How to allow MCC accounts to access their adwords account data via our Adwords API [PHP]
We have an adwords API key and I want our system to allow other clients to access their MCC account data using our platform. I would do this in any method possible, OAuth, adwords client library, google apps. I know this is possible because I have seen other software that does this. If anyone knows how to achieve this via PHP, that would be great. Basically, someone would login to their MCC via our platform, and access their adwords data. Thank you anyone, in advance. I appreciate your time and effort. -- -- =~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~ Also find us on our blog and discussion group: http://googleadsdeveloper.blogspot.com http://groups.google.com/group/adwords-api =~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~ You received this message because you are subscribed to the Google Groups "AdWords API Forum" group. To post to this group, send email to adwords-api@googlegroups.com To unsubscribe from this group, send email to adwords-api+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/adwords-api?hl=en --- You received this message because you are subscribed to the Google Groups "AdWords API Forum" group. To unsubscribe from this group and stop receiving emails from it, send an email to adwords-api+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/groups/opt_out.
How to authenticate anyone ADWORDS API OAuth2 PHP
I keep getting, AuthorizationError.USER_PERMISSION_DENIED What is the point of them logging in, if you need to get their permission again. I want anyone to be able to access their adwords account, via our platform. Like so many other apps and websites do. I have refresh tokens and I can access my own account just fine, but with other account logins, I get this error AuthorizationError.USER_PERMISSION_DENIED It make the app pointless, if I have to manually add ever client in and then allow them to login. So many apps allow this kind of access. How is it possible? I made a google app, that has a google login authorization prompt screen, then once the user consents, the login is successful but I can not access their data. Im stuck in a circle and its driving me crazy. Please HELP! -- -- =~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~ Also find us on our blog and discussion group: http://googleadsdeveloper.blogspot.com http://groups.google.com/group/adwords-api =~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~ You received this message because you are subscribed to the Google Groups "AdWords API Forum" group. To post to this group, send email to adwords-api@googlegroups.com To unsubscribe from this group, send email to adwords-api+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/adwords-api?hl=en --- You received this message because you are subscribed to the Google Groups "AdWords API Forum" group. To unsubscribe from this group and stop receiving emails from it, send an email to adwords-api+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/groups/opt_out.
Re: How to authenticate anyone ADWORDS API OAuth2 PHP
My code is as follows:
AUTH PAGE
$clientId = "PROVIDED_HIDDEN";
$clientSecret = "PROVIDED_HIDDEN";
$access = "PROVIDED_HIDDEN";
$refresh = "PROVIDED_HIDDEN";
$callbackUrl = base_url().index_page()."google/authCallback";
// Create a new user and set the oAuth settings
$user = new AdWordsUser();
$user->SetOAuth2Info(array(
"client_id" => $clientId,
"client_secret" => $clientSecret,
"access_token" => $access,
"refresh_token" => $refresh
));
// Generate an authorization URL given the callback URL
$authUrl = $user->GetOAuth2AuthorizationUrl($callbackUrl, true);
header("Location: $authUrl");
CALL BACK URL PAGE
$clientId = "PROVIDED_HIDDEN";
$clientSecret = "PROVIDED_HIDDEN";
$access = "PROVIDED_HIDDEN";
$refresh = "PROVIDED_HIDDEN";
// Create a new user and set the oAuth settings
$user = new AdWordsUser();
$user->SetDeveloperToken(ADWORDS_DEV_TOKEN);
$user->SetClientCustomerId(ADWORDS_ACCOUNT_ID);
$user->SetOAuth2Info(array(
"client_id" => $clientId,
"client_secret" => $clientSecret,
"access_token" => $access,
"refresh_token" => $refresh
));
$authCode = $_REQUEST["code"];
echo "";
$token = $user->GetOAuth2AccessToken($authCode, $callbackUrl);
$oauth2Info = $user->GetOAuth2Info();
print "OAuth2 authorization successful.\n";
if($user->CanRefreshOAuth2AccessToken())/// < is returning true
echo "CAN REFRESH";
else
echo "CAN NOT REFRESH";
NEXT URL TO ACCESS CAMPAIGNS
$tokenFilename = "./application/tmpAuth/". session_id()
.".txt";
// Create a new user
$user = new AdWordsUser();
// Load the oAuth settings
$user->SetOAuth2Info($this->Google_model->loadAuth($tokenFilename));
//$user->RefreshOAuth2AccessToken();
//$this->Google_model->saveAuth($user, $tokenFilename);
echo "";
//print_r($user);
// Get a list of campaigns
//$camps = $this->Google_model->GetCampaignsExample($user);
$campaignService = $user->GetService('CampaignService', ADWORDS_VERSION);
FAILS HERE
AuthorizationError.USER_PERMISSION_DENIED
On Thursday, November 14, 2013 11:38:30 AM UTC-5, Christian Gibbs wrote:
>
> I keep getting, AuthorizationError.USER_PERMISSION_DENIED
>
> What is the point of them logging in, if you need to get their permission
> again.
>
> I want anyone to be able to access their adwords account, via our
> platform. Like so many other apps and websites do.
>
> I have refresh tokens and I can access my own account just fine, but with
> other account logins, I get this error
> AuthorizationError.USER_PERMISSION_DENIED
>
> It make the app pointless, if I have to manually add ever client in and
> then allow them to login.
>
> So many apps allow this kind of access. How is it possible?
>
> I made a google app, that has a google login authorization prompt screen,
> then once the user consents, the login is successful but I can not access
> their data.
>
> Im stuck in a circle and its driving me crazy. Please HELP!
>
>
>
--
--
=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~
Also find us on our blog and discussion group:
http://googleadsdeveloper.blogspot.com
http://groups.google.com/group/adwords-api
=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~
You received this message because you are subscribed to the Google
Groups "AdWords API Forum" group.
To post to this group, send email to adwords-api@googlegroups.com
To unsubscribe from this group, send email to
adwords-api+unsubscr...@googlegroups.com
For more options, visit this group at
http://groups.google.com/group/adwords-api?hl=en
---
You received this message because you are subscribed to the Google Groups
"AdWords API Forum" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to adwords-api+unsubscr...@googlegroups.com.
For more options, visit https://groups.google.com/groups/opt_out.
Re: How to authenticate anyone ADWORDS API OAuth2 PHP
My specific error is
Fatal error: Uncaught SoapFault exception: [soap:Server]
[AuthorizationError.USER_PERMISSION_DENIED @ ; trigger:''] in
/var/www/html/dev/application/libraries/src/Google/Api/Ads/Common/Lib/AdsSoapClient.php:201
Stack trace:
#0
/var/www/html/dev/application/libraries/src/Google/Api/Ads/Common/Lib/AdsSoapClient.php(201):
SoapClient->__soapCall('get', Array, NULL, Array, Array)
#1
/var/www/html/dev/application/libraries/src/Google/Api/Ads/AdWords/v201306/CampaignService.php(6454):
AdsSoapClient->__soapCall('get', Array)
#2 /var/www/html/dev/application/controllers/google.php(216):
CampaignService->get(Object(Selector))
#3 [internal function]: Google->accessAuth()
#4 /var/www/html/dev/system/core/CodeIgniter.php(359):
call_user_func_array(Array, Array)
#5 /var/www/html/dev/index.php(206): require_once('/var/www/html/d...')
#6 {main}
thrown in
/var/www/html/dev/application/libraries/src/Google/Api/Ads/Common/Lib/AdsSoapClient.php
on line 201
On Thursday, November 14, 2013 11:38:30 AM UTC-5, Christian Gibbs wrote:
>
> I keep getting, AuthorizationError.USER_PERMISSION_DENIED
>
> What is the point of them logging in, if you need to get their permission
> again.
>
> I want anyone to be able to access their adwords account, via our
> platform. Like so many other apps and websites do.
>
> I have refresh tokens and I can access my own account just fine, but with
> other account logins, I get this error
> AuthorizationError.USER_PERMISSION_DENIED
>
> It make the app pointless, if I have to manually add ever client in and
> then allow them to login.
>
> So many apps allow this kind of access. How is it possible?
>
> I made a google app, that has a google login authorization prompt screen,
> then once the user consents, the login is successful but I can not access
> their data.
>
> Im stuck in a circle and its driving me crazy. Please HELP!
>
>
>
--
--
=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~
Also find us on our blog and discussion group:
http://googleadsdeveloper.blogspot.com
http://groups.google.com/group/adwords-api
=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~
You received this message because you are subscribed to the Google
Groups "AdWords API Forum" group.
To post to this group, send email to adwords-api@googlegroups.com
To unsubscribe from this group, send email to
adwords-api+unsubscr...@googlegroups.com
For more options, visit this group at
http://groups.google.com/group/adwords-api?hl=en
---
You received this message because you are subscribed to the Google Groups
"AdWords API Forum" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to adwords-api+unsubscr...@googlegroups.com.
