<span style="color:#cad8d9">Google Workspace MCP Server</span> <img src="https://github.com/user-attachments/assets/b89524e4-6e6e-49e6-ba77-00d6df0c6e5c" width="80" align="right" />
Full natural language control over Google Calendar, Drive, Gmail, Docs, Sheets, Slides, Forms, Tasks, Contacts, and Chat through all MCP clients, AI assistants and developer tools.
Includes a full featured CLI & Code Mode for use with tools like Claude Code and Codex!
The most feature-complete Google Workspace MCP server, it can do things that Google's own tooling and the built in integrations with Claude and ChatGPT can't even dream of. With Remote OAuth2.1 multi-user support, fine-grained editing tools and the most extensive coverage of any Google Workspace tool in existance, Workspace MCP is in a different class. Offering native OAuth 2.1, stateless mode and external auth server support, it's also the only Workspace MCP you can host for your whole organization centrally & securely!
Support for all free Google accounts & Google Workspace plans (Starter, Standard, Plus, Enterprise, Non Profit) with expanded app options like Chat & Spaces. <br/><br /> Interested in a private, managed cloud instance? That can be arranged.
</div> <p align="center"> <a href="https://workspacemcp.com/docs"> <img src="https://img.shields.io/badge/Read%20the%20Docs-0969DA?style=for-the-badge&logo=readthedocs&logoColor=white" alt="Read the Docs"> </a><br /><a href="https://workspacemcp.com/quick-start"> <img src="https://img.shields.io/badge/Quick%20Start-2EA44F?style=for-the-badge" alt="Quick Start Guide"> </a> </p> <div align="center"> <a href="https://www.pulsemcp.com/servers/taylorwilsdon-google-workspace"> <img width="375" src="https://github.com/user-attachments/assets/0794ef1a-dc1c-447d-9661-9c704d7acc9d" align="center"/> </a> </div><div align="center"> <table> <tr> <td align="center"> <b>⚡ Start</b><br> <sub> <a href="#quick-start">Quick Start</a> · <a href="#prerequisites">Prerequisites</a><br> <a href="#configuration">Google Cloud</a> · <a href="#-credential-configuration">Credentials</a> </sub> </td> <td align="center"> <b>🧰 Tools</b><br> <sub> <a href="#-available-tools">All Tools</a> · <a href="#tool-tiers">Tool Tiers</a><br> <a href="#cli">CLI</a> · <a href="#start-the-server">Start Server</a> </sub> </td> <td align="center"> <b>🔌 Connect</b><br> <sub> <a href="#quick-start--connect-claude-to-google-workspace">Quick Start</a> · <a href="#connect-to-claude-desktop">Claude Desktop</a><br> <a href="#claude-code-mcp-client-support">Claude Code</a> · <a href="#vs-code-mcp-client-support">VS Code</a> · <a href="#connect-to-lm-studio">LM Studio</a> </sub> </td> <td align="center"> <b>🚀 Deploy</b><br> <sub> <a href="#oauth-21-support-multi-user-bearer-token-authentication">OAuth 2.1</a> · <a href="#stateless-mode-container-friendly">Stateless</a><br> <a href="#external-oauth-21-provider-mode">External OAuth</a> · <a href="#reverse-proxy-setup">Reverse Proxy</a> </sub> </td> <td align="center"> <b>📐 Develop</b><br> <sub> <a href="#-development">Architecture</a> · <a href="#local-development-setup">Dev Setup</a><br> <a href="#-security">Security</a> · <a href="#-license">License</a> </sub> </td> </tr> </table> </div>
See it in action:
<div align="center"> <video width="400" src="https://github.com/user-attachments/assets/a342ebb4-1319-4060-a974-39d202329710"></video> </div><span style="color:#adbcbc">Overview</span>
Workspace MCP is the single most complete MCP server, the only that integrates all major Google Workspace services with AI assistants and all agent platforms. The entire toolset is available for CLI usage supporting both local and remote instances.
<span style="color:#adbcbc">Features</span>
<table> <tr> <td valign="top" width="50%">12 services — Gmail · Drive · Calendar · Docs · Sheets · Slides · Forms · Chat · Apps Script · Tasks · Contacts · Search
📧 Gmail — Complete email management, end-to-end coverage<br> 📁 Drive — File operations with sharing, permissions, Office files, PDFs & images<br> 📅 Calendar — Full event management with advanced features<br> 📝 Docs — Deep, fine-grained editing, formatting & comments<br> 📊 Sheets — Flexible cell management, formatting & conditional rules<br> 🖼️ Slides — Presentation creation, updates & content manipulation<br> 📋 Forms — Creation, publish settings & response management<br> 💬 Chat — Space management, messaging & reactions
</td> <td valign="top" width="50%">⚡ Apps Script — Cross-application workflow automation<br> <sub> Projects · deployments · versions · execution · debugging</sub>
✅ Tasks — Task & list management with hierarchy<br> 👤 Contacts — People API with groups & batch operations<br> 🔍 Custom Search — Programmable Search Engine integration
🔐 Authentication & Security<br> <sub>OAuth 2.0 & 2.1 · auto token refresh · multi-user bearer tokens · transport-aware callbacks · CORS proxy</sub>
</td> </tr> </table><span style="color:#adbcbc">Security & Compliance</span>
<table> <tr> <td valign="top" width="50%">For Security Teams
This server sends no data anywhere except Google's APIs, on behalf of the authenticated user, using your own OAuth client credentials. There is no telemetry, no usage reporting, no analytics, no license server, and no SaaS dependency. The entire data path is: your infrastructure → Google APIs.
