Authentication

All DFP API calls must be authorized through OAuth2, an open standard that allows users to grant permissions to third-party applications, so the application can interact with web services on the user's behalf. OAuth2 enables your DFP API client application to access a user's DFP account without having to handle or store the user's username or password.

Generate OAuth2 credentials

Perform the following steps to generate the OAuth2 credentials.

1. Determine your authentication type

Check the table below to see which authentication type is most appropriate for your DFP API application:

Choose your OAuth2 authentication type
Service account

Choose this if you only need access to your own DFP data.

Learn more.
Web application

Choose this if you want to authenticate as any user who grants permission to your application to access their DFP data.

Learn more.

2. Create OAuth2 credentials

Once you've determined your authentication type, click the corresponding tab below and follow the instructions to generate the OAuth2 credentials:

Service Account
  1. Open the Google Developers Console Credentials page.
  2. From the project drop-down, choose Create a new project, enter a name for the project, and optionally, edit the provided Project ID. Click Create.
  3. On the Credentials page, select Create credentials, then select Service account key.
  4. Select New service account, and select either JSON or P12 key type. JSON is currently supported for the Java, .NET, Ruby, and PHP Beta client libraries; all others should use P12.
  5. Click Create to download a file containing a private key.
Web application
  1. Open the Google Developers Console Credentials page.
  2. From the project drop-down, choose Create a new project, enter a name for the project (and optionally, edit the provided Project ID), and click Create.
  3. On the Credentials page, select Create credentials, then select OAuth client ID.
  4. You may be prompted to set a product name on the Consent screen; if so, click Configure consent screen, supply the requested information, and click Save to return to the Credentials screen.
  5. Select Web Application for the Application Type. Follow the instructions to enter JavaScript origins, redirect URIs, or both.
  6. Click Create.
  7. On the page that appears, copy the client ID and client secret to your clipboard, as you will need them when you configure your client library.
Client ID and client secret screenshot

3. Configure your DFP network

If you are a third party developer, you may need to have your client do this step for you.

Service Account
  1. Go to your DoubleClick for Publishers network.
  2. Click the Admin tab.
  3. Ensure that API access is enabled.
  4. Click the Add a service account user button.
  5. Fill in the form using the service account email.
  6. Click on the Save button. A message should appear, confirming the addition of your service account.
  7. View existing service account users by going to the Users tab and then clicking the Service Account filter.

4. Configure and use a client library

Follow the appropriate guide below to use the credentials in your client library:

If you choose not to use one of our client libraries, you'll need to implement the OAuth2 service account or web app flow yourself.

Behind the scenes

Our client libraries automatically take care of the details covered below so only read on if you're interested in what's happening behind the scenes. This section is intended for advanced users who are already familiar with the OAuth2 specification and know how to use OAuth2 with Google APIs.

Send feedback about...

DoubleClick for Publishers
DoubleClick for Publishers
Need help? Visit our support page.