Skip to content
This repository has been archived by the owner on Dec 14, 2022. It is now read-only.

API access on behalf of your clients (web flow)

Jump to bottom
sundquist edited this page Sep 20, 2018 · 3 revisions

This guide will walk you through how to setup OAuth2 for API access on behalf of your clients using web flow.

Step 1 - Creating OAuth2 credentials

Follow the steps for the product you're using to generate a client ID and secret, then come back to this page.

  • Google Ads
  • Note: For Application Type choose Web application.

In the place that you generated your credentials, there is a section called Authorized redirect URIs. In the OAuth2 web flow process, the user will be redirected to a URI on your web server, where you will need to be listening to intercept a code. Add a URI to the list, and save.

Step 2 - Setting up the client library

The Perl library has a full example called authenticate_with_web_flow.pl that shows how to spin up a web server that can log in an Google Ads user.

  • Under the OAuth2 section of your adwords.properties file, insert your client ID and secret. Enter the same redirect URI that you added in the previous step.

    oAuth2ClientId=INSERT_OAUTH_CLIENT_ID_HERE
oAuth2ClientSecret=INSERT_OAUTH_CLIENT_SECRET_HERE
oAuth2RedirectUri=INSERT_REDIRECT_URI_HERE

In the example, the redirect URI is http://<server>:8080/login-complete where <server> is the fully qualified domain name of your server where this is running. Make sure that this is set both in your adwords.properties file and under Authorized redirect URIs in Step 1.

  • To use the example:
  • Start the script, and make note of the PID of the web server.
  • Open a web browser to http://localhost:8080/login
  • Follow the prompts using the email address of the Google Ads account where you want to allow access.

Consent screen allow

  • The Perl example will receive back a code from the OAuth2 server that is then exchanged for an access token and a refresh token. This is the point in your own application where you would save off the refresh token and the customer information in order to allow both continued and offline access for your application. This simple example only displays the refresh token in the browser.
  • When you're done with the example, you can kill the web server with the PID that was provided when the web server was brought online.
Clone this wiki locally