For more options, visit https://groups.google.com/groups/opt_out.
Re: How to authenticate anyone ADWORDS API OAuth2 PHP
Ok I will revisit this based on your info.
The URL is registered.
Ill use the new OAuth2Handler
<https://code.google.com/p/google-api-adwords-php/source/diff?spec=svnbbbcde2d8be7a2e2d4a2022b695c0782abf39083&r=bbbcde2d8be7a2e2d4a2022b695c0782abf39083&format=side&path=/src/Google/Api/Ads/Common/Util/OAuth2Handler.php>,
thank you.
But this works, when I use my MCC login.
But what is the point of the person going to the login page and give
authorization using OAuth?
Why have them authenticate and give permission if I already have access?
They have already given permission prior to this event.
How do other companies allow access. For example, if I download the AdStage
app I can login to my ADwords account and look at my data.
This is what I want to achieve.
Thank you
On Monday, November 25, 2013 7:08:56 AM UTC-5, Paul Matthews (AdWords API
Team) wrote:
>
> Hi Christian,
>
> Firstly, when you authenticate the user, you need to ensure you include
> *scope=offline*<https://developers.google.com/accounts/docs/OAuth2WebServer#formingtheurl>,
>
> otherwise you'll need the user to be present for all requests.
>
> Secondly, it seems as though you're not using the most recent version of
> the php client library, as we've moved many of the OAuth2 methods out of
> the AdWordsUser
> class<https://code.google.com/p/google-api-adwords-php/source/diff?spec=svnbbbcde2d8be7a2e2d4a2022b695c0782abf39083&r=bbbcde2d8be7a2e2d4a2022b695c0782abf39083&format=side&path=/src/Google/Api/Ads/Common/Lib/AdsUser.php>
> to
> the OAuth2Handler
> class<https://code.google.com/p/google-api-adwords-php/source/diff?spec=svnbbbcde2d8be7a2e2d4a2022b695c0782abf39083&r=bbbcde2d8be7a2e2d4a2022b695c0782abf39083&format=side&path=/src/Google/Api/Ads/Common/Util/OAuth2Handler.php>
> .
>
> Thirdly, you'd need to ensure you've registered the callback URL you
> supply, when you retrieve the access code.
>
> *Finally & Most likely:* there's no link between the authorized MCC and
> the account you're attempting to retrieve campaigns for. The error code
> you're
> receiving<https://developers.google.com/adwords/api/docs/common-errors#AuthorizationError.USER_PERMISSION_DENIED>is
> mostly connected to this error. The OAuth2 flow only authorizes your
> access to an account, that account needs to be linked to all other accounts
> it wishes to access.
>
> Regards,
>
> - Paul, AdWords API Team.
>
> On Friday, 15 November 2013 15:53:28 UTC, Christian Gibbs wrote:
>>
>> My specific error is
>>
>> Fatal error: Uncaught SoapFault exception: [soap:Server]
>> [AuthorizationError.USER_PERMISSION_DENIED @ ; trigger:''] in
>> /var/www/html/dev/application/libraries/src/Google/Api/Ads/Common/Lib/AdsSoapClient.php:201
>> Stack trace:
>> #0
>> /var/www/html/dev/application/libraries/src/Google/Api/Ads/Common/Lib/AdsSoapClient.php(201):
>> SoapClient->__soapCall('get', Array, NULL, Array, Array)
>> #1
>> /var/www/html/dev/application/libraries/src/Google/Api/Ads/AdWords/v201306/CampaignService.php(6454):
>> AdsSoapClient->__soapCall('get', Array)
>> #2 /var/www/html/dev/application/controllers/google.php(216):
>> CampaignService->get(Object(Selector))
>> #3 [internal function]: Google->accessAuth()
>> #4 /var/www/html/dev/system/core/CodeIgniter.php(359):
>> call_user_func_array(Array, Array)
>> #5 /var/www/html/dev/index.php(206): require_once('/var/www/html/d...')
>> #6 {main}
>> thrown in
>> /var/www/html/dev/application/libraries/src/Google/Api/Ads/Common/Lib/AdsSoapClient.php
>> on line 201
>>
>>
>>
>>
>> On Thursday, November 14, 2013 11:38:30 AM UTC-5, Christian Gibbs wrote:
>>>
>>> I keep getting, AuthorizationError.USER_PERMISSION_DENIED
>>>
>>> What is the point of them logging in, if you need to get their
>>> permission again.
>>>
>>> I want anyone to be able to access their adwords account, via our
>>> platform. Like so many other apps and websites do.
>>>
>>> I have refresh tokens and I can access my own account just fine, but
>>> with other account logins, I get this error
>>> AuthorizationError.USER_PERMISSION_DENIED
>>>
>>> It make the app pointless, if I have to manually add ever client in and
>>> then allow them to login.
>>>
>>> So many apps allow this kind of access. How is it possible?
>>>
>>> I made a google app, that has a google login authorization prompt
>>> screen, then once the user consents, the
Re: How to authenticate anyone ADWORDS API OAuth2 PHP
Can someone please respond to my questions.
Your explanation is like a catch22.
On Monday, November 25, 2013 7:08:56 AM UTC-5, Paul Matthews (AdWords API
Team) wrote:
>
> Hi Christian,
>
> Firstly, when you authenticate the user, you need to ensure you include
> *scope=offline*<https://developers.google.com/accounts/docs/OAuth2WebServer#formingtheurl>,
>
> otherwise you'll need the user to be present for all requests.
>
> Secondly, it seems as though you're not using the most recent version of
> the php client library, as we've moved many of the OAuth2 methods out of
> the AdWordsUser
> class<https://code.google.com/p/google-api-adwords-php/source/diff?spec=svnbbbcde2d8be7a2e2d4a2022b695c0782abf39083&r=bbbcde2d8be7a2e2d4a2022b695c0782abf39083&format=side&path=/src/Google/Api/Ads/Common/Lib/AdsUser.php>
> to
> the OAuth2Handler
> class<https://code.google.com/p/google-api-adwords-php/source/diff?spec=svnbbbcde2d8be7a2e2d4a2022b695c0782abf39083&r=bbbcde2d8be7a2e2d4a2022b695c0782abf39083&format=side&path=/src/Google/Api/Ads/Common/Util/OAuth2Handler.php>
> .
>
> Thirdly, you'd need to ensure you've registered the callback URL you
> supply, when you retrieve the access code.
>
> *Finally & Most likely:* there's no link between the authorized MCC and
> the account you're attempting to retrieve campaigns for. The error code
> you're
> receiving<https://developers.google.com/adwords/api/docs/common-errors#AuthorizationError.USER_PERMISSION_DENIED>is
> mostly connected to this error. The OAuth2 flow only authorizes your
> access to an account, that account needs to be linked to all other accounts
> it wishes to access.
>
> Regards,
>
> - Paul, AdWords API Team.
>
> On Friday, 15 November 2013 15:53:28 UTC, Christian Gibbs wrote:
>>
>> My specific error is
>>
>> Fatal error: Uncaught SoapFault exception: [soap:Server]
>> [AuthorizationError.USER_PERMISSION_DENIED @ ; trigger:''] in
>> /var/www/html/dev/application/libraries/src/Google/Api/Ads/Common/Lib/AdsSoapClient.php:201
>> Stack trace:
>> #0
>> /var/www/html/dev/application/libraries/src/Google/Api/Ads/Common/Lib/AdsSoapClient.php(201):
>> SoapClient->__soapCall('get', Array, NULL, Array, Array)
>> #1
>> /var/www/html/dev/application/libraries/src/Google/Api/Ads/AdWords/v201306/CampaignService.php(6454):
>> AdsSoapClient->__soapCall('get', Array)
>> #2 /var/www/html/dev/application/controllers/google.php(216):
>> CampaignService->get(Object(Selector))
>> #3 [internal function]: Google->accessAuth()
>> #4 /var/www/html/dev/system/core/CodeIgniter.php(359):
>> call_user_func_array(Array, Array)
>> #5 /var/www/html/dev/index.php(206): require_once('/var/www/html/d...')
>> #6 {main}
>> thrown in
>> /var/www/html/dev/application/libraries/src/Google/Api/Ads/Common/Lib/AdsSoapClient.php
>> on line 201
>>
>>
>>
>>
>> On Thursday, November 14, 2013 11:38:30 AM UTC-5, Christian Gibbs wrote:
>>>
>>> I keep getting, AuthorizationError.USER_PERMISSION_DENIED
>>>
>>> What is the point of them logging in, if you need to get their
>>> permission again.
>>>
>>> I want anyone to be able to access their adwords account, via our
>>> platform. Like so many other apps and websites do.
