docs: add Python tutorial for refresh token OAuth in multi-tenant Apify Actors#2549
Open
foxck016077 wants to merge 1 commit into
Open
docs: add Python tutorial for refresh token OAuth in multi-tenant Apify Actors#2549foxck016077 wants to merge 1 commit into
foxck016077 wants to merge 1 commit into
Conversation
Adds a Python tutorial covering the refresh token OAuth pattern for Actors that call per-user Google APIs (Gmail, Calendar, Drive) without hosting an OAuth callback URL or storing user identity on the Apify side. Covers Google Cloud Desktop app client setup, generating the refresh token via google-auth-oauthlib's run_local_server, exchanging at runtime for a short-lived access token, marking credential fields as isSecret in INPUT_SCHEMA, and an optional dry_run mode so first-time users can preview the dataset shape before committing to the OAuth setup. Relates to apify/apify-mcp-server#741 (which asks for server-level OAuth/SSO, not Actor-level credential delegation, but readers may land here looking for the Actor-level pattern).
foxck016077
pushed a commit
to foxck016077/apify-gmail-inbox-intel
that referenced
this pull request
May 20, 2026
…ibution Adds links to 3 dev.to posts published today (mamoru douyin learning post, PWYW vs $99 lifetime answer to @tokidigital, and the reader-centric refresh token OAuth tutorial). The OAuth tutorial entry also references the open PR #2549 to apify/apify-docs that promotes it as an official Academy tutorial.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Adds a new tutorial under
sources/academy/tutorials/python/covering the refresh token OAuth pattern for Apify Actors that call per-user Google APIs (Gmail, Calendar, Drive) without hosting an OAuth callback URL or storing user identity on the Apify side.The tutorial walks through:
google-auth-oauthlib'srun_local_serverflowINPUT_SCHEMAwithisSecret: trueon the credential fieldsdry_runboolean so first-time users can preview the dataset shape before committing to the full OAuth setupMotivation
This pattern is used in production today for Actors that call per-user Google APIs, but the docs don't yet cover it. Currently a developer searching "Apify actor Gmail OAuth" finds no end-to-end tutorial. Related: apify/apify-mcp-server#741 asks for server-level OAuth/SSO between MCP client and Apify (a different layer than what this tutorial covers), but readers landing on that issue may also be looking for the Actor-level credential delegation pattern.
Pattern correctness
Verified against a production Actor running this exact pattern: foxck016077/apify-gmail-inbox-intel (MIT, listed on Apify Store as foxck/gmail-inbox-intel).
Standards checklist
/platform/actors/development/actor-definition/input-schema)Compatibility
sidebar_position: 3slots afterprocess_data_using_python.md(position 2)/python/refresh-token-oauth-multi-tenant-actorsis uniqueHappy to revise scope, tone, file placement, or pull cross-references if there's a better home for it in the Academy structure.