Guides Migration Reference Reports Libraries & Examples Support & Policies
Google Ads API is returning to beta status. Please read our blog post for more details.

OAuth Web Application Flow

This guide will walk you through how to setup OAuth2 for API access using your own credentials using web application flow. These steps only need to be done once, unless you revoke, delete, or need to change the allowed scopes for your OAuth2 credentials.

Step 1 - Creating OAuth2 credentials

Generate a client ID and secret by following the linked instructions, then come back to this page.

Step 2 - Setting up the client library

  1. In your google-ads.yaml file, insert your client ID and secret.

    client_id: INSERT_OAUTH2_CLIENT_ID_HERE
client_secret: INSERT_OAUTH2_CLIENT_SECRET_HERE

  2. Go back to the Credentials page where you retrieved your client ID and client secret and click the button on the right-hand side of the screen to download your credentials as a JSON file. Save that file on your machine in a location that's easy to remember, such as in your $HOME directory.

  3. If you haven't already, clone the client library from GitHub and install its dependencies by running the below commands from a terminal. It's recommended that you conduct these steps from within a virtual environment. For more information see the Virtual Environment documentation.

    $ git clone git@github.com:googleads/google-ads-python.git
$ cd google-ads-python
$ pip install .

  4. Once you've installed the library and its dependencies you can optionally run the tests just to make sure everything is set up properly:

    $ python setup.py test

  5. Next, navigate to the OAuth2 example, authenticate_in_web_application.py.

    $ cd examples/authentication

  6. Run this example via the command line, passing in the absolute path to the JSON file generated earlier.

    $ ./authenticate_in_web_application.py --client_secrets_path=/path/to/secrets.json

  7. The example will prompt you to visit a URL where you will need to allow the OAuth2 credentials to access your Google Ads account on your behalf.

    • Navigate to the URL in a private browser session or an incognito window.
    • Log in with the same Google account you use to access AdWords.
    • Click Allow on the OAuth2 consent screen.

    Consent screen allow

  8. An authorization code will be shown to you. Copy and paste the verification code into the command line where you're running the authenticate_in_web_application.py example and press enter. The example should complete and display an offline refresh token.

    Authorization code

    After approving the token enter the authorization code here: ****

Your refresh token is: ****

  9. Copy the generated refresh token into your google-ads.yaml or save it somewhere else to use it to instantiate the library at runtime.