google ads API authentication failed - "PERMISSION_DENIED"

0
votes

My question is the same as described here: How to set request header in google ads api but I'm still facing the problem.
I'm trying to make an API call to google ads. I tried Rest API as well as google.ads.google_ads library. Both ways fail. I followed all Oath2 steps and got all ids, tokens, secrets, etc. The Rest API call is :

refresh_token = MY_REFRESH_TOKEN
customer_id = 7868******
developer_token = MY_DEVELOPER_TOKEN
access_token =  MY_ACCESS_TOKEN
url = 'https://googleads.googleapis.com/v6/customers/{}/campaignBudgets:mutate'.format(customer_id)

headers = {'developer-token':developer_token,"Authorization": "Bearer {}".format(access_token),'login-customer-id':'2693******',"Content-Type": "application/json"}
response = requests.post(url,headers = headers)
print(response.text)

and this is the response:

{
  "error": {
    "code": 401,
    "message": "Request had invalid authentication credentials. Expected OAuth 2 access token, login cookie or other valid authentication credential. See https://developers.google.com/identity/sign-in/web/devconsole-project.",
    "status": "UNAUTHENTICATED"
  }
}

Why? I provided an access token.

I also tried the "google-ads" code I found in the documentation:
https://developers.google.com/google-ads/api/docs/reporting/example
I generated a googleads.ymal file, with the following content:

developer_token: MY_DEVELOPER_TOKEN
user_agent: MY_COMPANY_NAME
client-id: 7868******
login-customer-id: 2693******
client_id: MY_CLIENT_ID
client_secret: MY_CLIENT_SECRET
refresh_token: MY_REFRESH_TOKEN

and this is what I get:

Error with message "User doesn't have permission to access customer. Note: If you're accessing a client customer, the manager's customer id must be set in the 'login-customer-id' header

and again I don't understand why. My user was the one to generate all login details, and it has access to the manager account, which listed as "login-customer-id".

Can anyone shed some light?

Thanks

2
google-oauthgoogle-ads-api

2 Answers

0
votes

If you are using RestAPI to integrate Google Ads API, try testing this first using postman to make your you are getting response before developing a code in any language.

Follow the following steps to generate the authentication token in postman

  1. Set the request URL to https://www.googleapis.com/oauth2/v3/token

  2. Method should be POST

  3. check x-www-form-urlencoded in body section and fill the following Key: grant_type Value: refresh_token Key: client_id Value: your client id Key: client_secret Value: your client secret Key: refresh_token Value: your refresh token

You are all setup to generate authentication token. Click send button to send request to receive access token (See the picture below). enter image description here Now create another request with your endpoint and use the generated access token in this request.

In this example, I am using endpoint to get customers.

  1. Set URL to https://googleads.googleapis.com/v6/customers/your client customer id without hyphen.
  2. Method Get
  3. set Headers Key: Authorization Value: Bearer access token you generated above Key: developer-token Value: your developer token Key: login-customer-id Value: Manager Account customer ID without hyphen

Once you get 200 response with customer details, start developing the code.

0
votes

Do you have admin access to the manager account?