How to Get Google Blogger API Credentials: Client ID, Client Secret, Refresh Token and Blog ID

Before you can automate publishing blog posts to Blogger using Python, you need to generate four credentials that allow your script to authenticate with Google and identify your blog. This guide walks you through every single step — from creating a Google Cloud project to getting your final .env file ready.

By the end of this guide, your .env file will look like this:

GOOGLE_CLIENT_ID=xxxxxxxxxxxxxxxx.apps.googleusercontent.com
GOOGLE_CLIENT_SECRET=GOCSPX-xxxxxxxxxxxxxxxxxxxx
GOOGLE_REFRESH_TOKEN=1//0xxxxxxxxxxxxxxxxxxxxxxxxxxxx
BLOGGER_BLOG_ID=1234567890123456789

👉 Related Guide: Once you have these credentials, use them with the autoblog-python project to automatically publish posts to your Blogger blog using Python.

✅ What You Need Before Starting

  • A Google account with at least one Blogger blog created
  • Python 3.8+ installed on your computer
  • A web browser (Chrome recommended)
  • About 10–15 minutes of your time

🗂️ The 4 Credentials You Need

Here is a quick overview of what each credential is and where it comes from:

Credential What It Is Where You Get It
GOOGLE_CLIENT_ID Identifies your application to Google Google Cloud Console → Credentials
GOOGLE_CLIENT_SECRET Secret key paired with the Client ID Google Cloud Console → Credentials
GOOGLE_REFRESH_TOKEN Allows token refresh without re-login Running the OAuth authorization script
BLOGGER_BLOG_ID Unique numeric ID of your Blogger blog Blogger Dashboard or get_blog_id.py script

1 Create a Google Cloud Project

All Google API access starts with a Google Cloud project. This is a free workspace that holds your API keys and credentials.

  1. Open Google Cloud Console in your browser
  2. Sign in with your Google account
  3. Click the project selector dropdown at the top of the page (it may say "Select a project")
  4. Click New Project
  5. Enter a project name — for example: blogger-automation
  6. Click Create and wait a few seconds for the project to be created
  7. Make sure your new project is selected in the top dropdown before continuing

💡 Free Tier: Google Cloud projects are free to create. The Blogger API is also completely free to use with no usage charges for standard automation.

2 Enable the Blogger API v3

Next, you need to enable the Blogger API for your project so your credentials have permission to use it.

  1. In the Google Cloud Console, open the left sidebar menu
  2. Go to APIs & Services → Library
  3. In the search box, type: Blogger API v3
  4. Click on the Blogger API v3 result
  5. Click the Enable button
  6. Wait for the API to be enabled — you will be redirected to the API overview page

⚠ Important: Make sure you enable Blogger API v3 — not a different version. If you try to use the API without enabling it, you will receive a 403: API not enabled error.

3 Configure the OAuth Consent Screen

Before creating credentials, you must set up the OAuth Consent Screen. This is the screen users see when authorizing your application. Even for personal automation, it must be configured.

  1. Go to APIs & Services → OAuth consent screen
  2. Select External as the user type and click Create
  3. Fill in the required fields:
    • App name: Blogger Automation (or any name)
    • User support email: your Google email address
    • Developer contact email: your Google email address
  4. Click Save and Continue

Add the Blogger API Scope

  1. On the Scopes page, click Add or Remove Scopes
  2. In the filter box, search for: blogger
  3. Check the scope: https://www.googleapis.com/auth/blogger
  4. Click Update
  5. Click Save and Continue

Add a Test User

  1. On the Test users page, click Add Users
  2. Enter your own Google email address
  3. Click Add
  4. Click Save and Continue
  5. Click Back to Dashboard

💡 Why add yourself as a test user? Since your app is in "External" mode but not verified by Google, only users listed as test users can authorize it. Adding your own email lets your script authenticate without needing Google's app verification process.

4 Create OAuth 2.0 Credentials → Get CLIENT_ID and CLIENT_SECRET

Now create the actual OAuth credentials. This gives you your GOOGLE_CLIENT_ID and GOOGLE_CLIENT_SECRET.

