739981af56fa65c1e3df95fbfa7821afed306ebf208f3f7c449bd89
MD5 b9f9bb950219466a227ddf09744882f9
BLAKE2b-256 485d8ff54ceaef3f789310c3e66417ca2e33eee2ad3aefe0695eba57274a6085

See more details on using hashes here.

Provenance

The following attestation bundles were made for gmail_blade_mcp-0.9.0.tar.gz:

Publisher: publish.yml on Groupthink-dev/gmail-blade-mcp

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

File details

Details for the file gmail_blade_mcp-0.9.0-py3-none-any.whl.

File metadata

File hashes

Hashes for gmail_blade_mcp-0.9.0-py3-none-any.whl
Algorithm Hash digest
SHA256 c8b1664f0da5578fa41f6aba6aea373e6385015e98824e337771d6162952ccd5
MD5 094aed0bf3365f6397df3015a5ef808c
BLAKE2b-256 d730a8eb167da025126a7a6d8bbf5812743cc223be792320d68697b2eab2753f

See more details on using hashes here.

Provenance

The following attestation bundles were made for gmail_blade_mcp-0.9.0-py3-none-any.whl:

Publisher: publish.yml on Groupthink-dev/gmail-blade-mcp

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Depot Continuous Integration Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page