SwarmMarshal uses Google's official APIs to read your mail and calendar. Because Google restricts which apps can request those permissions, the cleanest path today is to create a small Google Cloud project of your own and paste the credentials into SwarmMarshal. It takes about ten minutes and only needs to be done once per Google account.
Google requires a paid annual security audit before an app can ship Gmail or Calendar access to the general public. SwarmMarshal is a local desktop app with no central server, so instead of gating the feature behind that process we let you create a personal Google Cloud project. Your OAuth tokens never leave your computer, Google only ever sees your own project talking to your own mailbox, and SwarmMarshal has no involvement in the transfer.
Sign in at console.cloud.google.com with the Google account you want to connect. In the project picker at the top, click New Project, name it something you'll recognize (for example SwarmMarshal Personal), and click Create. When the notification bell tells you it's ready, switch the project picker to the new project.
Open APIs & Services → Library, search for Gmail API, and click Enable. Repeat the search for Google Calendar API and enable that one too. These are the two APIs SwarmMarshal talks to — you don't need anything else.
Go to Google Auth Platform → Overview. If the page says Google Auth Platform not configured yet, click Get started. Fill in an app name (SwarmMarshal Personal is fine), choose your email as the user support email, choose External for the audience, then enter your email again as the developer contact. Accept Google's policy checkbox if shown, and finish the wizard. The publishing status lives on a different page; we'll switch that next.
Open Google Auth Platform → Audience. Make sure the project picker at the top shows your SwarmMarshal project. Find Publishing status. If it says Testing, click Publish app. Google will open a Push to production? dialog; click Confirm. The publishing status should then become In production. This does not mean you need to complete Google's public verification process for a personal app; it just removes the testing-mode refresh-token limit. Google may still show the unverified-app warning during sign-in, which is expected for your own private project.
Do not leave the app in Testing for normal use. For Gmail, Calendar, and Contacts scopes, Google expires refresh tokens from external testing apps after seven days, so SwarmMarshal would have to ask you to reconnect every week.
Open APIs & Services → Credentials, click Create Credentials, and choose OAuth client ID. For Application type pick Desktop app and give it any name. Google will show you a Client ID and Client secret — keep that dialog open, you'll paste both into SwarmMarshal in the next step.
In SwarmMarshal open Settings → Accounts & Channels → Google. Paste the Client ID and Client secret from the Google Cloud dialog, then click Connect Google account. Your browser will open Google's sign-in page — because your project is private and unverified, you'll see a Google hasn't verified this app warning. Click Advanced, then click Go to SwarmMarshal Personal (unsafe).
Google then shows a profile review screen for your name and email. Click Continue. On the access screen, check Select all so the Gmail, Contacts, and Calendar permissions are all selected, then click Continue again. Google will redirect back to SwarmMarshal and show the success page.
SwarmMarshal will pull your inbox and calendar on the normal sync schedule. You can revoke access at any time from your Google account permissions page or by deleting the OAuth client from your Cloud project. Removing the credentials from SwarmMarshal's settings screen also clears every token stored on this machine.
The warning screen has no "Advanced" link. Your consent screen is set to Internal — switch it to External in Step 3, or make sure you're signed in with the same Google account you added as a test user.
"Access blocked: SwarmMarshal has not completed the Google verification process". First make sure the OAuth app is In production on the Audience page. If you intentionally keep it in Testing, add your Google address to the Test users list, but expect the refresh token to expire after seven days.
SwarmMarshal asks me to reconnect every week. Your OAuth app is almost certainly still in Testing. Open Google Auth Platform → Audience for the project and publish it to production, then reconnect the account once in SwarmMarshal.
The connection works but nothing syncs. Double-check that both the Gmail API and the Google Calendar API are enabled under your project (Step 2). Enabling them is per-project, not per-account.
The Client ID and Client secret identify your project to Google. They're not a password to your mailbox — on their own they can't read any of your data. SwarmMarshal still encrypts them at rest along with the refresh token Google issues after sign-in.
Because the project is yours, only Google accounts you explicitly add as test users can sign in to it while it is in Testing. Once you publish the personal project to production, Google may allow up to 100 unverified users through the warning screen; for SwarmMarshal's normal personal-use path, that should just be you or the few Google accounts you own.