  1. Go to APIs & Services → Credentials
  2. Click + Create Credentials at the top
  3. Select OAuth 2.0 Client IDs
  4. For Application type, select Desktop app
  5. Give it a name — for example: blogger-python-client
  6. Click Create

A dialog will appear showing your credentials. You will see:

Your Client ID:
xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx.apps.googleusercontent.com

Your Client Secret:
GOCSPX-xxxxxxxxxxxxxxxxxxxxxxxxxxxx
  1. Click Download JSON to save the credentials file — name it credentials.json
  2. Move credentials.json to your project folder
  3. Click OK to close the dialog

⚠ Keep credentials.json private. This file contains your Client Secret. Never share it publicly or upload it to a public GitHub repository. Add it to your .gitignore immediately.

echo "credentials.json" >> .gitignore
echo ".env" >> .gitignore

Add the values from the JSON file to your .env:

GOOGLE_CLIENT_ID=xxxxxxxxxxxxxxxx.apps.googleusercontent.com
GOOGLE_CLIENT_SECRET=GOCSPX-xxxxxxxxxxxxxxxxxxxx

5 Run the Auth Script → Get REFRESH_TOKEN

The GOOGLE_REFRESH_TOKEN is generated by completing a one-time Google authorization flow. After this step, your script will never need to open a browser again.

Install Required Packages

Open your terminal and run:

pip install google-auth google-auth-oauthlib google-auth-httplib2 google-api-python-client python-dotenv

Create get_refresh_token.py

Create a file named get_refresh_token.py in your project folder and paste the following code:

import os
import json
from google_auth_oauthlib.flow import InstalledAppFlow

# The scope required for Blogger API full access
SCOPES = ["https://www.googleapis.com/auth/blogger"]

def main():
    # Run the OAuth flow using your downloaded credentials.json
    flow = InstalledAppFlow.from_client_secrets_file(
        "credentials.json",
        scopes=SCOPES
    )

    # This opens a browser window for authorization
    creds = flow.run_local_server(port=0)

    # Print the tokens
    print("\n" + "=" * 60)
    print("✅ Authorization successful!")
    print("=" * 60)
    print(f"\nGOOGLE_CLIENT_ID={creds.client_id}")
    print(f"GOOGLE_CLIENT_SECRET={creds.client_secret}")
    print(f"GOOGLE_REFRESH_TOKEN={creds.refresh_token}")
    print("\n" + "=" * 60)
    print("Copy the values above into your .env file")
    print("=" * 60)

    # Also save to a file for reference
    token_data = {
        "client_id": creds.client_id,
        "client_secret": creds.client_secret,
        "refresh_token": creds.refresh_token,
    }

    with open("token_output.json", "w") as f:
        json.dump(token_data, f, indent=2)

    print("\nTokens also saved to: token_output.json")

if __name__ == "__main__":
    main()

Run the Script

python get_refresh_token.py

What happens next:

  1. Your default browser opens automatically with a Google sign-in page
  2. Sign in with the Google account that owns your Blogger blog
  3. You may see a warning: "Google hasn't verified this app" — click AdvancedGo to blogger-automation (unsafe)
  4. Click Continue to grant permission
  5. The browser shows: "The authentication flow has completed"
  6. Go back to your terminal — you will see your tokens printed

💡 About the "unsafe" warning: This warning appears because your app is in test mode and not verified by Google. Since you are the developer and the only user, it is completely safe to proceed. Click Advanced → Go to [app name] (unsafe) to continue.

Expected terminal output:

============================================================
✅ Authorization successful!
============================================================

GOOGLE_CLIENT_ID=123456789-abcdefgh.apps.googleusercontent.com
GOOGLE_CLIENT_SECRET=GOCSPX-AbCdEfGhIjKlMnOp
GOOGLE_REFRESH_TOKEN=1//0AbCdEfGhIjKlMnOpQrStUvWxYzAbCdEf

============================================================
Copy the values above into your .env file
============================================================

Tokens also saved to: token_output.json

Copy the GOOGLE_REFRESH_TOKEN value and add it to your .env file:

GOOGLE_REFRESH_TOKEN=1//0xxxxxxxxxxxxxxxxxxxxxxxxxxxx

⚠ One-time step: You only need to run get_refresh_token.py once. The refresh token does not expire as long as you use it regularly. Store it safely in your .env file — do not hardcode it in any script.

6 Get Your Blogger Blog ID → BLOGGER_BLOG_ID

The final credential you need is your BLOGGER_BLOG_ID — the unique numeric ID that identifies which blog to publish to.

Method 1: From the Blogger Dashboard (Quickest)

  1. Open blogger.com and sign in
  2. Select your blog from the dashboard
  3. Click Settings in the left sidebar
  4. Under the Basic section, look for Blog ID
  5. Copy the numeric ID — it looks like: 1234567890123456789

Method 2: From the Browser URL

When you are on your Blogger dashboard for a specific blog, look at the URL in your browser:

https://www.blogger.com/blog/posts/1234567890123456789

The long number at the end of the URL is your Blog ID.