>>>
>>> I have refresh tokens and I can access my own account just fine, but
>>> with other account logins, I get this error
>>> AuthorizationError.USER_PERMISSION_DENIED
>>>
>>> It make the app pointless, if I have to manually add ever client in and
>>> then allow them to login.
>>>
>>> So many apps allow this kind of access. How is it possible?
>>>
>>> I made a google app, that has a google login authorization prompt
>>> screen, then once the user consents, the login is successful but I can not
>>> access their data.
>>>
>>> Im stuck in a circle and its driving me crazy. Please HELP!
>>>
>>>
>>>
--
--
=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~
Also find us on our blog and discussion group:
http://googleadsdeveloper.blogspot.com
http://groups.google.com/group/adwords-api
=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~
You received this message because you are subscribed to the Google
Groups "AdWords API Forum" group.
To post to this group, send email to adwords-api@googlegroups.com
To unsubscribe from this group, send email to
adwords-api+unsubscr...@googlegroups.com
For more options, visit this group at
http://groups.google.com/group/adwords-api?hl=en
---
You received this message because you are subscribed to the Google Groups
"AdWords API Forum" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to adwords-api+unsubscr...@googlegroups.com.
For more options, visit https://groups.google.com/groups/opt_out.
Re: How to authenticate anyone ADWORDS API OAuth2 PHP
Google, can you respond to my question?
On Monday, November 25, 2013 7:08:56 AM UTC-5, Paul Matthews (AdWords API
Team) wrote:
>
> Hi Christian,
>
> Firstly, when you authenticate the user, you need to ensure you include
> *scope=offline*<https://developers.google.com/accounts/docs/OAuth2WebServer#formingtheurl>,
>
> otherwise you'll need the user to be present for all requests.
>
> Secondly, it seems as though you're not using the most recent version of
> the php client library, as we've moved many of the OAuth2 methods out of
> the AdWordsUser
> class<https://code.google.com/p/google-api-adwords-php/source/diff?spec=svnbbbcde2d8be7a2e2d4a2022b695c0782abf39083&r=bbbcde2d8be7a2e2d4a2022b695c0782abf39083&format=side&path=/src/Google/Api/Ads/Common/Lib/AdsUser.php>
> to
> the OAuth2Handler
> class<https://code.google.com/p/google-api-adwords-php/source/diff?spec=svnbbbcde2d8be7a2e2d4a2022b695c0782abf39083&r=bbbcde2d8be7a2e2d4a2022b695c0782abf39083&format=side&path=/src/Google/Api/Ads/Common/Util/OAuth2Handler.php>
> .
>
> Thirdly, you'd need to ensure you've registered the callback URL you
> supply, when you retrieve the access code.
>
> *Finally & Most likely:* there's no link between the authorized MCC and
> the account you're attempting to retrieve campaigns for. The error code
> you're
> receiving<https://developers.google.com/adwords/api/docs/common-errors#AuthorizationError.USER_PERMISSION_DENIED>is
> mostly connected to this error. The OAuth2 flow only authorizes your
> access to an account, that account needs to be linked to all other accounts
> it wishes to access.
>
> Regards,
>
> - Paul, AdWords API Team.
>
> On Friday, 15 November 2013 15:53:28 UTC, Christian Gibbs wrote:
>>
>> My specific error is
>>
>> Fatal error: Uncaught SoapFault exception: [soap:Server]
>> [AuthorizationError.USER_PERMISSION_DENIED @ ; trigger:''] in
>> /var/www/html/dev/application/libraries/src/Google/Api/Ads/Common/Lib/AdsSoapClient.php:201
>> Stack trace:
>> #0
>> /var/www/html/dev/application/libraries/src/Google/Api/Ads/Common/Lib/AdsSoapClient.php(201):
>> SoapClient->__soapCall('get', Array, NULL, Array, Array)
>> #1
>> /var/www/html/dev/application/libraries/src/Google/Api/Ads/AdWords/v201306/CampaignService.php(6454):
>> AdsSoapClient->__soapCall('get', Array)
>> #2 /var/www/html/dev/application/controllers/google.php(216):
>> CampaignService->get(Object(Selector))
>> #3 [internal function]: Google->accessAuth()
>> #4 /var/www/html/dev/system/core/CodeIgniter.php(359):
>> call_user_func_array(Array, Array)
>> #5 /var/www/html/dev/index.php(206): require_once('/var/www/html/d...')
>> #6 {main}
>> thrown in
>> /var/www/html/dev/application/libraries/src/Google/Api/Ads/Common/Lib/AdsSoapClient.php
>> on line 201
>>
>>
>>
>>
>> On Thursday, November 14, 2013 11:38:30 AM UTC-5, Christian Gibbs wrote:
>>>
>>> I keep getting, AuthorizationError.USER_PERMISSION_DENIED
>>>
>>> What is the point of them logging in, if you need to get their
>>> permission again.
>>>
>>> I want anyone to be able to access their adwords account, via our
>>> platform. Like so many other apps and websites do.
>>>
>>> I have refresh tokens and I can access my own account just fine, but
>>> with other account logins, I get this error
>>> AuthorizationError.USER_PERMISSION_DENIED
>>>
>>> It make the app pointless, if I have to manually add ever client in and
>>> then allow them to login.
>>>
>>> So many apps allow this kind of access. How is it possible?
>>>
>>> I made a google app, that has a google login authorization prompt
>>> screen, then once the user consents, the login is successful but I can not
>>> access their data.
>>>
>>> Im stuck in a circle and its driving me crazy. Please HELP!
>>>
>>>
>>>
--
--
=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~
Also find us on our blog and discussion group:
http://googleadsdeveloper.blogspot.com
http://groups.google.com/group/adwords-api
=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~
You received this message because you are subscribed to the Google
Groups "AdWords API Forum" group.
To post to this group, send email to adwords-api@googlegroups.com
To unsubscribe from this group, send email to
adwords-api+unsubscr...@googlegroups.com
For more options, visit this group at
http://groups.google.com/group/adwords-api?hl=en
---
You received this message because you are subscribed to the Google Groups
"AdWords API Forum" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to adwords-api+unsubscr...@googlegroups.com.
For more options, visit https://groups.google.com/groups/opt_out.
Re: How to authenticate anyone ADWORDS API OAuth2 PHP
Im using OAUTH2 and Ive done many changes today.
This is what Im getting now.
[message:protected] => [AuthenticationError.OAUTH_TOKEN_INVALID @ ; trigger:'']
On Monday, December 9, 2013 12:29:29 PM UTC-5, Derrick Pelletier wrote:
>
> Christian, you might be referring to an old feature, which is being
> deprecated; it allowed you to capture an email/password to authorize with.
> See here: https://developers.google.com/accounts/docs/AuthForInstalledApps
>
>
> On Monday, December 9, 2013 6:54:38 AM UTC-8, Christian Gibbs wrote:
>>
>> Can someone please respond to my questions.
>>
>> Your explanation is like a catch22.
>>
>>
>> On Monday, November 25, 2013 7:08:56 AM UTC-5, Paul Matthews (AdWords API
>> Team) wrote:
>>>
>>> Hi Christian,
>>>
>>> Firstly, when you authenticate the user, you need to ensure you include
>>> *scope=offline*<https://developers.google.com/accounts/docs/OAuth2WebServer#formingtheurl>,
>>>
>>> otherwise you'll need the user to be present for all requests.
>>>
>>> Secondly, it seems as though you're not using the most recent version of
>>> the php client library, as we've moved many of the OAuth2 methods out
>>> of the AdWordsUser
>>> class<https://code.google.com/p/google-api-adwords-php/source/diff?spec=svnbbbcde2d8be7a2e2d4a2022b695c0782abf39083&r=bbbcde2d8be7a2e2d4a2022b695c0782abf39083&format=side&path=/src/Google/Api/Ads/Common/Lib/AdsUser.php>
>>> to
>>> the OAuth2Handler
>>> class<https://code.google.com/p/google-api-adwords-php/source/diff?spec=svnbbbcde2d8be7a2e2d4a2022b695c0782abf39083&r=bbbcde2d8be7a2e2d4a2022b695c0782abf39083&format=side&path=/src/Google/Api/Ads/Common/Util/OAuth2Handler.php>
>>> .
>>>
>>> Thirdly, you'd need to ensure you've registered the callback URL you
>>> supply, when you retrieve the access code.
>>>
>>> *Finally & Most likely:* there's no link between the authorized MCC and
>>> the account you're attempting to retrieve campaigns for. The error code
>>> you're
>>> receiving<https://developers.google.com/adwords/api/docs/common-errors#AuthorizationError.USER_PERMISSION_DENIED>is
>>> mostly connected to this error. The OAuth2 flow only authorizes your
>>> access to an account, that account needs to be linked to all other accounts
>>> it wishes to access.
>>>
>>> Regards,
>>>
>>> - Paul, AdWords API Team.
