Token has been expired or revoked
238 views
Skip to first unread message
Every Straus
Apr 13, 2021, 3:42:38 PM4/13/21
to AdWords API and Google Ads API Forum
Hello.
We have error "Token has been expired or revoked"
We don`t make any changes.
And in page https://myaccount.google.com/u/1/permissions our app Everystraus was self removed.
We don`t did that.
And this was not helpful.
Please help.
Google Ads API Forum Advisor Prod
Apr 14, 2021, 2:01:27 PM4/14/21
to ad79...@gmail.com, adwor...@googlegroups.com
Hello,
Thanks for reaching out. Can you please try regenerating your OAuth2 credentials and refresh token, and ensuring that the email being used to create the credentials has the proper access level in your Ads MCC?
Thanks,
Matt
Google Ads API Team
ref:_00D1U1174p._5004Q2FYAcl:ref
Thanks for reaching out. Can you please try regenerating your OAuth2 credentials and refresh token, and ensuring that the email being used to create the credentials has the proper access level in your Ads MCC?
Thanks,
Matt
Google Ads API Team
|
||||||
ref:_00D1U1174p._5004Q2FYAcl:ref
Message has been deleted
Every Straus
Apr 15, 2021, 6:56:59 AM4/15/21
to AdWords API and Google Ads API Forum
Thank you for reply.
`Can you please try regenerating your OAuth2 credentials and refresh token`
For be more specific.
We need to create new credentials here https://console.cloud.google.com/apis/credentials ?
We make service, that can connect to different accounts, we already have basic access in Google Adwords Api.
So what this is mean (ensuring that the email being used to create the credentials has the proper access level in your Ads MCC)?
If different client give access to our app then error will be happen again 'Token has been expired or revoked' ?
Maybe we need to fill out the form differently, or some thing else.
среда, 14 апреля 2021 г. в 17:01:27 UTC+3, adsapiforumadvisor:
Google Ads API Forum Advisor Prod
Apr 16, 2021, 3:04:14 AM4/16/21
to ad79...@gmail.com, adwor...@googlegroups.com
Hi,
Thank you for your follow up. I work with Matt and allow me to assist you.
A basic access level developer token only allows users to use the API to make requests to Production Google Ads accounts.
In order to access (retrieve data, create, modify, delete) the said Google Ads accounts, users will need the appropriate OAuth2 credentials to authenticate those requests and perform specific actions. To achieve this, a user/email address will need first to have access to the Google Ads account which they will be managing.
Once the user/email address has the required access, they can then generate the OAuth2 credentials (https://console.cloud.google.com/apis/credentials) while logged in to that user/email address that has access to the Google Ads account.
As for the expiring (refresh) token issue, this guide that you mentioned initially provides the reasons that may cause the said token to expire. If your Everystraus user was removed then it is possible that someone that has access to your accounts removed or revoked your access.
Best regards,
ref:_00D1U1174p._5004Q2FYAcl:ref
Thank you for your follow up. I work with Matt and allow me to assist you.
A basic access level developer token only allows users to use the API to make requests to Production Google Ads accounts.
In order to access (retrieve data, create, modify, delete) the said Google Ads accounts, users will need the appropriate OAuth2 credentials to authenticate those requests and perform specific actions. To achieve this, a user/email address will need first to have access to the Google Ads account which they will be managing.
Once the user/email address has the required access, they can then generate the OAuth2 credentials (https://console.cloud.google.com/apis/credentials) while logged in to that user/email address that has access to the Google Ads account.
As for the expiring (refresh) token issue, this guide that you mentioned initially provides the reasons that may cause the said token to expire. If your Everystraus user was removed then it is possible that someone that has access to your accounts removed or revoked your access.
Best regards,
|
||||||
ref:_00D1U1174p._5004Q2FYAcl:ref
Every Straus
Apr 16, 2021, 9:02:25 AM4/16/21
to AdWords API and Google Ads API Forum
Hi,
Excuse me, but now I have more questions.
`In order to access (retrieve data, create, modify, delete) the said Google Ads accounts, users will need the appropriate OAuth2 credentials to authenticate those requests and perform specific actions. To achieve this, a user/email address will need first to have access to the Google Ads account which they will be managing.`
This is means, that we can't make refresh token, generating AuthorizationUri with our credentials, like that:
$oauth2 = new OAuth2(
[
'authorizationUri' => self::AUTHORIZATION_URI,
'redirectUri' => self::REDIRECT_URI,
'tokenCredentialUri' => CredentialsLoader::TOKEN_CREDENTIAL_URI,
'clientId' => $clientId,
'clientSecret' => $clientSecret,
'scope' => $scopes,
'state'=> $state,
'access_type' => 'offline',
]
);
$url = $oauth2->buildFullAuthorizationUri();
return $url;
Then user go to url, allow access and we get refresh token, and that solution work fine, except self removing app from https://myaccount.google.com/u/1/permissions.
If I understand right,
what you said, means, that we need to access, from our clients to every user google account and make for every account unique credentials.(Client ID,Client secret)
If so, how we can generate right refresh token with ours credentials?
Maybe we need to request next level for developer token access, or something else?
`As for the expiring (refresh) token issue, this guide that you mentioned initially provides the reasons that may cause the said token to expire. If your Everystraus user was removed then it is possible that someone that has access to your accounts removed or revoked your access.`
Ours employes not remove app from https://myaccount.google.com/u/1/permissions
Maybe, you can check that or way its happend?