- Fully open source — every line is auditable in this repo
- Your OAuth client, your GCP project — credentials never leave your environment
- You control the scopes — read-only, granular per-service permissions, or full access
- You control the network — deploy behind your reverse proxy, in your VPC, on your own terms
- No third-party services — no intermediary servers, no token relays, no hosted backends
- Stateless mode — zero disk writes for locked-down container environments
- Sensitive path blocking — local file reads default to the managed attachment directory, and
validate_file_path()still blocks.env*files plus common home-directory credential stores such as~/.ssh/and~/.aws/even ifALLOWED_FILE_DIRSis broadened
Full dependency tree in pyproject.toml, pinned in uv.lock.
For Legal & Procurement
This project is MIT licensed — not "open core," not "source available," not "free with a CLA." There is no dual licensing, no commercial tier gating features, and no contributor license agreement.
- Use commercially without restriction — build products, sell services, deploy internally
- Fork, embed, redistribute — MIT requires only attribution
- No CLA — contributions remain under MIT
- No telemetry to disclose — nothing to flag in a privacy review
- No network effects — the server never contacts any endpoint you didn't configure
- Standard dependency licenses — MIT, Apache 2.0, and BSD throughout the dependency chain; no copyleft, no AGPL
The license is 21 lines and says what it means.
</td> </tr> </table>Quick Start
<div align="center">Set credentials → pick a launch command → connect your client
</div> <table> <tr> <td valign="top" width="50%">💡 New to Workspace MCP? Check out the Interactive Quick Start Guide → with step-by-step setup, screenshots, and troubleshooting tips!
Confidential Client Quick Start
# 1. Credentials
export GOOGLE_OAUTH_CLIENT_ID="..."
export GOOGLE_OAUTH_CLIENT_SECRET="..."
# 2. Launch — pick a tier
uvx workspace-mcp --tool-tier core # essential tools
uvx workspace-mcp --tool-tier extended # core + management ops
uvx workspace-mcp --tool-tier complete # everything
# Or cherry-pick services
uv run main.py --tools gmail drive calendarSecretless / Public OAuth 2.1 (PKCE) Quick Start
# 1. Credentials
export MCP_ENABLE_OAUTH21=true
export GOOGLE_OAUTH_CLIENT_ID="..."
export WORKSPACE_MCP_PORT=8000
export GOOGLE_OAUTH_REDIRECT_URI="http://localhost:${WORKSPACE_MCP_PORT}/oauth2callback"
export OAUTHLIB_INSECURE_TRANSPORT=1
# Leave GOOGLE_OAUTH_CLIENT_SECRET unset for public PKCE clients
export FASTMCP_SERVER_AUTH_GOOGLE_JWT_SIGNING_KEY="$(openssl rand -hex 32)"
# 2. Launch — OAuth 2.1 requires HTTP transport
uvx workspace-mcp --transport streamable-http --tool-tier core
uvx workspace-mcp --transport streamable-http --tool-tier extended
uvx workspace-mcp --transport streamable-http --tool-tier complete
# Or cherry-pick services
uv run main.py --transport streamable-http --tools gmail drive calendar<sub>Credential setup → · All launch options → · Tier details →</sub>
<details open> <summary><b>Environment Variable Reference</b></summary> <sub>| Variable | Purpose | |
|---|---|---|
| 🔐 Authentication | ||
GOOGLE_OAUTH_CLIENT_ID | required | OAuth client ID from Google Cloud |
GOOGLE_OAUTH_CLIENT_SECRET | OAuth client secret for confidential clients; optional for public OAuth 2.1 PKCE clients | |
OAUTHLIB_INSECURE_TRANSPORT | required* | Set to 1 for development — allows http:// redirect |
USER_GOOGLE_EMAIL | Default email for single-user auth | |
GOOGLE_CLIENT_SECRET_PATH | Custom path to client_secret.json | |
GOOGLE_MCP_CREDENTIALS_DIR | Credential directory — default ~/.google_workspace_mcp/credentials | |
| 🖥️ Server | ||
WORKSPACE_MCP_BASE_URI | Base server URI (no port) — default http://localhost | |
WORKSPACE_MCP_PORT | Listening port — default 8000. Also controls the stdio-mode OAuth callback port. The PORT env var takes precedence if set. | |
WORKSPACE_MCP_HOST | Bind host — default 0.0.0.0 for OAuth 2.1 HTTP, 127.0.0.1 for legacy streamable HTTP. | |
WORKSPACE_MCP_TRANSPORT | stdio or streamable-http; used when --transport is not passed | |
WORKSPACE_MCP_HTTP_PORT | Advanced legacy-stdio sidecar /mcp port for local workspace-cli access. Disabled when empty. Binds to 127.0.0.1 only and is accessible to local processes. | |
WORKSPACE_EXTERNAL_URL | External URL for reverse proxy setups | |
WORKSPACE_MCP_BRAND_NAME | OAuth 2.1 consent-page server name — default FastMCP's name | |
WORKSPACE_MCP_BRAND_ICON_URL | OAuth 2.1 consent-page logo (hosted URL or data: URI), shown at 64px wide — default FastMCP's logo | |
WORKSPACE_MCP_BRAND_WEBSITE_URL | OAuth 2.1 consent-page website link | |
WORKSPACE_ATTACHMENT_DIR | Downloaded attachments dir and default trusted local attachment directory — default ~/.workspace-mcp/attachments/ | |
WORKSPACE_MCP_URL | Remote MCP endpoint URL for CLI | |
ALLOWED_FILE_DIRS | Colon-separated allowlist for local file reads | |
| 🧰 Tool Selection | ||
WORKSPACE_MCP_TOOLS | Comma-separated services, e.g. gmail,drive,calendar; empty means all services | |
WORKSPACE_MCP_TOOL_TIER | core, extended, or complete; empty means |
…