Authorize access to your merchant account

You can use a service account to authorize Merchant API access to your own merchant account. See authorize third-party app access to merchant accounts if your app needs to access your clients' merchant accounts.

A service account is a special kind of account, typically used by an application rather than a person. A service account is identified by its email address, which is unique to the account.

You need to have a merchant account before you can create a service account.

Create a service account

Generate service account credentials, or access the public credentials you've already generated, then create an OAuth 2.0 Client ID:

  1. Go to the Google API Console.
  2. Select a project in the drop-down menu at the top of the page, or click NEW PROJECT to create one.
  3. Search for Merchant API in the list of Google APIs, and make sure it's enabled for this project.
  4. Click Manage.
  5. In the sidebar on the left, select Credentials. You might need to click the left-pointing arrow at the top left of the page to see Credentials.
  6. Select CREATE CREDENTIALS, then Service account.
  7. Name the service account. This is the default username for the service account ID. Save the service account ID, including the part after the '@' character, for later use.
  8. Click CREATE, go through the optional steps to grant access to the project and users, then click DONE.

Get a JSON private key

Generate a JSON private key for your service account in the in the Google API Console:

  1. Click the service account, then select the KEYS tab.
  2. Click ADD KEY > Create new key.
  3. Select JSON as the key type.
  4. Click CREATE to download the private key. Note: You can only download the privage key when it's created. You can't come back to this step later.

Give the service account access to your merchant account

Add the new service account as a user to your merchant account:

  1. Sign in to Merchant Center.
  2. Click Account Access in your account settings.
  3. Click + Add user, and use your service account ID as the email address for the new user.

    If you didn't save your service account ID, go to the Service Accounts administration page, and select your project.

  4. Specify the User access and Email notifications preferences for the service account.

  5. Click Add user to save your preferences and return to the list of users. The service account ID should now be listed with the chosen user role.

You can repeat these steps for all service accounts that need to access your merchant account data.

Frequently asked questions

Can I sign in to the Merchant Center UI with my service account?
No, service accounts aren't regular Google accounts and can't access the Merchant Center UI.
How often do I need to refresh service account access tokens?
Access tokens expire one hour after they're issued by the Google OAuth 2.0 Authorization Server. When an access token expires, the application should use the client library to fetch another access token. To manually refresh your token, delete the stored-token.json file and re-authenticate.