Because, if app self removing from https://myaccount.google.com/u/1/permissions and this will be happening often, it's not good.
This page doesn't work https://developers.google.com/google-ads/api/docs/first-call/oauth-cloud-project(Service Unavailable)
пятница, 16 апреля 2021 г. в 06:04:14 UTC+3, adsapiforumadvisor:
Google Ads API Forum Advisor Prod
Apr 19, 2021, 6:25:28 AM4/19/21
to ad79...@gmail.com, adwor...@googlegroups.com
Hi,
Thank you for your follow up.
Thank you for your follow up.
If all your accounts are under or linked to a specific MCC hierarchy, you can generate the OAuth2 credentials using the user/email address that has access to the top most level MCC. This way, the OAuth2 credentials including the refresh token can be used across all accounts under the said MCC. There should be no need to generate OAuth2 credentials per user of your account(s).
So our team can better assist you on your current setup, could you share how the accounts you are accessing are currently structured?
In addition, regarding your question "Maybe we need to request next level for developer token access, or something else?", you may note that developer token access level is not required in the process of generating your OAuth2 credentials.
Moving forward to your concern regarding your refresh tokens expiring, I would recommend that you reach out to the Google API Console support team instead via this link, for further insight.
Lastly, could you confirm if my understanding is correct that you are unable to access this documentation? If yes, could you share the screenshot?
So our team can better assist you on your current setup, could you share how the accounts you are accessing are currently structured?
In addition, regarding your question "Maybe we need to request next level for developer token access, or something else?", you may note that developer token access level is not required in the process of generating your OAuth2 credentials.
Moving forward to your concern regarding your refresh tokens expiring, I would recommend that you reach out to the Google API Console support team instead via this link, for further insight.
Lastly, could you confirm if my understanding is correct that you are unable to access this documentation? If yes, could you share the screenshot?
Every Straus
Apr 19, 2021, 7:36:25 AM4/19/21
to AdWords API and Google Ads API Forum
"So our team can better assist you on your current setup, could you share how the accounts you are accessing are currently structured?"
We make app that can connect to different accounts, not just accounts in our MCC hierarchy, any google users adwords accounts, if user allow access.
We get AuthorizationUri to connect google user with this code, with our credentials
$oauth2 = new OAuth2(
[
'authorizationUri' => self::AUTHORIZATION_URI,
'redirectUri' => self::REDIRECT_URI,
'tokenCredentialUri' => CredentialsLoader::TOKEN_CREDENTIAL_URI,
'clientId' => $clientId,
'clientSecret' => $clientSecret,
'scope' => $scopes,
'state'=> $state,
'access_type' => 'offline',
]
);
$url = $oauth2->buildFullAuthorizationUri();
return $url;
Then we get refresh token, then user enter client_customer_id, and we get account data from google adwords api and this is work fine, except refresh token expired or revoked and app was self removed.
Structure of accounts is
Manager account -> accounts or just account.
We get data from different accounts, not just from our accounts in MCC, and it's work now, questions is
1) Why is refresh token expired or revoked?
2) Why app was self removed from https://myaccount.google.com/u/1/permissions?
"I would recommend that you reach out to the Google API Console support team instead via this link, for further insight."
How can I reach out to the Google API Console support team?
Can you be more specific?
Lastly, yes, page doesn't work https://developers.google.com/google-ads/api/docs/first-call/oauth-cloud-project?hl=en, screenshot attached.
понедельник, 19 апреля 2021 г. в 09:25:28 UTC+3, adsapiforumadvisor:
Every Straus
Apr 19, 2021, 8:11:02 AM4/19/21
to AdWords API and Google Ads API Forum
"Page doesn't work https://developers.google.com/google-ads/api/docs/first-call/oauth-cloud-project?hl=en"
I figured out, this is because I have adblock extension, sorry.
понедельник, 19 апреля 2021 г. в 10:36:25 UTC+3, Every Straus:
Google Ads API Forum Advisor Prod
Apr 19, 2021, 3:58:34 PM4/19/21
to ad79...@gmail.com, adwor...@googlegroups.com
Hello,
As I understand, you are using this PHP sample to obtain the refresh token, and this is working fine except for the expiration issue, and the apparent self-removal of the app from your Google Account. You can find a list of common reasons for refresh token expiration here.
You can find API Console support by navigating to the main Console page and then clicking the question mark icon across the top blue banner. They will likely be able to better support you in your second question, "2) Why app was self removed from https://myaccount.google.com/u/1/permissions?" as it relates to the email/account used to create the OAuth credentials, which in turn, are used to create the refresh token.
Regards,
Matt
Google Ads API Team
ref:_00D1U1174p._5004Q2FYAcl:ref
As I understand, you are using this PHP sample to obtain the refresh token, and this is working fine except for the expiration issue, and the apparent self-removal of the app from your Google Account. You can find a list of common reasons for refresh token expiration here.
You can find API Console support by navigating to the main Console page and then clicking the question mark icon across the top blue banner. They will likely be able to better support you in your second question, "2) Why app was self removed from https://myaccount.google.com/u/1/permissions?" as it relates to the email/account used to create the OAuth credentials, which in turn, are used to create the refresh token.
Regards,
Matt
Google Ads API Team
|
||||||
ref:_00D1U1174p._5004Q2FYAcl:ref
Reply all
Reply to author
Forward
0 new messages