A local MCP server that gives Claude Code (and any MCP client) access to your Google Workspace β Gmail, Drive, Calendar, Sheets, Docs, Contacts, Tasks, Meet, Search Console (plus optional Forms, Chat, and Workspace Admin) β across multiple Google accounts at once.
Open-source and funded by IdeaCrafters β the studio that pays for its development and upkeep.
- π Multi-account β drive any number of your Google accounts from one server, each by a short alias.
- π Secure by default β refresh tokens encrypted at rest (AES-256-GCM); writes are deny-by-default; no telemetry β it talks only to Google.
- π¦ npm-first β install and run with
npx; everything configured through env vars. - π§° ~170 tools across 12 services β full list in COVERAGE.md.
v5 is local + user-OAuth only. Service accounts and hosting (and the APIs they unlock) are on the roadmap. Upgrading from v4? Jump to Upgrading.
You need Node 20+, a Google Cloud OAuth client (~2 min β setup below), and a random 32-byte key.
# 1) install
npm i -g mcp-google-multi
# 2) put your config + creds in the environment (see "Configuration").
# Easiest for a quick try β export them, or drop a .env in your working dir:
# GOOGLE_CLIENT_ID, GOOGLE_CLIENT_SECRET, GOOGLE_ACCOUNTS, MASTER_KEY, GOOGLE_PROFILE
# 3) authenticate each account (opens a browser; one-time per account)
mcp-google-multi auth --account work
mcp-google-multi auth --account personal
# 4) register with Claude Code
claude mcp add google-multi -s user -- npx -y mcp-google-multiRestart your MCP client and the tools appear. Tokens are written encrypted to ~/.config/mcp-google-multi/tokens/ (override with TOKEN_STORE_PATH) β useless to anyone without your MASTER_KEY.
Generate a key: openssl rand -base64 32.
A plaintext .env is fine to try it out, but for a daily driver, don't leave GOOGLE_CLIENT_SECRET + MASTER_KEY on disk β inject them at launch from a secrets manager. The server just reads process.env (it has no idea where the values come from), so wrap it with Infisical:
#!/usr/bin/env bash
# ~/.local/bin/mcp-google-multi-run β chmod +x, then register this as the MCP command
set -euo pipefail
export INFISICAL_TOKEN="$(infisical login --method=universal-auth \
--client-id "$YOUR_CLIENT_ID" --client-secret "$YOUR_CLIENT_SECRET" --plain --silent)"
exec infisical run --projectId <project> --env prod --path /mcp-google-multi \
-- npx -y mcp-google-multiclaude mcp add google-multi -s user -- ~/.local/bin/mcp-google-multi-runNow the only thing on disk is the encrypted token store. Pass the token via the INFISICAL_TOKEN env var (as above), not a --token flag, so it never shows up in ps. (Any secrets manager works β Doppler, Vault, 1Password CLI, etc. β the pattern is the same.)
| Env var | Required | Description |
|---|---|---|
GOOGLE_CLIENT_ID / GOOGLE_CLIENT_SECRET |
β | OAuth Desktop client from Google Cloud |
GOOGLE_ACCOUNTS |
β | alias:email,β¦ β e.g. work:you@co.com,personal:you@gmail.com |
MASTER_KEY |
β | base64 32-byte key that encrypts the token store (openssl rand -base64 32) |
GOOGLE_PROFILE |
β | write policy: read-only (default) Β· safe-writes Β· full-writes |
GOOGLE_READ_ONLY |
β | true = hard kill-switch for all writes |
GOOGLE_WRITE_ALLOW / GOOGLE_WRITE_DENY |
β | glob overrides, e.g. calendar:*, *:delete* |
GOOGLE_OPTIONAL_SCOPES |
β | extra bundles: forms, chat |
GOOGLE_ADMIN_ACCOUNTS |
β | aliases granted Workspace-admin scopes (the account's own super-admin OAuth) |
TOKEN_STORE_PATH |
β | override the encrypted token dir (default: ~/.config/mcp-google-multi/tokens) |
Inspect the resolved setup any time: mcp-google-multi config check.
Reads are never gated. Every create/update/delete is off until you opt in β pick a profile:
GOOGLE_PROFILE |
Allows |
|---|---|
read-only (default) |
reads only |
safe-writes |
create + update (deletes still blocked) |
full-writes |
everything |
GOOGLE_READ_ONLY=true overrides all. For fine control: GOOGLE_WRITE_ALLOW="calendar:*, sheets:update*" and GOOGLE_WRITE_DENY="*:delete*" (deny wins). mcp-google-multi config check prints the resolved policy and exactly which tools are enabled.
~170 tools across Gmail, Drive, Calendar, Sheets, Docs, Contacts, Search Console, Tasks, Meet, and (optional) Forms, Chat, Workspace Admin. Full per-tool list β COVERAGE.md. Every tool takes an account argument matching one of your aliases.
- Google Cloud Console β create or select a project.
- Enable the APIs you'll use: Gmail, Drive, Calendar, Sheets, Docs, People, Search Console, Tasks, Meet (+ Forms / Chat / Admin SDK if you enable those bundles).
- APIs & Services β Credentials β Create Credentials β OAuth client ID β Desktop app.
- Add the redirect URI
http://localhost:4242/oauth2callback. - Copy the Client ID + Client Secret into your environment.
v5 is a breaking change, but the migration is a one-time, ~2-minute step:
- Update:
npm i -g mcp-google-multi@latest(or update your client config). - Add
MASTER_KEYto your environment (openssl rand -base64 32) β now required. - Encrypt existing tokens:
mcp-google-multi migrate-tokens(reads your oldtokens/<alias>/token.jsonand encrypts them) β or just re-auth each account. - Writes are now deny-by-default β set
GOOGLE_PROFILE=safe-writes(orfull-writes) to keep writing. (GOOGLE_ALLOW_ADMIN_WRITESis gone β replaced by write-control profiles.)
Your OAuth, your machine. Refresh tokens are AES-256-GCM encrypted at rest (decryptable only with your MASTER_KEY), writes are deny-by-default, and the server has no telemetry β it connects only to Google's APIs. Found a vulnerability? Report it privately β see SECURITY.md, never a public issue.
Maintainer-led. Direction is tracked publicly as GitHub Milestones (discover-first tooling β exhaustive API coverage β service accounts + hosting in v6). Not accepting unsolicited feature PRs; bug reports are welcome.
See CONTRIBUTING.md and the Code of Conduct. Security issues go to SECURITY.md, never a public issue.
Built and maintained by Abdelbaki Berkati β berkati.xyz Β· @bakissation. Read the case study β
Development is funded by IdeaCrafters (@IdeaCraftersHQ) β the studio that pays for this OSS to exist.