>>>
>>> On Friday, 15 November 2013 15:53:28 UTC, Christian Gibbs wrote:
>>>>
>>>> My specific error is
>>>>
>>>> Fatal error: Uncaught SoapFault exception: [soap:Server]
>>>> [AuthorizationError.USER_PERMISSION_DENIED @ ; trigger:''] in
>>>> /var/www/html/dev/application/libraries/src/Google/Api/Ads/Common/Lib/AdsSoapClient.php:201
>>>> Stack trace:
>>>> #0
>>>> /var/www/html/dev/application/libraries/src/Google/Api/Ads/Common/Lib/AdsSoapClient.php(201):
>>>> SoapClient->__soapCall('get', Array, NULL, Array, Array)
>>>> #1
>>>> /var/www/html/dev/application/libraries/src/Google/Api/Ads/AdWords/v201306/CampaignService.php(6454):
>>>> AdsSoapClient->__soapCall('get', Array)
>>>> #2 /var/www/html/dev/application/controllers/google.php(216):
>>>> CampaignService->get(Object(Selector))
>>>> #3 [internal function]: Google->accessAuth()
>>>> #4 /var/www/html/dev/system/core/CodeIgniter.php(359):
>>>> call_user_func_array(Array, Array)
>>>> #5 /var/www/html/dev/index.php(206): require_once('/var/www/html/d...')
>>>> #6 {main}
>>>> thrown in
>>>> /var/www/html/dev/application/libraries/src/Google/Api/Ads/Common/Lib/AdsSoapClient.php
>>>> on line 201
>>>>
>>>>
>>>>
>>>>
>>>> On Thursday, November 14, 2013 11:38:30 AM UTC-5, Christian Gibbs wrote:
>>>>>
>>>>> I keep getting, AuthorizationError.USER_PERMISSION_DENIED
>>>>>
>>>>> What is the point of them logging in, if you need to get their
>>>>> permission again.
>>>>>
>>>>> I want anyone to be able to access their adwords account, via our
>>>>> platform. Like so many other apps and websites do.
>>>>>
>>>>> I have refresh tokens and I can access my own account just fine, but
>>
Re: How to authenticate anyone ADWORDS API OAuth2 PHP
This is the new favorite thing its doing now.
Uncaught exception 'OAuth2Exception' with message '{ "error" :
"invalid_request" }'
On Monday, December 9, 2013 6:21:48 PM UTC-5, Christian Gibbs wrote:
>
> Im using OAUTH2 and Ive done many changes today.
>
> This is what Im getting now.
>
> [message:protected] => [AuthenticationError.OAUTH_TOKEN_INVALID @ ;
> trigger:'']
>
>
> On Monday, December 9, 2013 12:29:29 PM UTC-5, Derrick Pelletier wrote:
>>
>> Christian, you might be referring to an old feature, which is being
>> deprecated; it allowed you to capture an email/password to authorize with.
>> See here:
>> https://developers.google.com/accounts/docs/AuthForInstalledApps
>>
>>
>> On Monday, December 9, 2013 6:54:38 AM UTC-8, Christian Gibbs wrote:
>>>
>>> Can someone please respond to my questions.
>>>
>>> Your explanation is like a catch22.
>>>
>>>
>>> On Monday, November 25, 2013 7:08:56 AM UTC-5, Paul Matthews (AdWords
>>> API Team) wrote:
>>>>
>>>> Hi Christian,
>>>>
>>>> Firstly, when you authenticate the user, you need to ensure you include
>>>> *scope=offline*<https://developers.google.com/accounts/docs/OAuth2WebServer#formingtheurl>,
>>>>
>>>> otherwise you'll need the user to be present for all requests.
>>>>
>>>> Secondly, it seems as though you're not using the most recent version
>>>> of the php client library, as we've moved many of the OAuth2 methods
>>>> out of the AdWordsUser
>>>> class<https://code.google.com/p/google-api-adwords-php/source/diff?spec=svnbbbcde2d8be7a2e2d4a2022b695c0782abf39083&r=bbbcde2d8be7a2e2d4a2022b695c0782abf39083&format=side&path=/src/Google/Api/Ads/Common/Lib/AdsUser.php>
>>>> to
>>>> the OAuth2Handler
>>>> class<https://code.google.com/p/google-api-adwords-php/source/diff?spec=svnbbbcde2d8be7a2e2d4a2022b695c0782abf39083&r=bbbcde2d8be7a2e2d4a2022b695c0782abf39083&format=side&path=/src/Google/Api/Ads/Common/Util/OAuth2Handler.php>
>>>> .
>>>>
>>>> Thirdly, you'd need to ensure you've registered the callback URL you
>>>> supply, when you retrieve the access code.
>>>>
>>>> *Finally & Most likely:* there's no link between the authorized MCC
>>>> and the account you're attempting to retrieve campaigns for. The error
>>>> code you're
>>>> receiving<https://developers.google.com/adwords/api/docs/common-errors#AuthorizationError.USER_PERMISSION_DENIED>is
>>>> mostly connected to this error. The OAuth2 flow only authorizes your
>>>> access to an account, that account needs to be linked to all other
>>>> accounts
>>>> it wishes to access.
>>>>
>>>> Regards,
>>>>
>>>> - Paul, AdWords API Team.
>>>>
>>>> On Friday, 15 November 2013 15:53:28 UTC, Christian Gibbs wrote:
>>>>>
>>>>> My specific error is
>>>>>
>>>>> Fatal error: Uncaught SoapFault exception: [soap:Server]
>>>>> [AuthorizationError.USER_PERMISSION_DENIED @ ; trigger:''] in
>>>>> /var/www/html/dev/application/libraries/src/Google/Api/Ads/Common/Lib/AdsSoapClient.php:201
>>>>> Stack trace:
>>>>> #0
>>>>> /var/www/html/dev/application/libraries/src/Google/Api/Ads/Common/Lib/AdsSoapClient.php(201):
>>>>> SoapClient->__soapCall('get', Array, NULL, Array, Array)
>>>>> #1
>>>>> /var/www/html/dev/application/libraries/src/Google/Api/Ads/AdWords/v201306/CampaignService.php(6454):
>>>>> AdsSoapClient->__soapCall('get', Array)
>>>>> #2 /var/www/html/dev/application/controllers/google.php(216):
>>>>> CampaignService->get(Object(Selector))
>>>>> #3 [internal function]: Google->accessAuth()
>>>>> #4 /var/www/html/dev/system/core/CodeIgniter.php(359):
>>>>> call_user_func_array(Array, Array)
>>>>> #5 /var/www/html/dev/index.php(206): require_once('/var/www/html/d...')
>>>>> #6 {main}
>>>>> thrown in
>>>>> /var/www/html/dev/application/libraries/src/Google/Api/Ads/Common/Lib/AdsSoapClient.php
>>>>> on line 201
>>>>>
>>>>>
>>>>>
>>>>>
>>>>
Re: How to authenticate anyone ADWORDS API OAuth2 PHP
Now I am back to here,
[message:protected] => [AuthorizationError.USER_PERMISSION_DENIED @ ;
trigger:'']
On Monday, December 9, 2013 6:32:19 PM UTC-5, Christian Gibbs wrote:
>
> This is the new favorite thing its doing now.
>
>
> Uncaught exception 'OAuth2Exception' with message '{ "error" :
> "invalid_request" }'
>
>
>
> On Monday, December 9, 2013 6:21:48 PM UTC-5, Christian Gibbs wrote:
>>
>> Im using OAUTH2 and Ive done many changes today.
>>
>> This is what Im getting now.
>>
>> [message:protected] => [AuthenticationError.OAUTH_TOKEN_INVALID @ ;
>> trigger:'']
>>
>>
>> On Monday, December 9, 2013 12:29:29 PM UTC-5, Derrick Pelletier wrote:
>>>
>>> Christian, you might be referring to an old feature, which is being
>>> deprecated; it allowed you to capture an email/password to authorize with.
>>> See here:
>>> https://developers.google.com/accounts/docs/AuthForInstalledApps
>>>
>>>
>>> On Monday, December 9, 2013 6:54:38 AM UTC-8, Christian Gibbs wrote:
>>>>
>>>> Can someone please respond to my questions.
>>>>
>>>> Your explanation is like a catch22.
>>>>
>>>>
>>>> On Monday, November 25, 2013 7:08:56 AM UTC-5, Paul Matthews (AdWords
>>>> API Team) wrote:
>>>>>
>>>>> Hi Christian,
>>>>>
>>>>> Firstly, when you authenticate the user, you need to ensure you include
>>>>> *scope=offline*<https://developers.google.com/accounts/docs/OAuth2WebServer#formingtheurl>,
>>>>>
>>>>> otherwise you'll need the user to be present for all requests.