Method 3: Using get_blog_id.py (Automated)

Create a file named get_blog_id.py and paste:

import os
from dotenv import load_dotenv
from google.oauth2.credentials import Credentials
from google.auth.transport.requests import Request
from googleapiclient.discovery import build

load_dotenv()

creds = Credentials(
    None,
    refresh_token=os.getenv("GOOGLE_REFRESH_TOKEN"),
    token_uri="https://oauth2.googleapis.com/token",
    client_id=os.getenv("GOOGLE_CLIENT_ID"),
    client_secret=os.getenv("GOOGLE_CLIENT_SECRET"),
)

creds.refresh(Request())

service = build("blogger", "v3", credentials=creds)

blogs = service.blogs().listByUser(userId="self").execute()

print("\nYour Blogs:\n")
for blog in blogs.get("items", []):
    print(f"Title:   {blog['name']}")
    print(f"Blog ID: {blog['id']}")
    print(f"URL:     {blog['url']}")
    print("-" * 50)

Run it:

python get_blog_id.py

Expected output:

Your Blogs:

Title:   My Awesome Blog
Blog ID: 1234567890123456789
URL:     https://myawesomeblog.blogspot.com
--------------------------------------------------

Add the Blog ID to your .env:

BLOGGER_BLOG_ID=1234567890123456789

📋 Your Final .env File

After completing all 6 steps, your .env file should contain all four credentials:

GOOGLE_CLIENT_ID=123456789012-abcdefghijklmnopqrstuvwxyz.apps.googleusercontent.com
GOOGLE_CLIENT_SECRET=GOCSPX-AbCdEfGhIjKlMnOpQrStUvWxYz
GOOGLE_REFRESH_TOKEN=1//0AbCdEfGhIjKlMnOpQrStUvWxYzAbCdEfGhIjKl
BLOGGER_BLOG_ID=1234567890123456789

⚠ Security Checklist: Before continuing, make sure:

  • Your .env file is listed in .gitignore
  • Your credentials.json file is listed in .gitignore
  • Your token_output.json file is listed in .gitignore
  • None of these files are committed to any public GitHub repository
echo ".env" >> .gitignore
echo "credentials.json" >> .gitignore
echo "token_output.json" >> .gitignore

📊 Credentials Summary

Credential Example Format Step
GOOGLE_CLIENT_ID xxxx.apps.googleusercontent.com Step 4
GOOGLE_CLIENT_SECRET GOCSPX-xxxxxxxxxxxx Step 4
GOOGLE_REFRESH_TOKEN 1//0xxxxxxxxxxxxxxxxxxxx Step 5
BLOGGER_BLOG_ID 1234567890123456789 Step 6

🛠️ Common Issues & Fixes

❌ "This app isn't verified" warning

Fix: Click Advanced at the bottom of the Google warning page, then click Go to [app name] (unsafe). This is expected for apps in test mode.

❌ "Access blocked: App's request is invalid"

Fix: Go back to the OAuth Consent Screen and make sure you have added your email under Test users. Only registered test users can authorize the app.

❌ FileNotFoundError: credentials.json

Fix: Make sure credentials.json is in the same folder as get_refresh_token.py. The file is downloaded from Google Cloud Console → Credentials → your OAuth client → Download JSON.

❌ No refresh_token in output

Fix: Revoke app access from your Google Account Permissions page, then run get_refresh_token.py again. Google only issues a refresh token on the first authorization. Revoking and re-authorizing generates a new one.

❌ "Blogger API has not been used in project"

Fix: Go back to APIs & Services → Library and confirm the Blogger API v3 is enabled for your current project. Double-check you selected the correct project in the top dropdown.

🚀 Next Steps

Now that you have all four credentials in your .env file, you are ready to automate Blogger publishing:

  • Use publish_post.py to publish your first automated blog post
  • Set up GitHub Actions to publish posts automatically on a schedule
  • Combine with an AI API (Gemini, OpenAI) to auto-generate post content
  • Build a full content automation pipeline

👉 Complete Project: See the full working automation code at: github.com/aiocrafters/autoblog-python

✅ Final Thoughts

Getting Google API credentials might seem complex at first, but once you understand the flow it is straightforward:

  • Client ID + Client Secret — identify your app → from Google Cloud Console
  • Refresh Token — enables long-term access without re-login → from the one-time OAuth flow
  • Blog ID — tells the API which blog to use → from Blogger Dashboard or script

Once these four values are in your .env file, your Python automation scripts can publish to Blogger at any time — on a schedule, triggered by events, or integrated into a larger content pipeline.

The refresh token is the key to true automation. Keep it safe, keep it in your .env file, and your scripts will always have access without any manual login required.