PhishGuard requires Gmail API credentials to access and analyze your emails. Follow these steps to set up the Gmail API and generate the required Gmail_Credentials.json file.
- Go to Google Cloud Console
- Click on the project dropdown at the top
- Click "NEW PROJECT"
- Enter a project name (e.g., "PhishGuard")
- Click "CREATE"
- Wait for the project to be created and make sure it's selected
- In the Google Cloud Console, go to APIs & Services > Library
- Search for "Gmail API"
- Click on Gmail API from the results
- Click "ENABLE"
- Wait for the API to be enabled
- Go to APIs & Services > OAuth consent screen
- Select "External" user type
- Click "CREATE"
- Fill in the required fields:
- App name: PhishGuard (or any name you prefer)
- User support email: Your email address
- Developer contact information: Your email address
- Click "SAVE AND CONTINUE"
- On the Scopes page, click "ADD OR REMOVE SCOPES"
- Search for and add:
https://www.googleapis.com/auth/gmail.readonly - This allows read-only access to your Gmail
- Search for and add:
- Click "UPDATE" and then "SAVE AND CONTINUE"
- On the Test users page, click "ADD USERS"
- Add your Gmail address that you want to scan
- Click "SAVE AND CONTINUE"
- Review the summary and click "BACK TO DASHBOARD"
- Go to APIs & Services > Credentials
- Click "+ CREATE CREDENTIALS" at the top
- Select "OAuth client ID"
- Choose Application type: Desktop app
- Enter a name: PhishGuard Desktop Client
- Click "CREATE"
- A dialog will appear with your credentials
- Click "DOWNLOAD JSON"
- Save the downloaded file
- Locate the downloaded JSON file (usually in your Downloads folder)
- It will have a name like:
client_secret_XXXXX.apps.googleusercontent.com.json
- It will have a name like:
- Rename this file to:
Gmail_Credentials.json - Move it to your PhishGuard project root folder:
c:\Users\Sanjay\Downloads\PhishGuard-main\PhishGuard-main\Gmail_Credentials.json
- Make sure you're in the project directory and the virtual environment is activated
- Run the Streamlit app:
.\.venv\Scripts\streamlit run app.py
- Click the "Fetch & Scan Emails" button in the sidebar
- A browser window will open asking you to authorize the app
- Select your Google account
- You may see a warning "Google hasn't verified this app" - this is normal for development
- Click "Advanced"
- Click "Go to PhishGuard (unsafe)"
- Review the permissions and click "Continue"
- The authorization is complete! The app will now fetch your emails
- Make sure you added your email as a test user in the OAuth consent screen (Step 3.8)
- Make sure you downloaded the correct credentials file
- Verify the file is named exactly
Gmail_Credentials.json
- Make sure you selected "Desktop app" as the application type
- The app uses
http://localhost:8080/as the redirect URI
- Check if a browser window opened in the background
- Look for a URL in the terminal output that you can manually visit
- Keep
Gmail_Credentials.jsonprivate - Never commit it to Git or share it publicly - Token storage - After first authentication, a
token.picklefile is created to store your access token - Read-only access - The app only has permission to read emails, not send or delete
- Revoke access - You can revoke access anytime at https://myaccount.google.com/permissions
Your project should look like this:
PhishGuard-main/
├── app.py
├── gmail_client.py
├── main.py
├── parser_heuristics.py
├── pyproject.toml
├── README.md
├── SETUP_GMAIL_API.md
├── Gmail_Credentials.json ← Your credentials file (don't commit!)
└── token.pickle ← Created after first auth (don't commit!)
# Activate virtual environment
. .\.venv\Scripts\Activate.ps1
# Run the app
streamlit run app.py
# Or use the venv directly
.\.venv\Scripts\streamlit run app.pyNeed Help? If you encounter any issues, make sure:
- Gmail API is enabled in your Google Cloud project
- OAuth consent screen is configured with your email as a test user
- Credentials are downloaded as Desktop app type
- The file is named exactly
Gmail_Credentials.json(case-sensitive) - The file is in the project root directory