>>>>>
>>>>> Secondly, it seems as though you're not using the most recent version
>>>>> of the php client library, as we've moved many of the OAuth2 methods
>>>>> out of the AdWordsUser
>>>>> class<https://code.google.com/p/google-api-adwords-php/source/diff?spec=svnbbbcde2d8be7a2e2d4a2022b695c0782abf39083&r=bbbcde2d8be7a2e2d4a2022b695c0782abf39083&format=side&path=/src/Google/Api/Ads/Common/Lib/AdsUser.php>
>>>>> to
>>>>> the OAuth2Handler
>>>>> class<https://code.google.com/p/google-api-adwords-php/source/diff?spec=svnbbbcde2d8be7a2e2d4a2022b695c0782abf39083&r=bbbcde2d8be7a2e2d4a2022b695c0782abf39083&format=side&path=/src/Google/Api/Ads/Common/Util/OAuth2Handler.php>
>>>>> .
>>>>>
>>>>> Thirdly, you'd need to ensure you've registered the callback URL you
>>>>> supply, when you retrieve the access code.
>>>>>
>>>>> *Finally & Most likely:* there's no link between the authorized MCC
>>>>> and the account you're attempting to retrieve campaigns for. The error
>>>>> code you're
>>>>> receiving<https://developers.google.com/adwords/api/docs/common-errors#AuthorizationError.USER_PERMISSION_DENIED>is
>>>>> mostly connected to this error. The OAuth2 flow only authorizes your
>>>>> access to an account, that account needs to be linked to all other
>>>>> accounts
>>>>> it wishes to access.
>>>>>
>>>>> Regards,
>>>>>
>>>>> - Paul, AdWords API Team.
>>>>>
>>>>> On Friday, 15 November 2013 15:53:28 UTC, Christian Gibbs wrote:
>>>>>>
>>>>>> My specific error is
>>>>>>
>>>>>> Fatal error: Uncaught SoapFault exception: [soap:Server]
>>>>>> [AuthorizationError.USER_PERMISSION_DENIED @ ; trigger:''] in
>>>>>> /var/www/html/dev/application/libraries/src/Google/Api/Ads/Common/Lib/AdsSoapClient.php:201
>>>>>> Stack trace:
>>>>>> #0
>>>>>> /var/www/html/dev/application/libraries/src/Google/Api/Ads/Common/Lib/AdsSoapClient.php(201):
>>>>>> SoapClient->__soapCall('get', Array, NULL, Array, Array)
>>>>>> #1
>>>>>> /var/www/html/dev/application/libraries/src/Google/Api/Ads/AdWords/v201306/CampaignService.php(6454):
>>>>>> AdsSoapClient->__soapCall('get', Array)
>>>>>> #2 /var/www/html/dev/application/controllers/google.php(216):
>>>>>> CampaignService->get(Object(Selector))
>>>>>> #3 [internal function]: Google->
Re: AuthorizationError.USER_PERMISSION_DENIED While accessing campaigns
I am trying to access accounts that are not linked to our MCC by the
consent of the user.
It first starts here,
$user = new AdWordsUser();
$user->SetOAuth2Info(array(
"response_type" => 'code',
"client_id" => $clientId,
"client_secret" => $clientSecret,
"access_token" => $access,
"refresh_token" => $refresh,
"scope" => 'offline'
));
$params = array(
"response_type" => 'code',
"client_id" => $clientId,
"client_secret" => $clientSecret,
"access_token" => $access,
"refresh_token" => $refresh,
"scope" => 'offline'
);
/*
* public function GetAuthorizationUrl(array $credentials,
$redirectUri = NULL, $offline = NULL, array $params = NULL) {
*/
// Generate an authorization URL given the callback URL
try{
$OAuth2Handler = $user->GetOAuth2Handler();
$OAuth2Handler->scope = 'https://adwords.google.com/api/adwords/';
print_r( $OAuth2Handler );
$authUrl = $OAuth2Handler->GetAuthorizationUrl($params, $callbackUrl, true,
null);
}catch( Exception $e ){
print_r($e->getMessage());
}
header("Location: $authUrl");
Then it takes you to the consent page.
After login is successful,
Not sure if I need to set scope = 'offline' Paul Matthews said something
about that but wasnt clear. There is another scope but it is a URL so I
dont know what hes talking about. Maybe you can shed some light on that.
Anyway, the callback url runs this code,
$user = new AdWordsUser();
$user->SetOAuth2Info(array(
"response_type" => 'code',
"client_id" => $clientId,
"client_secret" => $clientSecret,
"access_token" => $access,
"refresh_token" => $refresh,
"scope" => 'offline'
));
$authCode = $_REQUEST["code"];
//GetOAuth2Credential function copied below
$oauth2Info = $this->Google_model->GetOAuth2Credential($user, $authCode,
$callbackUrl);
$user->SetOAuth2Info($oauth2Info);
$user->SetAuthToken( $authCode );
function GetOAuth2Credential($user, $code, $redirectUri = NULL) {
$offline = TRUE;
// Get the authorization URL for the OAuth2 token.
// No redirect URL is being used since this is an installed application.
A web
// application would pass in a redirect URL back to the application,
// ensuring it's one that has been configured in the API console.
// Passing true for the second parameter ($offline) will provide us a
refresh
// token which can used be refresh the access token when it expires.
$OAuth2Handler = $user->GetOAuth2Handler();
$authorizationUrl = $OAuth2Handler->GetAuthorizationUrl(
$user->GetOAuth2Info(), $redirectUri, $offline);
// In a web application you would redirect the user to the authorization
URL
// and after approving the token they would be redirected back to the
// redirect URL, with the URL parameter "code" added. For desktop
// or server applications, spawn a browser to the URL and then have the
user
// enter the authorization code that is displayed.
printf("Log in to your AdWords account and open the following
URL:\n%s\n\n",
$authorizationUrl);
//print "After approving the token enter the authorization code here: ";
// Get the access token using the authorization code. Ensure you use the
same
// redirect URL used when requesting authorization.
$user->SetOAuth2Info(
$OAuth2Handler->GetAccessToken(
$user->GetOAuth2Info(), $code, $redirectUri));
// The access token expires but the refresh token obtained for offline
use
// doesn't, and should be stored for later use.
return $user->GetOAuth2Info();
}
I still get the alert, [AuthorizationError.USER_PERMISSION_DENIED @ ;
trigger:'']
On Tuesday, November 12, 2013 2:43:24 AM UTC-5, Takeshi Hagikura (AdWords
API Team) wrote:
>
> Hi Bikram,
>
> If the accounts are not linked to your MCC, you need to get a separate
> access token (and a refresh token) for each client account.
> In that case, I think an installed application mechanism is not practical
> because it requires manual process for each account.
>
> You can use the web application
> flow by
> preparing a web server that doesn't require manual process in your side
> when a client grants your application access to their data.
>
> > Also please let me know what is the durability of our refresh token.
> Will not ever change after we give access and generate it.
> A refresh token never expires unless you explicitly revoke the access.
>
> Best,
> - Takeshi, AdWords API Team
>
> On Saturday, November 9, 2013 2:18:31 AM UTC+9, Bikram Bhuyan wrote:
>>
>> Hi Takeshi,
>>
>> Thanks for your detailed explanation. You are absolutely right. If both
>> the accounts are under our MCC account then everything should work fine as
>> you mentioned. I am trying to connect to our clients AdWords account which
>> will definitely be not under our MCC account. So I am trying to figure out
>> what will be the best mechanism to implement it.
