OAuth Playground

Another option for generating OAuth2 credentials is to use the OAuth2 Playground. The OAuth2 Playground, in conjunction with the Google API Console, allows you to manually create OAuth2 tokens.

The OAuth2 Playground is for users who only need to access the accounts for a single manager account or Google Ads user. If you need to prompt multiple users for credentials, it is likely better to Configure a client library for OAuth in the Google Ads API.

Get a client ID and client secret

If you do not have an existing cloud project:

Open the Google API Console Credentials page.
From the project drop-down, select an existing project or create a new one.
On the Credentials page, select Create credentials, then select OAuth client ID.
Under Application type, choose Web application.
Under Authorized redirect URIs, add a line with: https://developers.google.com/oauthplayground
Click Create.
On the Client ID page, take note of the client ID and client secret. You'll need these in the next step.

If you have an existing cloud project, you can reuse it by setting the Authorized redirect URIs as above.

Generate tokens

Go to the OAuth2 Playground, (using this link should pre-populate some key values for you).
Click the gear icon in the upper right corner and check the box labeled Use your own OAuth credentials (if it isn't already checked).
Make sure that:
- OAuth flow is set to Server-side.
- Access type is set to Offline (this ensures you get a refresh token and an access token, instead of just an access token).
Enter the OAuth2 client ID and OAuth2 client secret you obtained above.
In the section labeled Step 1 - Select & authorize APIs, enter the following URL in the text box at the bottom, if it's not already there, then click Authorize APIs:

https://www.googleapis.com/auth/adwords
If prompted, sign in to the account to which you want to grant access and authorization. Otherwise, confirm that the current Google user in the top right corner is the Google Ads or manager account for whom you want to obtain credentials.

If you got your client ID and secret only a few minutes ago, and you get an error such as Error: redirect_uri_mismatch, it's possible the changes you made haven't yet propagated. Click the back button in your browser, wait a few minutes, then try clicking Authorize APIs again.
A prompt appears indicating your app would like to Manage your Google Ads Campaigns. Click Accept to continue.
In the tab labeled Step 2 - Exchange authorization code for tokens, an Authorization code should appear. Click Exchange authorization code for tokens.
If all goes well, the Refresh token and Access token should be filled in for you (you may have to re-expand Step 2 - Exchange authorization code for tokens):
Copy the Refresh token into the configuration file for your client library of choice, along with the client ID and client secret.
Configure a client library for OAuth in the Google Ads API.

Remove the OAuth2 Playground from your client ID

Now that you have a refresh token, you no longer need the OAuth2 Playground to be an authorized redirect URI. To remove it from the list of authorized redirect URIs:

Go to the Google API Console Credentials page.
From the project drop-down, select your project.
On the Credentials page, click the client ID name to edit.
Remove https://developers.google.com/oauthplayground from the Authorized redirect URIs. Note that you must leave at least one redirect URI in place.
Click Save.