Stay organized with collections
Save and categorize content based on your preferences.
This guide walks you through how to set up OAuth 2.0 for API access using your
own credentials and either the desktop flow
or the web flow. These steps only need
to be done once, unless you revoke, delete, or need to change the allowed scopes
for your OAuth 2.0 credentials.
Note the client ID and client secret, then come back to this page.
Set up the client library
In a terminal, run the GenerateUserCredentialsexample. Enter the OAuth 2.0 client ID and client secret
when prompted.
dotnet run GenerateUserCredentials.csproj
This code example opens a URL automatically in the browser. If you aren't signed in to your
browser session, the web page will prompt you to sign in to your Google Account. If you are
already signed in, it will skip the sign-in prompt and redirect you to a URL where you must
authorize the app to access your Google Ads account on your behalf.
Sign in with the Google Account you use to access Google Ads. Usually, this is a login
email to a Google Ads manager account that contains all the accounts you need to manage
under its account hierarchy. Click Continue on the OAuth 2.0 consent screen.
You'll be taken to a page with a message indicating that the authorization
succeeded.
Your refresh token has been fetched. Check the
console output for further instructions.
Return to the console where you're running the code example. You'll see that the code
example has completed and is displaying your refresh token and some instructions, followed by
the instructions you'll need to follow to configure the client library:
Copy the following content into your App.config file.
<add key = 'OAuth2Mode' value = 'APPLICATION' />
<add key = 'OAuth2ClientId' value = '******' />
<add key = 'OAuth2ClientSecret' value = '******' />
<add key = 'OAuth2RefreshToken' value = '******' />
Make sure you also set the LOGIN_CUSTOMER_ID header in your App.config
file. See
the configuration guide to learn more.
<add key = 'LoginCustomerId' value = 'INSERT_LOGIN_CUSTOMER_ID_HERE' />
Generate OAuth2 credentials for interactive applications
If you don't know the Google Ads account to make API calls to in advance, you can
discover it at runtime using the credentials of the signed in user for the
session. See
AuthenticateInAspNetCoreApplication
for an example where the currently signed in user is authenticated and the OAuth2
credentials are obtained at runtime.
[[["Easy to understand","easyToUnderstand","thumb-up"],["Solved my problem","solvedMyProblem","thumb-up"],["Other","otherUp","thumb-up"]],[["Missing the information I need","missingTheInformationINeed","thumb-down"],["Too complicated / too many steps","tooComplicatedTooManySteps","thumb-down"],["Out of date","outOfDate","thumb-down"],["Samples / code issue","samplesCodeIssue","thumb-down"],["Other","otherDown","thumb-down"]],["Last updated 2025-08-20 UTC."],[[["\u003cp\u003eStarting with version 19.0.0, the Google Ads API client library for .NET will no longer support .NET 5.0, requiring an upgrade before the end of 2024 for continued functionality.\u003c/p\u003e\n"],["\u003cp\u003eThis guide explains how to set up OAuth2 for API access using your own credentials, offering two methods: the desktop flow and the web flow.\u003c/p\u003e\n"],["\u003cp\u003eYou can simplify API calls by linking your Google Ads accounts under a single manager account and using the provided example to generate OAuth2 credentials.\u003c/p\u003e\n"],["\u003cp\u003eFor interactive applications where the Google Ads account is unknown beforehand, you can discover it at runtime using the credentials of the signed-in user, as demonstrated in the provided example.\u003c/p\u003e\n"]]],[],null,["This guide walks you through how to set up OAuth 2.0 for API access using your\nown credentials and either the [desktop flow](/identity/protocols/oauth2/native-app)\nor the [web flow](/identity/protocols/oauth2/web-server). These steps only need\nto be done once, unless you revoke, delete, or need to change the allowed scopes\nfor your OAuth 2.0 credentials.\n\nCreate OAuth 2.0 credentials\n\n1. Follow the steps to [configure a Google API Console project for the\n Google Ads API](/google-ads/api/docs/oauth/cloud-project).\n\n2. Note the *client ID* and *client secret*, then come back to this page.\n\nSet up the client library The following steps run an interactive code example, which will require you to provide input.\n\n1. In a terminal, run the [`GenerateUserCredentials`](https://github.com/googleads/google-ads-dotnet/blob/main/Google.Ads.GoogleAds/examples/Authentication/GenerateUserCredentials)example. Enter the OAuth 2.0 client ID and client secret\n when prompted.\n\n ```\n dotnet run GenerateUserCredentials.csproj\n ```\n2. This code example opens a URL automatically in the browser. If you aren't signed in to your\n browser session, the web page will prompt you to sign in to your Google Account. If you are\n already signed in, it will skip the sign-in prompt and redirect you to a URL where you must\n authorize the app to access your Google Ads account on your behalf.\n\n Sign in with the Google Account you use to access Google Ads. Usually, this is a login\n email to a Google Ads manager account that contains all the accounts you need to manage\n under its account hierarchy. Click **Continue** on the OAuth 2.0 consent screen.\n\n You'll be taken to a page with a message indicating that the authorization\n succeeded. \n\n ```\n Your refresh token has been fetched. Check the\n console output for further instructions.\n ```\n3. Return to the console where you're running the code example. You'll see that the code\n example has completed and is displaying your refresh token and some instructions, followed by\n the instructions you'll need to follow to configure the client library:\n\n Copy the following content into your App.config file.\n\n \u003cadd key = 'OAuth2Mode' value = 'APPLICATION' /\u003e\n \u003cadd key = 'OAuth2ClientId' value = '******' /\u003e\n \u003cadd key = 'OAuth2ClientSecret' value = '******' /\u003e\n \u003cadd key = 'OAuth2RefreshToken' value = '******' /\u003e\n\n Make sure you also set the `LOGIN_CUSTOMER_ID` header in your `App.config`\n file. See [the configuration guide](/google-ads/api/docs/client-libs/dotnet/configuration#settings) to learn more. \n\n ```\n \u003cadd key = 'LoginCustomerId' value = 'INSERT_LOGIN_CUSTOMER_ID_HERE' /\u003e\n ```\n\n Refer to the [configuration guide](/google-ads/api/docs/client-libs/dotnet/configuration) for\n alternate configuration options.\n\nGenerate OAuth2 credentials for interactive applications\n\nIf you don't know the Google Ads account to make API calls to in advance, you can\ndiscover it at runtime using the credentials of the signed in user for the\nsession. See\n[`AuthenticateInAspNetCoreApplication`](https://github.com/googleads/google-ads-dotnet/tree/HEAD/Google.Ads.GoogleAds/examples/Authentication/AuthenticateInAspNetCoreApplication)\nfor an example where the currently signed in user is authenticated and the OAuth2\ncredentials are obtained at runtime."]]