OAuth Desktop and Web Application Flows

  • This guide explains how to set up OAuth 2.0 for API access using your own credentials and either the desktop or web flow.

  • You only need to perform these setup steps once unless your credentials are revoked, deleted, or require scope changes.

  • The process involves creating OAuth 2.0 credentials and then setting up your client library by inserting the client ID and secret into your configuration file and running an interactive code example to obtain a refresh token.

  • To get the refresh token, you will visit a generated URL to authorize the application to access your Google Ads account and then copy the returned refresh token into your client library configuration file.

This guide walks you through how to set up OAuth 2.0 for API access using your own credentials and either the desktop flow or the web flow. These steps only need to be done once, unless you revoke, delete, or need to change the allowed scopes for your OAuth 2.0 credentials.

Create OAuth 2.0 credentials

  1. Follow the steps to configure a Google API Console project for the Google Ads API.

  2. Note the client ID and client secret, then come back to this page.

Set up the client library

  1. In your google_ads_config.rb file, insert your client ID and client secret, which you obtained in the previous step.

        c.client_id = INSERT_OAUTH2_CLIENT_ID_HERE
    c.client_secret = INSERT_OAUTH2_CLIENT_SECRET_HERE

  2. In a terminal, run the generate_user_credentials.rb code example.

    ruby generate_user_credentials.rb -P /path/to/client_secrets.json

  3. This code example prompts you to visit a URL where you must authorize the app to access your Google Ads account on your behalf.

          Paste this URL in your browser:
      https://accounts.google.com/o/oauth2/auth?access_type=offline&client_id=****...

    Navigate to the URL in a private browser session or an incognito window. Sign in with the Google Account you use to access Google Ads. Usually, this is a login email to a Google Ads manager account that contains all the accounts you need to manage under its account hierarchy. Click Continue on the OAuth 2.0 consent screen.

    OAuth 2.0 consent screen

    You'll be taken to a page with a message indicating that the authorization succeeded.

    Your refresh token has been fetched. Check the console output for further instructions.

  4. Return to the console where you're running the example. You'll see that the example has completed and is displaying your refresh token and some instructions, followed by the instructions you'll need to follow to configure the client library:

    Your refresh token is: 1/Yw.........................................
Add your refresh token to your client library configuration as described here:
https://developers.google.com/google-ads/api/docs/client-libs/python/configuration

    Copy the refresh token into your google_ads_config.rb file.