>>
>> Also please let me know w
Re: How to authenticate anyone ADWORDS API OAuth2 PHP
I updated everything over like you said with the OAuthHandler class. One of your staff said this. Takeshi Hagikura (AdWords API Team)[image: Google Employee] Nov 12 Hi Bikram, If the accounts are not linked to your MCC, you need to get a separate access token (and a refresh token) for each client account. In that case, I think an installed application mechanism is not practical because it requires manual process for each account. You can use the web application flow<https://developers.google.com/accounts/docs/OAuth2#webserver> by preparing a web server that doesn't require manual process in your side when a client grants your application access to their data. Please give some insight in regards to accessing unlinked accounts. This is what I am interested in. Please understand my goal. I need this to be able to authorize Adwords account users, that have nothing to do with my MCC account. https://groups.google.com/forum/#!msg/adwords-api/8vhiFuU-4is/Y-UprxyBXQgJ On Tuesday, December 10, 2013 10:44:13 AM UTC-5, Paul Matthews (AdWords API Team) wrote: > > Hi Christian, > > When you say you've done many changes, what kind of changes? Are you able > to get authentication working as per the > screencast<https://www.youtube.com/watch?v=KetKPhxY4Js>? > Using the video is the easiest way to get the authentication working. > > The USER_PERMISSION_DENIED is served when you're attempting to access an > unlinked account > <https://developers.google.com/adwords/api/docs/reference/v201309/AdGroupService.AuthorizationError#reason>. > > > Regards, > > - Paul, AdWords API Team. > > > On Thursday, 14 November 2013 08:38:30 UTC-8, Christian Gibbs wrote: >> >> I keep getting, AuthorizationError.USER_PERMISSION_DENIED >> >> What is the point of them logging in, if you need to get their permission >> again. >> >> I want anyone to be able to access their adwords account, via our >> platform. Like so many other apps and websites do. >> >> I have refresh tokens and I can access my own account just fine, but with >> other account logins, I get this error >> AuthorizationError.USER_PERMISSION_DENIED >> >> It make the app pointless, if I have to manually add ever client in and >> then allow them to login. >> >> So many apps allow this kind of access. How is it possible? >> >> I made a google app, that has a google login authorization prompt screen, >> then once the user consents, the login is successful but I can not access >> their data. >> >> Im stuck in a circle and its driving me crazy. Please HELP! >> >> >> -- -- =~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~ Also find us on our blog and discussion group: http://googleadsdeveloper.blogspot.com http://groups.google.com/group/adwords-api =~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~ You received this message because you are subscribed to the Google Groups "AdWords API Forum" group. To post to this group, send email to adwords-api@googlegroups.com To unsubscribe from this group, send email to adwords-api+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/adwords-api?hl=en --- You received this message because you are subscribed to the Google Groups "AdWords API Forum" group. To unsubscribe from this group and stop receiving emails from it, send an email to adwords-api+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/groups/opt_out.
Re: How to authenticate anyone ADWORDS API OAuth2 PHP
The OAuth login works fine, when I login myself. I can pull the data. But when I use another google account of mine I get the authorization error. I need to achieve this. Please dont say this is the result because the account is unlinked. Please give me some direction on how to achieve this. One of your colleague is saying it is possible. On Tuesday, December 10, 2013 11:30:26 AM UTC-5, Christian Gibbs wrote: > > I updated everything over like you said with the OAuthHandler class. > > One of your staff said this. > > > Takeshi Hagikura (AdWords API Team)[image: Google Employee] > Nov 12 > Hi Bikram, > > If the accounts are not linked to your MCC, you need to get a separate > access token (and a refresh token) for each client account. > In that case, I think an installed application mechanism is not practical > because it requires manual process for each account. > > You can use the web application > flow<https://developers.google.com/accounts/docs/OAuth2#webserver> by > preparing a web server that doesn't require manual process in your side > when a client grants your application access to their data. > > > > Please give some insight in regards to accessing unlinked accounts. This > is what I am interested in. Please understand my goal. > > I need this to be able to authorize Adwords account users, that have > nothing to do with my MCC account. > > > https://groups.google.com/forum/#!msg/adwords-api/8vhiFuU-4is/Y-UprxyBXQgJ > > > > On Tuesday, December 10, 2013 10:44:13 AM UTC-5, Paul Matthews (AdWords > API Team) wrote: >> >> Hi Christian, >> >> When you say you've done many changes, what kind of changes? Are you able >> to get authentication working as per the >> screencast<https://www.youtube.com/watch?v=KetKPhxY4Js>? >> Using the video is the easiest way to get the authentication working. >> >> The USER_PERMISSION_DENIED is served when you're attempting to access an >> unlinked account >> <https://developers.google.com/adwords/api/docs/reference/v201309/AdGroupService.AuthorizationError#reason>. >> >> >> Regards, >> >> - Paul, AdWords API Team. >> >> >> On Thursday, 14 November 2013 08:38:30 UTC-8, Christian Gibbs wrote: >>> >>> I keep getting, AuthorizationError.USER_PERMISSION_DENIED >>> >>> What is the point of them logging in, if you need to get their >>> permission again. >>> >>> I want anyone to be able to access their adwords account, via our >>> platform. Like so many other apps and websites do. >>> >>> I have refresh tokens and I can access my own account just fine, but >>> with other account logins, I get this error >>> AuthorizationError.USER_PERMISSION_DENIED >>> >>> It make the app pointless, if I have to manually add ever client in and >>> then allow them to login. >>> >>> So many apps allow this kind of access. How is it possible? >>> >>> I made a google app, that has a google login authorization prompt >>> screen, then once the user consents, the login is successful but I can not >>> access their data. >>> >>> Im stuck in a circle and its driving me crazy. Please HELP! >>> >>> >>> -- -- =~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~ Also find us on our blog and discussion group: http://googleadsdeveloper.blogspot.com http://groups.google.com/group/adwords-api =~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~ You received this message because you are subscribed to the Google Groups "AdWords API Forum" group. To post to this group, send email to adwords-api@googlegroups.com To unsubscribe from this group, send email to adwords-api+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/adwords-api?hl=en --- You received this message because you are subscribed to the Google Groups "AdWords API Forum" group. To unsubscribe from this group and stop receiving emails from it, send an email to adwords-api+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/groups/opt_out.
Re: AuthorizationError.USER_PERMISSION_DENIED While accessing campaigns
I GOT IT!
After getting the ?code= from the URL
$url = "https://accounts.google.com/o/oauth2/token";;
$params = array(
"code" => $authCode,
"client_id" => $clientId,
"client_secret" => $clientSecret,
"redirect_uri" => $callbackUrl,
"grant_type" => "authorization_code"
);
$curl = curl_init();
curl_setopt($curl, CURLOPT_URL, $url);
curl_setopt($curl, CURLOPT_HEADER, false);
curl_setopt($curl, CURLOPT_FOLLOWLOCATION, true);
curl_setopt($curl, CURLOPT_RETURNTRANSFER, true);
curl_setopt($curl, CURLOPT_POST, true);
curl_setopt($curl, CURLOPT_POSTFIELDS, $params);
curl_setopt($curl, CURLOPT_ENCODING, "");
$curlData = curl_exec($curl);
curl_close($curl);
$result = json_decode ($curlData);
print_r( $result );
$access_token = $result->access_token;
$user = new AdWordsUser();
$user->SetOAuth2Info(array(
"client_id" => $clientId,
"client_secret" => $clientSecret,
"access_token" => $access_token,
"refresh_token" => ""
));
I save the Auth Info and I was able to pull the other account data!
On Tuesday, December 10, 2013 10:01:29 AM UTC-5, Christian Gibbs wrote:
>
> I am trying to access accounts that are not linked to our MCC by the
> consent of the user.
>
> It first starts here,
>
> $user = new AdWordsUser();
> $user->SetOAuth2Info(array(
> "response_type" => 'code',
> "client_id" => $clientId,
> "client_secret" => $clientSecret,
> "access_token" => $access,
> "refresh_token" => $refresh,
> "scope" => 'offline'
> ));
> $params = array(
> "response_type" => 'code',
> "client_id" => $clientId,
> "client_secret" => $clientSecret,
> "access_token" => $access,
> "refresh_token" => $refresh,
> "scope" => 'offline'
> );
>
> /*
> * public function GetAuthorizationUrl(array $credentials,
> $redirectUri = NULL, $offline = NULL, array $params = NULL) {
> */
>
> // Generate an authorization URL given the callback URL
> try{
> $OAuth2Handler = $user->GetOAuth2Handler();
> $OAuth2Handler->scope = 'https://adwords.google.com/api/adwords/';
> print_r( $OAuth2Handler );
> $authUrl = $OAuth2Handler->GetAuthorizationUrl($params, $callbackUrl,
> true, null);
> }catch( Exception $e ){
> print_r($e->getMessage());
> }
>
> header("Location: $authUrl");
>
>
>
> Then it takes you to the consent page.
>
> After login is successful,
>
>
> Not sure if I need to set scope = 'offline' Paul Matthews said something
> about that but wasnt clear. There is another scope but it is a URL so I
> dont know what hes talking about. Maybe you can shed some light on that.
>
> Anyway, the callback url runs this code,
>
>
> $user = new AdWordsUser();
> $user->SetOAuth2Info(array(
> "response_type" => 'code',
> "client_id" => $clientId,
> "client_secret" => $clientSecret,
> "access_token" => $access,
> "refresh_token" => $refresh,
> "scope" => 'offline'
> ));
> $authCode = $_REQUEST["code"];
> //GetOAuth2Credential function copied below
>
> $oauth2Info = $this->Google_model->GetOAuth2Credential($user, $authCode,
> $callbackUrl);
> $user->SetOAuth2Info($oauth2Info);
> $user->SetAuthToken( $authCode );
>
>
>
>
>
> function GetOAuth2Credential($user, $code, $redirectUri = NULL) {
>
> $offline = TRUE;
> // Get the authorization URL for the OAuth2 token.
> // No redirect URL is being used since this is an installed application.
> A web
> // application would pass in a redirect URL back to the application,
> // ensuring it's one that has been configured in the API console.
