### [Error: unauthorized_client](https://wpmailsmtp.com/docs/error-unauthorized_client/)

**Published:** May 17, 2026
**Author:** David Ozokoye

**Content:**

**Note**: This guide applies to the [Gmail mailer](https://wpmailsmtp.com/docs/how-to-set-up-the-gmail-mailer-in-wp-mail-smtp/ "Gmail") in WP Mail SMTP.

## What This Error Means

Google is not authorizing the OAuth client to complete the sign-in flow. The most common cause is creating the OAuth credential with the wrong application type (e.g. **Desktop app** instead of **Web application**), so Google rejects the authorization code grant that WP Mail SMTP uses. Google Workspace organizations can also trigger this error when the admin blocks third-party API access for the domain.

## Common Causes

- OAuth client type is incorrect (a **Desktop app** or **Service account** credential instead of **Web application**)
- The **Authorized redirect URI** is missing or wrong on the OAuth client
- Google Workspace admin has restricted third-party API access and hasn’t approved the app

## How to Fix

Here is the complete step-by-step guide to resolving the error.

### Step 1: Verify the OAuth Client Type

Start by checking whether your OAuth credential has the correct application type.

Open the [Google Cloud Console](https://console.cloud.google.com/ "Google Cloud Console") and select the project used for WP Mail SMTP. Then, go to **APIs & Services » Credentials**.

Under **OAuth 2.0 Client IDs**, find your credential and check the **Type** column. If the type is **Desktop app** or anything other than **Web application**, create a new credential by following Step 2.

If it already says **Web application**, click the pencil icon and confirm the **Authorized redirect URIs** section contains exactly `https://connect.wpmailsmtp.com/google/`. If the URI is missing, click **+ ADD URI**, paste the value above, and click **Save**. Then skip to Step 3.

### Step 2: Create a New Web Application Credential

If your existing OAuth client has the wrong type, create a new one configured as a Web application.

On the **APIs & Services » Credentials** page, click **Create credentials** and select **OAuth client ID**.

![Click Create credentials and select OAuth client ID](https://wpmailsmtp.com/wp-content/uploads/2022/11/api-credentials.png)Then, set **Application type** to **Web application**.

![Select Web application as the application type](https://wpmailsmtp.com/wp-content/uploads/2021/10/select-web-application.png)Next, under **Authorized redirect URIs**, click **+ ADD URI** and enter `https://connect.wpmailsmtp.com/google/`.

![Enter the redirect URI](https://wpmailsmtp.com/wp-content/uploads/2021/10/input-for-uri.png)After that, click **Create**, then click **DONE**. Click the pencil icon next to the new credential to open it, and copy the **Client ID**.

![Copy the Client ID](https://wpmailsmtp.com/wp-content/uploads/2025/12/click-create.png)Then, click **+ Add secret** to generate a new Client Secret, and copy it.

![Click Add secret to generate a Client Secret](https://wpmailsmtp.com/wp-content/uploads/2025/12/add-secret.png)**Note**: Be careful not to copy any extra text or spaces with your Client ID or Client Secret. Google only shows the full Client Secret once.

Finally, in WordPress, go to **WP Mail SMTP » Settings » General** and scroll to the **Google / Gmail** section. Paste the new **Client ID** and **Client Secret** into the corresponding fields, and click **Save Settings**.

![Paste the Client ID and Client Secret](https://wpmailsmtp.com/wp-content/uploads/2020/11/google-gmail-add-client-id-secret.png)### Step 3: Check API Access Controls (Google Workspace)

If you’re on a Google Workspace domain, the organization admin may need to allow the app.

Start by signing in to the [Google Workspace Admin Console](https://admin.google.com/ "Google Workspace Admin Console"). Then, go to **Security » Access and data control » API controls**.

Under **App access control**, look for the OAuth app associated with your project. If the app is **Blocked** or not listed, click **Manage Third-Party App Access**, search for the app by Client ID, and set it to **Trusted** (or at minimum **Limited**).

Finally, save the change and wait a few minutes for it to take effect.

### Step 4: Re-Authorize and Test

Once the OAuth credential is set up correctly, reconnect WP Mail SMTP and send a test email.

In WordPress, go to **WP Mail SMTP » Settings » General** and scroll to the **Google / Gmail** section. Then, click **Remove Connection**.

![Click Remove Connection](https://wpmailsmtp.com/wp-content/uploads/2020/10/Remove-Connection-in-WP-Mail-SMTP.png)Next, click **Allow plugin to send emails using your Google account** and complete the Google authorization flow.

![Click Allow plugin to send emails using your Google account](https://wpmailsmtp.com/wp-content/uploads/2022/12/allow-google-to-send-emails.png)After authorization, click **Save Settings**.

To test the fix, go to **WP Mail SMTP » Tools** and click the **Email Test** tab. Enter a recipient address in the **Send To** field, leave **HTML** toggled ON, and click **Send Email**.

![Test email tab](https://wpmailsmtp.com/wp-content/uploads/2024/10/test-email-tab-1024x1002.png)Finally, confirm the success message and check the recipient’s inbox.

## Notes

- The redirect URI must match exactly, including `https` vs `http` and trailing slashes.
- On Google Workspace, third-party app changes can take a few minutes to propagate. If the error persists after marking the app **Trusted**, wait and retry.
- If the OAuth consent screen is in “Testing” mode, publish the app to production in **APIs & Services » OAuth consent screen » Audience** to avoid recurring 7-day token expirations.

That’s It! You now know how to fix the ‘unauthorized\_client’ error in Gmail and get your emails sending again through WP Mail SMTP.

**Categories:** Gmail Errors, Error Library

---