When your application requests private data, the request must be authorized by an authenticated user who has access to that data.
When your application requests public data, the request doesn't need to be authorized, but does need to be accompanied by an identifier, such as an API key.
Your application needs to identify itself every time it sends a request to the Google Ad Experience Report API, by including an API key with each request.
Acquiring and using an API keyGet a Key
Or create one in the Credentials page.
After you have an API key, your application can append the query parameter
key=yourAPIKey to all request URLs.
The API key is safe for embedding in URLs; it doesn't need any encoding.