> // Passing true for the second parameter ($offline) will provide us a
> refresh
> // token which can used be refresh the access token when it expires.
> $OAuth2Handler = $user->GetOAuth2Handler();
> $authorizationUrl = $OAuth2Handler->GetAuthorizationUrl(
> $user->GetOAuth2Info(), $redirectUri, $offline);
> // In a web application you would redirect the user to the
> authorization URL
> // and after approving the token they would be redirected back to the
> // redirect URL, with the URL parameter "code" added. For desktop
> // or serv
Re: How to authenticate anyone ADWORDS API OAuth2 PHP
I GOT IT! After getting the ?code= from the URL $url = "https://accounts.google.com/o/oauth2/token";; $params = array( "code" => $authCode, "client_id" => $clientId, "client_secret" => $clientSecret, "redirect_uri" => $callbackUrl, "grant_type" => "authorization_code" ); $curl = curl_init(); curl_setopt($curl, CURLOPT_URL, $url); curl_setopt($curl, CURLOPT_HEADER, false); curl_setopt($curl, CURLOPT_FOLLOWLOCATION, true); curl_setopt($curl, CURLOPT_RETURNTRANSFER, true); curl_setopt($curl, CURLOPT_POST, true); curl_setopt($curl, CURLOPT_POSTFIELDS, $params); curl_setopt($curl, CURLOPT_ENCODING, ""); $curlData = curl_exec($curl); curl_close($curl); $result = json_decode ($curlData); print_r( $result ); $access_token = $result->access_token; $user = new AdWordsUser(); $user->SetOAuth2Info(array( "client_id" => $clientId, "client_secret" => $clientSecret, "access_token" => $access_token, "refresh_token" => "" )); I save the Auth Info and I was able to pull the other account data! On Tuesday, December 10, 2013 11:33:29 AM UTC-5, Christian Gibbs wrote: > > The OAuth login works fine, when I login myself. I can pull the data. But > when I use another google account of mine I get the authorization error. > > I need to achieve this. Please dont say this is the result because the > account is unlinked. Please give me some direction on how to achieve this. > > One of your colleague is saying it is possible. > > > On Tuesday, December 10, 2013 11:30:26 AM UTC-5, Christian Gibbs wrote: >> >> I updated everything over like you said with the OAuthHandler class. >> >> One of your staff said this. >> >> >> Takeshi Hagikura (AdWords API Team)[image: Google Employee] >> Nov 12 >> Hi Bikram, >> >> If the accounts are not linked to your MCC, you need to get a separate >> access token (and a refresh token) for each client account. >> In that case, I think an installed application mechanism is not practical >> because it requires manual process for each account. >> >> You can use the web application >> flow<https://developers.google.com/accounts/docs/OAuth2#webserver> by >> preparing a web server that doesn't require manual process in your side >> when a client grants your application access to their data. >> >> >> >> Please give some insight in regards to accessing unlinked accounts. This >> is what I am interested in. Please understand my goal. >> >> I need this to be able to authorize Adwords account users, that have >> nothing to do with my MCC account. >> >> >> https://groups.google.com/forum/#!msg/adwords-api/8vhiFuU-4is/Y-UprxyBXQgJ >> >> >> >> On Tuesday, December 10, 2013 10:44:13 AM UTC-5, Paul Matthews (AdWords >> API Team) wrote: >>> >>> Hi Christian, >>> >>> When you say you've done many changes, what kind of changes? Are you >>> able to get authentication working as per the >>> screencast<https://www.youtube.com/watch?v=KetKPhxY4Js>? >>> Using the video is the easiest way to get the authentication working. >>> >>> The USER_PERMISSION_DENIED is served when you're attempting to access an >>> unlinked account >>> <https://developers.google.com/adwords/api/docs/reference/v201309/AdGroupService.AuthorizationError#reason>. >>> >>> >>> Regards, >>> >>> - Paul, AdWords API Team. >>> >>> >>> On Thursday, 14 November 2013 08:38:30 UTC-8, Christian Gibbs wrote: >>>> >>>> I keep getting, AuthorizationError.USER_PERMISSION_DENIED >>>> >>>> What is the point of them logging in, if you need to get their >>>> permission again. >>>> >>>> I want anyone to be able to access their adwords account, via our >>>> platform. Like so many other apps and websites do. >>>> >>>> I have refresh tokens and I can access my own account just fine, but >>>> with other account logins, I get this error >>>> AuthorizationError.USER_PERMISSION_DENIED >>>> >>>> It make the app pointless, if I have to manually add ever client in and >>>> then allow them to login. >>>> >>>> So many apps allow this kind of access. How is it possible? >>>> >>>> I made a google app, that has a google login authorization prompt &
Re: How to authenticate anyone ADWORDS API OAuth2 PHP
By the way, your video helped. Because I didnt know there was a new Auth.ini file. Now Im getting this error. The client customer ID must be specified for report downloads.' When I run the campaign service, I can do that and view all the campaigns but I cannot download the reports because I dont have the clientCustomerId. How is this suppose to work when using OAuth2? I have a refresh token. Everything is working ok, when just viewing the campaigns but not for downloading reports. The Id is required. Any idea? Thanks On Tuesday, December 10, 2013 2:50:53 PM UTC-5, Christian Gibbs wrote: > > I GOT IT! > > > > After getting the ?code= from the URL > > > $url = "https://accounts.google.com/o/oauth2/token";; > $params = array( > "code" => $authCode, > "client_id" => $clientId, > "client_secret" => $clientSecret, > "redirect_uri" => $callbackUrl, > "grant_type" => "authorization_code" > ); > > $curl = curl_init(); > curl_setopt($curl, CURLOPT_URL, $url); > curl_setopt($curl, CURLOPT_HEADER, false); > curl_setopt($curl, CURLOPT_FOLLOWLOCATION, true); > curl_setopt($curl, CURLOPT_RETURNTRANSFER, true); > curl_setopt($curl, CURLOPT_POST, true); > curl_setopt($curl, CURLOPT_POSTFIELDS, $params); > curl_setopt($curl, CURLOPT_ENCODING, ""); > $curlData = curl_exec($curl); > curl_close($curl); > $result = json_decode ($curlData); > print_r( $result ); > > $access_token = $result->access_token; > > > > $user = new AdWordsUser(); > $user->SetOAuth2Info(array( > "client_id" => $clientId, > "client_secret" => $clientSecret, > "access_token" => $access_token, > "refresh_token" => "" > )); > > I save the Auth Info and I was able to pull the other account data! > > > > > > > On Tuesday, December 10, 2013 11:33:29 AM UTC-5, Christian Gibbs wrote: >> >> The OAuth login works fine, when I login myself. I can pull the data. But >> when I use another google account of mine I get the authorization error. >> >> I need to achieve this. Please dont say this is the result because the >> account is unlinked. Please give me some direction on how to achieve this. >> >> One of your colleague is saying it is possible. >> >> >> On Tuesday, December 10, 2013 11:30:26 AM UTC-5, Christian Gibbs wrote: >>> >>> I updated everything over like you said with the OAuthHandler class. >>> >>> One of your staff said this. >>> >>> >>> Takeshi Hagikura (AdWords API Team)[image: Google Employee] >>> Nov 12 >>> Hi Bikram, >>> >>> If the accounts are not linked to your MCC, you need to get a separate >>> access token (and a refresh token) for each client account. >>> In that case, I think an installed application mechanism is not >>> practical because it requires manual process for each account. >>> >>> You can use the web application >>> flow<https://developers.google.com/accounts/docs/OAuth2#webserver> by >>> preparing a web server that doesn't require manual process in your side >>> when a client grants your application access to their data. >>> >>> >>> >>> Please give some insight in regards to accessing unlinked accounts. This >>> is what I am interested in. Please understand my goal. >>> >>> I need this to be able to authorize Adwords account users, that have >>> nothing to do with my MCC account. >>> >>> >>> >>> https://groups.google.com/forum/#!msg/adwords-api/8vhiFuU-4is/Y-UprxyBXQgJ >>> >>> >>> >>> On Tuesday, December 10, 2013 10:44:13 AM UTC-5, Paul Matthews (AdWords >>> API Team) wrote: >>>> >>>> Hi Christian, >>>> >>>> When you say you've done many changes, what kind of changes? Are you >>>> able to get authentication working as per the >>>> screencast<https://www.youtube.com/watch?v=KetKPhxY4Js>? >>>> Using the video is the easiest way to get the authentication working. >>>> >>>> The USER_PERMISSION_DENIED is served when you're attempting to access an >>>> unlinked account >>>> <https://developers.google.com/adwords/api/docs/reference/v201309/AdGroupService.AuthorizationError#reason>. >>>> >>>> >>>> Regards, >>>> >
Re: How to authenticate anyone ADWORDS API OAuth2 PHP
Thank you for your continued support.
I figures this out this morning.
