Gmail configuration

Google passwords cannot be used directly. There is two ways to authenticate yourself:

Using App Passwords

This option is the simplest and the fastest. First, be sure that:

  • IMAP is enabled
  • Two-step authentication is enabled
  • Less secure app access is enabled

Then you can create a dedicated password for Himalaya at https://myaccount.google.com/apppasswords. See the imap-auth section on how to use it.

display-name = "Clément DOUIN"
downloads-dir = "~/Downloads"
signature = "Cordialement,\nClément DOUIN"

[accounts.gmail]
default = true
email = "clement.douin@gmail.com"

folder.alias.inbox = "INBOX"
folder.alias.sent = "[Gmail]/Sent Mail"
folder.alias.drafts = "[Gmail]/Drafts"
folder.alias.trash = "[Gmail]/Trash"

backend = "imap"
imap.host = "imap.gmail.com"
imap.port = 993
imap.login = "clement.douin@gmail.com"
imap.passwd.cmd = "pass show gmail"

message.send.backend = "smtp"
smtp.host = "smtp.gmail.com"
smtp.port = 465
smtp.login = "clement.douin@gmail.com"
smtp.passwd.cmd = "pass show gmail"

Note: passwords are prompted when running the command himalaya accounts configure.

Using OAuth 2.0

This option is the most secure but the hardest to configure. First, you need to get your OAuth 2.0 credentials by following this guide. Once you get your client id and your client secret, you can configure your Himalaya account this way:

display-name = "Clément DOUIN"
downloads-dir = "~/Downloads"
signature = "Cordialement,\nClément DOUIN"

[accounts.gmail]
default = true
email = "clement.douin@gmail.com"

folder.alias.inbox = "INBOX"
folder.alias.sent = "[Gmail]/Sent Mail"
folder.alias.drafts = "[Gmail]/Drafts"
folder.alias.trash = "[Gmail]/Trash"

backend = "imap"
imap.host = "imap.gmail.com"
imap.port = 993
imap.login = "clement.douin@gmail.com"
imap.oauth2.client-id = "<imap.client-id>"
imap.oauth2.auth-url = "https://accounts.google.com/o/oauth2/v2/auth"
imap.oauth2.token-url = "https://www.googleapis.com/oauth2/v3/token"
imap.oauth2.pkce = true
imap.oauth2.scope = "https://mail.google.com/"

message.send.backend = "smtp"
smtp.host = "smtp.gmail.com"
smtp.port = 465
smtp.login = "clement.douin@gmail.com"
smtp.oauth2.client-id = "<smtp.client-id>"
smtp.oauth2.auth-url = "https://accounts.google.com/o/oauth2/v2/auth"
smtp.oauth2.token-url = "https://www.googleapis.com/oauth2/v3/token"
smtp.oauth2.pkce = true
smtp.oauth2.scope = "https://mail.google.com/"

# If you want your SMTP to share the same client id (and so the same access token)
# as your IMAP config, you can add the following:

# smtp.oauth2.client-id = "<imap-client-id>"
# smtp.oauth2.client-secret.keyring = "gmail-imap-oauth2-client-secret"
# smtp.oauth2.access-token.keyring = "gmail-imap-oauth2-access-token"
# smtp.oauth2.refresh-token.keyring = "gmail-imap-oauth2-refresh-token"

Note: client secrets are prompted when running the command himalaya accounts configure.