MCP Headless Gmail Server
A headless server to get and send emails via the Gmail API, requiring Google API credentials at runtime.
MCP Headless Gmail Server (NPM & Docker)
A MCP (Model Context Protocol) server that provides get, send Gmails without local credential or token setup.
Why MCP Headless Gmail Server?
Critical Advantages
- Headless & Remote Operation: Unlike other MCP Gmail solutions that require running outside of docker and local file access, this server can run completely headless in remote environments with no browser no local file access.
- Decoupled Architecture: Any client can complete the OAuth flow independently, then pass credentials as context to this MCP server, creating a complete separation between credential storage and server implementation.
Nice but not critical
- Focused Functionality: In many use cases, especially for marketing applications, only Gmail access is needed without additional Google services like Calendar, making this focused implementation ideal.
- Docker-Ready: Designed with containerization in mind for a well-isolated, environment-independent, one-click setup.
- Reliable Dependencies: Built on the well-maintained google-api-python-client library.
Features
- Get most recent emails from Gmail with the first 1k characters of the body
- Get full email body content in 1k chunks using offset parameter
- Send emails through Gmail
- Refresh access tokens separately
- Automatic refresh token handling
Prerequisites
- Python 3.10 or higher
- Google API credentials (client ID, client secret, access token, and refresh token)
Installation
# Clone the repository
git clone https://github.com/baryhuang/mcp-headless-gmail.git
cd mcp-headless-gmail
# Install dependencies
pip install -e .
Docker
Building the Docker Image
# Build the Docker image
docker build -t mcp-headless-gmail .
Usage with Claude Desktop
You can configure Claude Desktop to use the Docker image by adding the following to your Claude configuration:
docker
{
"mcpServers": {
"gmail": {
"command": "docker",
"args": [
"run",
"-i",
"--rm",
"buryhuang/mcp-headless-gmail:latest"
]
}
}
}
npm version
{
"mcpServers": {
"gmail": {
"command": "npx",
"args": [
"@peakmojo/mcp-server-headless-gmail"
]
}
}
}
Note: With this configuration, you'll need to provide your Google API credentials in the tool calls as shown in the Using the Tools section. Gmail credentials are not passed as environment variables to maintain separation between credential storage and server implementation.
Cross-Platform Publishing
To publish the Docker image for multiple platforms, you can use the docker buildx command. Follow these steps:
-
Create a new builder instance (if you haven't already):
docker buildx create --use -
Build and push the image for multiple platforms:
docker buildx build --platform linux/amd64,linux/arm64,linux/arm/v7 -t buryhuang/mcp-headless-gmail:latest --push . -
Verify the image is available for the specified platforms:
docker buildx imagetools inspect buryhuang/mcp-headless-gmail:latest
Usage
The server provides Gmail functionality through MCP tools. Authentication handling is simplified with a dedicated token refresh tool.
Starting the Server
mcp-server-headless-gmail
Using the Tools
When using an MCP client like Claude, you have two main ways to handle authentication:
Refreshing Tokens (First Step or When Tokens Expire)
If you have both access and refresh tokens:
{
"google_access_token": "your_access_token",
"google_refresh_token": "your_refresh_token",
"google_client_id": "your_client_id",
"google_client_secret": "your_client_secret"
}
If your access token has expired, you can refresh with just the refresh token:
{
"google_refresh_token": "your_refresh_token",
"google_client_id": "your_client_id",
"google_client_secret": "your_client_secret"
}
This will return a new access token and its expiration time, which you can use for subsequent calls.
Getting Recent Emails
Retrieves recent emails with the first 1k characters of each email body:
{
"google_access_token": "your_access_token",
"max_results": 5,
"unread_only": false
}
Response includes:
- Email metadata (id, threadId, from, to, subject, date, etc.)
- First 1000 characters of the email body
body_size_bytes: Total size of the email body in bytescontains_full_body: Boolean indicating if the entire body is included (true) or truncated (false)
Getting Full Email Body Content
For emails with bodies larger than 1k characters, you can retrieve the full content in chunks:
{
"google_access_token": "your_access_token",
"message_id": "message_id_from_get_recent_emails",
"offset": 0
}
You can also get email content by thread ID:
{
"google_access_token": "your_access_token",
"thread_id": "thread_id_from_get_recent_emails",
"offset": 1000
}
The response includes:
- A 1k chunk of the email body starting from the specified offset
body_size_bytes: Total size of the email bodychunk_size: Size of the returned chunkcontains_full_body: Boolean indicating if the chunk contains the remainder of the body
To retrieve the entire email body of a long message, make sequential calls increasing the offset by 1000 each time until contains_full_body is true.
Sending an Email
{
"google_access_token": "your_access_token",
"to": "recipient@example.com",
"subject": "Hello from MCP Gmail",
"body": "This is a test email sent via MCP Gmail server",
"html_body": "<p>This is a <strong>test email</strong> sent via MCP Gmail server</p>"
}
Token Refresh Workflow
- Start by calling the
gmail_refresh_tokentool with either:- Your full credentials (access token, refresh token, client ID, and client secret), or
- Just your refresh token, client ID, and client secret if the access token has expired
- Use the returned new access token for subsequent API calls.
- If you get a response indicating token expiration, call the
gmail_refresh_tokentool again to get a new token.
This approach simplifies most API calls by not requiring client credentials for every operation, while still enabling token refresh when needed.
Obtaining Google API Credentials
To obtain the required Google API credentials, follow these steps:
- Go to the Google Cloud Console
- Create a new project
- Enable the Gmail API
- Configure OAuth consent screen
- Create OAuth client ID credentials (select "Desktop app" as the application type)
- Save the client ID and client secret
- Use OAuth 2.0 to obtain access and refresh tokens with the following scopes:
https://www.googleapis.com/auth/gmail.readonly(for reading emails)https://www.googleapis.com/auth/gmail.send(for sending emails)
Token Refreshing
This server implements automatic token refreshing. When your access token expires, the Google API client will use the refresh token, client ID, and client secret to obtain a new access token without requiring user intervention.
Security Note
This server requires direct access to your Google API credentials. Always keep your tokens and credentials secure and never share them with untrusted parties.
License
See the LICENSE file for details.
Related Servers
Ghost MCP
Interact with the Ghost blogging platform using the Model Context Protocol (MCP) with Server-Sent Events (SSE) support.
Slack MCP Server
An MCP server for interacting with Slack workspaces using user tokens, without requiring bots or special permissions.
Agent Communication MCP Server
Enables room-based messaging between multiple agents.
Whissle MCP Server
Access Whissle API for speech-to-text, diarization, translation, and text summarization.
Globalping
Network access with the ability to run commands like ping, traceroute, mtr, http, dns resolve.
ELEMENT.FM
Create and publish unlimited podcast shows and episodes with ELEMENT.FM
MCP Server Whisper
Advanced audio transcription and processing using OpenAI's Whisper and GPT-4o models.
CData Slack MCP Server
A read-only MCP server for Slack by CData, enabling LLMs to query live Slack data. Requires the CData JDBC Driver for Slack.
AivisSpeech
A server for text-to-speech generation using the AivisSpeech engine.
RSS MCP Server by CData
A read-only MCP server for querying live RSS data using the CData JDBC Driver for RSS.