> ## Documentation Index
> Fetch the complete documentation index at: https://nango.dev/docs/llms.txt
> Use this file to discover all available pages before exploring further.

# Set up Stitch (MCP) with Nango

> Register an OAuth app with Google for the Stitch MCP API and connect it to Nango

This guide shows you how to register your own app with Google to obtain your OAuth credentials (client ID & secret). These are required to let your users grant your app access to their Stitch projects via the Stitch MCP API.

<Info>
  You will need to pass a security review to go live with your integration.

  [Follow our guide](/api-integrations/google-shared/google-security-review) to get approved as fast as possible.
</Info>

## Create your OAuth App

<Steps>
  <Step title="Create a Google Cloud account">
    If you don't already have one, sign up for a [Google Cloud account](https://console.cloud.google.com/).
  </Step>

  <Step title="Create a new project">
    1. Go to the [Google Cloud Console](https://console.cloud.google.com/).
    2. Click on the project dropdown at the top left of the page.
    3. Click **New Project**.
    4. Enter a **Project Name** for your project.
    5. Under **Location**, select the appropriate organization or folder where this project should belong.
       <Note>If you're not part of an organization, it will default to No organization</Note>
    6. Click **Create** and wait for the project to be created.
    7. Select it from the project dropdown.
  </Step>

  <Step title="Enable the Stitch API">
    1. Go to the [API Library](https://console.cloud.google.com/apis/library) in the Google Cloud Console.
    2. Search for **Stitch API** and select it, then click **Enable**.
  </Step>

  <Step title="Configure the OAuth consent screen">
    1. Go to **APIs & Services** > **OAuth consent screen** in the Google Cloud Console.
    2. Click **Get started**.
    3. Fill in the **App Information** form.

    * **App Name**: The name of the app asking for consent.
    * **User support email**: For users to contact you with questions about their consent.

    4. Click **Next**. Select the appropriate Audience:
       * **External**: For applications available to any Google user
       * **Internal**: For applications restricted to users within your Google Workspace organization
    5. Click **Next**. Fill in the **Contact Information**; these are the email addresses that Google will use to notify you about any changes to your project.
    6. Click **Next**, then check the **I agree to the Google API Services: User Data Policy** checkbox, and click **Continue**.
    7. Add the scopes your application needs. Under **Data Access**, click **Add or Remove Scopes** and add `https://www.googleapis.com/auth/cloud-platform`.
    8. Under **Audience**, click **Add users** if you selected **External** user type (required for testing before verification).

    <Warning>In "Testing" mode with an external user type, refresh tokens expire in 7 days unless only basic scopes are used (userinfo.email, userinfo.profile, openid, or their [OpenID Connect equivalents](https://developers.google.com/identity/protocols/oauth2/scopes#openid-connect)). You can remove this 7-day limit by switching from Testing to Production in the last step below.</Warning>
  </Step>

  <Step title="Create OAuth 2.0 credentials">
    1. Go to **APIs & Services** > **Credentials** in the Google Cloud Console.
    2. Click **Create Credentials** and select **OAuth client ID**.
    3. Select **Web application** as the application type.
    4. Enter a name for your OAuth client.
    5. Under **Authorized redirect URIs**, add `https://api.nango.dev/oauth/callback`.

    <Note>While setting up the OAuth credentials, the *Authorized JavaScript origins* should be your site URL (`https://app.nango.dev` if you're testing from the Nango UI).</Note>

    6. Click **Create**.
    7. A dialog will appear with your client ID and client secret. Save these credentials securely as you'll need them when configuring your integration in Nango.

    <Note>Google allows up to 100 refresh tokens per account per OAuth client ID. New tokens overwrite the oldest without warning when the limit is reached.</Note>
  </Step>

  <Step title="Start building your integration">
    Follow the [*Quickstart*](/getting-started/quickstart) to build your integration.
  </Step>

  <Step title="Verify your app">
    The `cloud-platform` scope is marked "sensitive" by Google. You can develop in test mode, but you need to pass a security review to go live.

    [Follow our guide](/api-integrations/google-shared/google-security-review) to prepare and pass as quickly as possible.

    <Note>For applications using sensitive or restricted scopes, Google requires verification and a security assessment. This process can take several weeks to complete.</Note>
  </Step>

  <Step title="Publish your app (switch from Testing to Production)">
    To move your OAuth app from testing to production:

    1. Go to **APIs & Services** > **OAuth consent screen** > **Audience**.
    2. Click **Publish App** to switch your app from testing to production.
  </Step>
</Steps>

## Connection Configuration

When creating a Stitch (MCP) connection, you must supply a **Google Cloud Project ID** as a developer-level connection configuration parameter.

### Required parameters

| Parameter    | Description                                                        |
| ------------ | ------------------------------------------------------------------ |
| `project_id` | The ID of the Google Cloud project that has the Stitch API enabled |

### Finding your Google Cloud project ID

Your project ID is distinct from your project name. To find it:

1. Go to the [Google Cloud Console](https://console.cloud.google.com/).
2. Click the **project dropdown** at the top left of the page.
3. Your **Project ID** appears below the project name in the list (e.g. `my-project-123456`).

Alternatively, open the [project dashboard](https://console.cloud.google.com/home/dashboard) and look under **Project info** > **Project ID**. It also appears as the `project` query parameter in any Google Cloud Console URL.

## Important considerations

**Refresh token expiration**

For information on why Google refresh tokens expire, see [Why is my Google refresh token expiring?](https://www.nango.dev/blog/google-oauth-invalid-grant-token-has-been-expired-or-revoked#why-was-the-refresh-token-revoked). For Google OAuth basics, see [Google's OAuth 2.0 documentation](https://developers.google.com/identity/protocols/oauth2).

## OAuth Scopes

Select only the scopes your app needs. See [Google's OAuth 2.0 Scopes documentation](https://developers.google.com/identity/protocols/oauth2/scopes) for the full list.

| Scope                                            | Description                                                      |
| ------------------------------------------------ | ---------------------------------------------------------------- |
| `https://www.googleapis.com/auth/cloud-platform` | Full access to Google Cloud resources, including the Stitch API. |

***