Building a no-code CRM? How to save $15,000
Did you know that if you're planning to use the Gmail API in Bubble.io you may be subject to a security audit costing more than $15,000! Source: OAuth API Verification FAQs
Unlock CRM power without Gmail API: Learn how to build your own AI assistant for email using alternative services.
Save $15,000 on CRM development: Discover a cost-effective way to create a custom CRM with Bubble.io without expensive API integrations.
Avoid Google's restrictive content policies: Build a robust email inbox system using Postmark API for seamless send and receive functionality.
Building a CRM with Bubble: Navigating Gmail API Restrictions
If you're building a CRM with Bubble, then this video is for you because I want to talk about something I posted on the Bubble forum back in January 2021. It's about the Gmail API restrictive content and Google security audit, and the huge cost involved. In a nutshell, if you want to access a Gmail user's inbox, you have to jump through a load of hoops to confirm that you're using that data in a secure and proper way.
The Challenges of Using Gmail API in Bubble Apps
As a consumer, it's quite a relief that Google is being protective of that data. But effectively, what that means is that if you're planning on using the Gmail API and you want to build something that is an external application, not just for internal use in your business, then you could be faced with a $1,000 or more fee to conduct a security audit.
The Gray Area of Security Audits for Bubble Apps
I've had a quick look through the Bubble forum this morning, and it's a bit of a gray area. How much of a security audit could an external security company conduct on your Bubble app? You then have access to the AWS elements. It's a bit of a mystery box. Well, it's not a mystery box, but how much can you actually comply with an auditor when auditing your app? There's a bit of a discussion going on, and every few months I get a message about this asking if I came up with a solution.
An Alternative Solution: Using Help Scout
The solution I'd recommend is that you go down the route of a service like Help Scout. Help Scout is a helpdesk SaaS application. They're very good; I've used them in the past. They let you send and receive email through an inbox in their application. Last time I checked, they don't use the Gmail API because they use a service called Postmark, which is a transactional and marketing email API.
Building Your Own Inbox with Postmark API
Postmark allows you to send and receive emails. By using an API service like Postmark, you can build your own inbox in your Bubble app for your users. The emails aren't actually going into a Gmail or Google Workspace inbox at all. They're all handled through your app, and you can set up domain verification so that the outbound emails are legit. They come under the authority and identity of your users. You can do all of that through the Postmark API, inbound and outbound.
How Other CRMs Handle Email Integration
This is exactly how services like Help Scout work. In fact, in my experience looking through different CRMs, if they don't offer a Gmail integration, they're probably using a solution like this with Postmark to send and receive emails.
Considerations When Building Your Own Inbox
A few caveats on this: if you are making your own inbox and it's not going through Gmail, then your users are not actually getting the messages themselves. The messages are only going to be found on your Bubble application. You might want to consider how easily, if at all, you can export those messages so that if a user leaves your service, they're not having to leave without access to any of the email inbound or outbound that they created or received while using your app.
Google's OAuth API Verification Process
I'll just point out what I was referring to earlier. This is the page on Google about OAuth API verification. It's been updated more recently than when I last checked it, and I can't find the mention of this $15,000 fee. But what I could find is that it's conducted by an external auditor and that there are costs involved. Maybe they're deliberately obscuring the costs even more now.
Conclusion: Alternatives to Gmail API for Bubble Apps
Unless you've got deep pockets, I think you're going to struggle to use the Gmail API with a Bubble app. The alternative I'd recommend is to use Postmark and basically set up your own inbound/outbound inbox email service. So yeah, if you're learning Bubble, this is something to keep in mind when building email functionality into your CRM.
Can't find what you're looking for?
Search our 300+ Bubble tutorial videos. Start learning no code today!
3 ways we support solopreneurs
Our team is here to help, with a combined 30+ years working for internet startips.
Learn Bubble
Explore our library of 300+ Bubble and no code tutorial videos. Watched by over 800k no coders on YouTube.
Bubble Coaching
Troubleshoot your Bubble app and build new no code features with our in house Bubble expert.
Mastery
Ready to take your SaaS idea to the next level? Join our exclusive Mastery program for personalised content & mentoring.