Creating an authorization file (2025 edition)
Go to https://console.cloud.google.com and login using your regular google account, specifically the one you have your photo albums in.
Click the project button in the top bar
In the dialog that opens, click on "New project"
Name your project, for example "Photoframe" and click "Create"
The screen will change and a popup in the right corner will show that google is processing your request
When done, select the project by clicking "Select Project"
First confirm that the top bar shows that your project is selected
Next click on the "hamburger" menu (the three horizontal lines in the top left corner) which will open up a menu, in this menu, pick APIs & Services > Enabled APIs & services
In the new screen, click "Enable APIs and services"
Type "Photos" in the search box and hit enter, next click the "Google Photos Library API".
In the new screen, click "Enable" to turn on the API
Now that we have added the API, click on "OAuth consent screen"
This will (these days) take you to a new view called "Google Auth Platform / Overview" and you now need to click on "Get started" in the middle of the screen.
This will lead you to a wizard which needs to be filled in. In the "App name", pick whatever you want, I'd recommend "Photoframe". In the "User support email", select your google email from the dropdown.
Once you do, the "Next" button will light up and you can click it.
The next step is important, you need to select the audience. Unless you're paying for Google Workspace, you can only pick "External", which is what we'll do in this guide 😉
After selecting that, click "Next" again.
At this point, you must provide another email, this is a contact email if google needs to get hold of you. I'd recommend using the same email as above (ie, your gmail address) and click on "Next".
Finally, you need to agree to Google API Services: User Data Policy. Once you've read and understood it, of course 😉 .
Check the box and click "Continue" which will now let you click "Create". Please do so.
This drops you back in the Overview, from which you can now click "Create OAuth client".
On the new screen, click the "Application type" dropdown box and pick "Web application".
This will bring up additional fields, I'd recommend naming this credential something like "Photoframe", if you use multiple photoframes, youMUST create additional client IDs, you CANNOT reuse a client ID between two frames, it will cause a conflict and in the end, only ONE frame will work properly.
I cannot stress this enough, ONE CREDENTIAL PER FRAME
You also need to add an "Authorized redirect URIs" entry, set to point to https://photoframe.sensenet.nu. This is what makes OAuth2.0 work, you can read more about how that is and what photoframe.sensenet.nu does.
In the end, your screen should look something like this:
Click on "Create" and you'll see this dialog (don't worry, this is only for demo purposes, this ID doesn't exist anymore).
Click on "Download JSON" to get your authorization file.
But we're not done yet.
A neat thing with OAuth is that you can decide on how much access a set of credentials will have. And we need to ensure we give the correct access to the frame.
If you still have the popup with the Client ID from the previous step, click on "OK" to dismiss it.
Next, click on "Data Access"
On the new screen, click on "Add or remove scopes"
The one scope we need is called ../auth/photoslibrary.readonly. Select that and click "Update" (use the Filter to quickly find the photo library scopes).
Now you should have ONE entry under "Your sensitive scopes" that says ../auth/photoslibrary.readonly. If you do, click "Save".
Almost done, we also need to assign WHO can use this app, so let's click on "Audience".
Next, click on "Add users" in the middle of the screen.
And on the new dialog, add your own google email address and click "Save"
Now you should have ONE user who is allowed to use the app.
At this point, you're done.
Go to your photoframe's address on your local network and add a new "Google Photos" provider.
Give it a good name (or just accept the default) and click "OK"
Now, let's authorize it
In the file dialog that opens, pick the downloaded JSON file from prior steps and click "Open" (or similar) to continue.
You're now taken to a new dialog (from Google) that asks you to pick a google account before continuing to "sensenet.nu". Pick the account with the photos you want (and that you just added as an audience).
You'll get a fat warning that "Google hasn't verified this app" which is fine, we just created it and are the only users, so click "Continue"
You get another warning screen about "sensenet.nu wants to access to your Google Account". This is actually not, strictly speaking, true. This is the https://photoframe.sensenet.nu service which essentially acts as a bridge so we can perform OAuth with your frame. Click "Continue".
For the eagle eyed ones around us, they'll notice that we very briefly landed on "photoframe.sensenet.nu" with a very long URL, this is the transfer of information needed for OAuth. What photoframe.sensenet.nu does is redirecting your browser back to your frame, passing on the OAuth secret so your frame now has access to Google Photos.
photoalbum.sensenet.nu only records the local IP of your frame for 10min to allow this redirect to happen, everything else is ignored.
At this point, you should see this in the photoframe.
Test that the link works by typing the name of the an album that you own, you cannot use albums shared with you, only albums you've created (new restriction from Google which took effect March of 2025). The GooglePhotos provider is case insensitive.
Once the frame confirms that the album exists, it will update to reflect this and also start pulling photos
