Hi Nakul, As Kevin mentioned, yes, ClientLogin is deprecated, and there's a 3 year deprecation policy for Google Apps. Google Apps and Google AdWords are however two different products guided by different deprecation policies, so AdWords may decide to drop support for ClientLogin at an earlier date. As of now we don't have a roadmap to share for deprecating ClientLogin in AdWords API, but you should consider looking at OAuth2 for long term.
Also, use of ClientCustomerId and authentication mechanism (ClientLogin / OAuth2) are unrelated. To confirm, AdWords API requires 2 set of items to make calls successfully: 1. Authentication: This could be OAuth2 access token or an authToken from ClientLogin API. 2. ClientCustomerId: This is the customerId of the account being operated on. This is not required if the AuthToken / OAuth2 access token corresponds to an Advertiser account, but if you are operating on an account without login or if the authToken / accessToken corresponds to an MCC and you are operating on a child account, then you require this header. Hope this helps. Let me know if you have more questions. Cheers, Anash P. Oommen, AdWords API Advisor. On Friday, 21 September 2012 13:27:04 UTC+5:30, Nakul Ringshia wrote: > > Thanks Kevin > > As per https://developers.google.com/accounts/docs/AuthForInstalledApps, > Google will continue to provide support for ClientLogin. Also as per the > deprecation policy https://developers.google.com/accounts/terms, Google > says that the support will be provided will 2015. *Can you please confirm > my understanding?* > > *Also just to confirm that we are on the same page, when we say > ClientLogin, we are referring to using the ClientCustomerId. *Are there > any posts/links that mention that support for email and password no longer > work but client customer id will. > > I am also attaching a word document capturing the screenshots from links > mentioned above. > > Nakul Ringshia > > > > On Thursday, September 20, 2012 9:48:34 PM UTC+5:30, Kevin Winter wrote: >> >> Hi Alexander, >> Unfortunately, another team manages ClientLogin, so I can't speak with >> authority. Here's the blog post announcing the deprecation: >> http://googledevelopers.blogspot.com/2012/04/changes-to-deprecation-policies-and-api.html >> >> We'll probably provide support in the AdWords API until sometime before >> the actual deprecation, but we do recommend people look into OAuth2 for the >> long term. >> >> We've published code examples demonstrating OAuth2 with all the >> libraries, see here for java: >> https://code.google.com/p/google-api-ads-java/source/browse/examples/adwords_axis/src/main/java/adwords/axis/v201206/misc/OAuth2Example.java >> >> All of these examples demonstrate the OOB method. We've published a few >> sample web apps to demonstrate the web server flow. >> >> Many developers in your situation opt to write a one-off utility that >> performs the OOB flow once and stores the credentials for later reuse. >> With a refresh token, you can obtain a new AccessToken as many times as >> you need (as long as the user doesn't revoke it). >> >> - Kevin Winter >> AdWords API Team >> >> On Thursday, September 20, 2012 11:30:09 AM UTC-4, Nakul Ringshia wrote: >>> >>> Thanks Kevin >>> >>> I tried setting the ClientCustomerId in the request header and that >>> worked!!!. I think using this approach makes sense (there's still some work >>> that I will need to do - calling the managed service account to get the >>> client id based on the email). >>> >>> One key factor that will determine if our application will continue to >>> use the client login would be how long will it continue to remain available >>> - I am guessing that it will continue to remain operational post the >>> v201109 sunset date of Oct 26 2012. Would you be able to confirm how long >>> beyond that will it (ClientLogin (using client customer id)) be available? >>> >>> Regarding the OAuth questions - Can you please provide links/samples for >>> OOB? Also, I would like reiterate that our application does not have any >>> user interaction at all - So I am still not sure how the authorization code >>> will be fed to the application? >>> >>> Nakul Ringshia >>> >>> On Wednesday, September 19, 2012 11:14:49 PM UTC+5:30, Kevin Winter >>> wrote: >>>> >>>> This is slightly inaccurate. The error message refers to the use of >>>> clientEmail to identify which account is being targeted with a request. >>>> You'll need to specify a clientCustomerId instead (which can be retrieved >>>> with the ManagedCustomerService as mentioned below. You don't have to >>>> authenticate with an MCC account, but many people do. >>>> >>>> ClientLogin, which is the authentication mechanism using email and >>>> password, was deprecated. We do recommend using OAuth2 rather than >>>> ClientLogin where possible, but ClientLogin should work for a while yet. >>>> >>>> Regarding the OP's questions: >>>> >>>> 1. No, the intent is that each software application has it's own entry. >>>> You could just use one for all your projects - it just affects what is >>>> displayed to the user when they are asked to authorize your application to >>>> use their account. >>>> >>>> 2. I believe yes, you'll want to use the Out Of Band flow (in which >>>> they visit the URL in a browser and copy and paste the authorization code >>>> to your application). >>>> >>>> 3. As I mentioned in 2, you can generate the Authorization URL with the >>>> Out Of Band (OOB) redirect URI, ask the user to visit the URL and copy and >>>> paste the code into your application (after they click authorize, they'll >>>> get a code to send to you). >>>> >>>> - Kevin Winter >>>> AdWords API Team >>>> >>>> On Wednesday, September 19, 2012 8:43:19 AM UTC-4, Alexander Nitschke >>>> wrote: >>>>> >>>>> You can use OAuth 2.0 but it isn't really necessary. Your assumption >>>>> regarding OAuth2 with v201206 is wrong as the old login still works. What >>>>> doesn't work is the login as a simple client, only logins as MCC will >>>>> work >>>>> with v201206. So you have to login into the MCC, and then change the >>>>> ClientID to the one you need (you will have to have a list of AccountIDs >>>>> ready for that, but that's true for OAuth2 as well). >>>>> >>>>> My apologies in advance if there are errors in my text, I'm just >>>>> trying to prevent you from doing a lot of unneccary work. >>>>> >>>>> Best, Alexander >>>>> >>>> -- =~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~ Also find us on our blog and discussion group: http://adwordsapi.blogspot.com http://groups.google.com/group/adwords-api =~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~ You received this message because you are subscribed to the Google Groups "AdWords API Forum" group. To post to this group, send email to adwords-api@googlegroups.com To unsubscribe from this group, send email to adwords-api+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/adwords-api?hl=en
