Hello, Unfortunately, my team can't make the judgment about whether your tool needs to follow the RMF, or whether your tool qualifies. If you have questions that aren't answered by the RMF document, you will need to contact the compliance team. There are instructions on how to do this in the RMF guide I linked, but I've coped them here as well.
If you're not sure whether the RMF policy applies to your tool, contact the > AdWords API Compliance team > <https://services.google.com/fb/forms/apicontact/>. The AdWords API > Compliance team will decide whether your tool is full-service or not. Your > tool may be reevaluated if the functionality changes significantly. > As for using installed application, as the guide mentions, the user interaction in a browser happens *only once, during development*. Think of this as setting up your environment for development. At the time that the tool you write is used, the end user doesn't have to do any authentication. The Get Started guide has a section <https://developers.google.com/adwords/api/docs/guides/start#installed_vs_web_application> dedicated to explaining this. Using installed application flow exactly meets your stated requirements. Regards, Mike, AdWords API Team On Thursday, November 12, 2015 at 4:27:43 AM UTC-5, r...@subseo.de wrote: > > hi there, > > thanks for those links. we have reviewed those, and we still have > questions. specifically, the rmf guide mentions that tools offering very > limited and specialized functionality do not have to meet any creation and > management requirements, but then goes on to suggest that tools providing > data related to the TrafficEstimatorSerive have to provide ALL > functionality listed in the rmf table: so if all we want to do is query > that service for two values, which of these recommendations do we adhere > to? were we to provide access to our tool to anonymous third parties, it > wouldnt be strictly for internal use, what would our requirements be in > this case? > > which leads to my confusion about your answer to my second question. you > mention that we should implement the application flow of authentication, > but the documentation indicates that in this model the user does indeed > have to manually authenticate via a login screen. only once, i get that, > but in our case even once would not be acceptable. is not what we really > want a service account for authentication where credentials are read from a > file accessible only by our tool? > > i should mention that this tool will run on php, browser-based. thanks > for all your help. > > kind regards, > -rob > -- -- =~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~ Also find us on our blog and Google+: https://googleadsdeveloper.blogspot.com/ https://plus.google.com/+GoogleAdsDevelopers/posts =~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~ You received this message because you are subscribed to the Google Groups "AdWords API Forum" group. To post to this group, send email to adwords-api@googlegroups.com To unsubscribe from this group, send email to adwords-api+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/adwords-api?hl=en --- You received this message because you are subscribed to the Google Groups "AdWords API Forum" group. To unsubscribe from this group and stop receiving emails from it, send an email to adwords-api+unsubscr...@googlegroups.com. Visit this group at http://groups.google.com/group/adwords-api. To view this discussion on the web visit https://groups.google.com/d/msgid/adwords-api/cf2f8006-457d-48df-995e-0f6314685074%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