Once I pull the account I want to view,
I use
$user->SetClientCustomerId( $account_id );
I can get it from the accountId of the campaign object for example.
Also I realized, my initial problem with USER_DENIED was that since I didnt
update the Auth.ini, I was logging in ok but the logged in user was trying
to access the Account of the MCC who owns the API access.
So instead of the User accessing their data, they were trying to access the
MCCs data.
I had to remove the clientId from the Auth.ini and that made it work.
I just wanted to post this, I figure someone may find it helpful for
pulling accounts under and MCC.
function getAccounts(AdWordsUser $user)
{
$managedCustomerService =
$user->GetService('ManagedCustomerService', ADWORDS_VERSION);
$selector = new Selector();
$selector->fields = array('CustomerId','Name');
$selector->ordering[] = new OrderBy('Name', 'ASCENDING');
$selector->paging = new Paging(0, AdWordsConstants::RECOMMENDED_PAGE_SIZE);
// $page = $managedCustomerService->get($selector);
$accounts = array();
do {
// Make the get request.
$page = $managedCustomerService->get($selector);
// Display results.
if (isset($page->entries)) {
return $page->entries;
} else {
return array();
}
// Advance the paging index.
$selector->paging->startIndex += AdWordsConstants::RECOMMENDED_PAGE_SIZE;
} while ($page->totalNumEntries > $selector->paging->startIndex);
}
On Tuesday, December 10, 2013 8:52:35 PM UTC-5, Paul Matthews (AdWords API
Team) wrote:
>
> The clientCustomerId is the identifier for the account you wish to access.
> You need to specify this in the AdWordsUser to access that account.
>
> The OAuth2 layer is purely to permit access, the clientCustomerId
> specifies<https://code.google.com/p/google-api-adwords-php/source/browse/src/Google/Api/Ads/AdWords/Lib/AdWordsUser.php#99>which
> sub account you're accessing.
>
> For more information on this please read the
> README<https://code.google.com/p/google-api-adwords-php/source/browse/README#56>
> .
>
> Regards,
>
> - Paul, AdWords API Team.
>
> On Tuesday, 10 December 2013 12:58:26 UTC-8, Christian Gibbs wrote:
>>
>> By the way, your video helped. Because I didnt know there was a new
>> Auth.ini file.
>>
>> Now Im getting this error.
>>
>> The client customer ID must be specified for report downloads.'
>>
>>
>> When I run the campaign service, I can do that and view all the campaigns
>> but I cannot download the reports because I dont have the clientCustomerId.
>>
>>
>>
>> How is this suppose to work when using OAuth2?
>>
>>
>> I have a refresh token. Everything is working ok, when just viewing the
>> campaigns but not for downloading reports. The Id is required.
>>
>>
>> Any idea?
>>
>>
>> Thanks
>>
>>
>>
>>
>>
>> On Tuesday, December 10, 2013 2:50:53 PM UTC-5, Christian Gibbs wrote:
>>>
>>> I GOT IT!
>>>
>>>
>>>
>>> After getting the ?code= from the URL
>>>
>>>
>>> $url = "https://accounts.google.com/o/oauth2/token";;
>>> $params = array(
>>> "code" => $authCode,
>>> "client_id" => $clientId,
>>> "client_secret" => $clientSecret,
>>> "redirect_uri" => $callbackUrl,
>>> "grant_type" => "authorization_code"
>>> );
>>>
>>> $curl = curl_init();
>>> curl_setopt($curl, CURLOPT_URL, $url);
>>> curl_setopt($curl, CURLOPT_HEADER, false);
>>> curl_setopt($curl, CURLOPT_FOLLOWLOCATION, true);
>>> curl_setopt($curl, CURLOPT_RETURNTRANSFER, true);
>>> curl_setopt($curl, CURLOPT_POST, true);
>>> curl_setopt($curl, CURLOPT_POSTFIELDS, $params);
>>> curl_setopt($curl, CURLOPT_ENCODING, "");
>>> $curlData = curl_exec($curl);
>>> curl_close($curl);
>>> $result = json_decode ($curlData);
>>> print_r( $result );
>>>
>>> $access_token = $result->access_token;
>>>
>>>
>>>
>>> $user = new AdWordsUser();
>>> $user->SetOAuth2Info(array(
>>> "client_id" => $clientId,
>>> "client_secret" => $clientSecret,
>>> "access_token" => $access_token,
>>> "refresh_token" => ""
Re: How to authenticate anyone ADWORDS API OAuth2 PHP
Actually this is what I used to pull the ClientId
$customerService = $user->GetService('CustomerService', ADWORDS_VERSION);
$cust = $customerService->get();
$user->setCustomerClientId( $cust->customerId );
On Tuesday, December 10, 2013 8:52:35 PM UTC-5, Paul Matthews (AdWords API
Team) wrote:
>
> The clientCustomerId is the identifier for the account you wish to access.
> You need to specify this in the AdWordsUser to access that account.
>
> The OAuth2 layer is purely to permit access, the clientCustomerId
> specifies<https://code.google.com/p/google-api-adwords-php/source/browse/src/Google/Api/Ads/AdWords/Lib/AdWordsUser.php#99>which
> sub account you're accessing.
>
> For more information on this please read the
> README<https://code.google.com/p/google-api-adwords-php/source/browse/README#56>
> .
>
> Regards,
>
> - Paul, AdWords API Team.
>
> On Tuesday, 10 December 2013 12:58:26 UTC-8, Christian Gibbs wrote:
>>
>> By the way, your video helped. Because I didnt know there was a new
>> Auth.ini file.
>>
>> Now Im getting this error.
>>
>> The client customer ID must be specified for report downloads.'
>>
>>
>> When I run the campaign service, I can do that and view all the campaigns
>> but I cannot download the reports because I dont have the clientCustomerId.
>>
>>
>>
>> How is this suppose to work when using OAuth2?
>>
>>
>> I have a refresh token. Everything is working ok, when just viewing the
>> campaigns but not for downloading reports. The Id is required.
>>
>>
>> Any idea?
>>
>>
>> Thanks
>>
>>
>>
>>
>>
>> On Tuesday, December 10, 2013 2:50:53 PM UTC-5, Christian Gibbs wrote:
>>>
>>> I GOT IT!
>>>
>>>
>>>
>>> After getting the ?code= from the URL
>>>
>>>
>>> $url = "https://accounts.google.com/o/oauth2/token";;
>>> $params = array(
>>> "code" => $authCode,
>>> "client_id" => $clientId,
>>> "client_secret" => $clientSecret,
>>> "redirect_uri" => $callbackUrl,
>>> "grant_type" => "authorization_code"
>>> );
>>>
>>> $curl = curl_init();
>>> curl_setopt($curl, CURLOPT_URL, $url);
>>> curl_setopt($curl, CURLOPT_HEADER, false);
>>> curl_setopt($curl, CURLOPT_FOLLOWLOCATION, true);
>>> curl_setopt($curl, CURLOPT_RETURNTRANSFER, true);
>>> curl_setopt($curl, CURLOPT_POST, true);
>>> curl_setopt($curl, CURLOPT_POSTFIELDS, $params);
>>> curl_setopt($curl, CURLOPT_ENCODING, "");
>>> $curlData = curl_exec($curl);
>>> curl_close($curl);
>>> $result = json_decode ($curlData);
>>> print_r( $result );
>>>
>>> $access_token = $result->access_token;
>>>
>>>
>>>
>>> $user = new AdWordsUser();
>>> $user->SetOAuth2Info(array(
>>> "client_id" => $clientId,
>>> "client_secret" => $clientSecret,
>>> "access_token" => $access_token,
>>> "refresh_token" => ""
>>> ));
>>>
>>> I save the Auth Info and I was able to pull the other account data!
>>>
>>>
>>>
>>>
>>>
>>>
>>> On Tuesday, December 10, 2013 11:33:29 AM UTC-5, Christian Gibbs wrote:
>>>>
>>>> The OAuth login works fine, when I login myself. I can pull the data.
>>>> But when I use another google account of mine I get the authorization
>>>> error.
>>>>
>>>> I need to achieve this. Please dont say this is the result because the
>>>> account is unlinked. Please give me some direction on how to achieve this.
>>>>
>>>> One of your colleague is saying it is possible.
>>>>
>>>>
>>>> On Tuesday, December 10, 2013 11:30:26 AM UTC-5, Christian Gibbs wrote:
>>>>>
>>>>> I updated everything over like you said with the OAuthHandler class.
>>>>>
>>>>> One of your staff said this.
>>>>>
>>>>>
>>>>> Takeshi Hagikura (AdWords API Team)[image: Google Employee]
>>>>> Nov 12
>>>>> Hi Bikram,
>>>>>
>>>>> If the accounts are not linked to your MCC, you need to get a separate
>>>>> access to
