Identify Oauth2 Refresh Token
27 views
Skip to first unread message
Rocket Chips
May 24, 2018, 6:31:22 AM5/24/18
to AdWords API and Google Ads API Forum
I am looking for a way to identify a user who authenticates through OUATH2 with our application such that I can know they are a returning user if they reauthenticate and do not return a refresh token.
I do not need to identify the user in the sense that I gain any personal data on them, I just need to have a way to know if they have a refresh token in our system already.
Our platform will be integrating with the google adwords API using the c# .net library, we will have profiles to seperate out multiple clients in the adwords api, though these profiles may also pull data from different adwords accounts depending on user configuration.
My current issue is that multiple profiles may need to share a refresh token, but if a user authenticates using the same credentials on different profiles, the profiles have no way of identifying that this users token is already in our system because they are already seen as authenticated with the app.
I do not need to identify the user in the sense that I gain any personal data on them, I just need to have a way to know if they have a refresh token in our system already.
Our platform will be integrating with the google adwords API using the c# .net library, we will have profiles to seperate out multiple clients in the adwords api, though these profiles may also pull data from different adwords accounts depending on user configuration.
My current issue is that multiple profiles may need to share a refresh token, but if a user authenticates using the same credentials on different profiles, the profiles have no way of identifying that this users token is already in our system because they are already seen as authenticated with the app.
Bharani Cherukuri (AdWords API Team)
May 24, 2018, 3:15:49 PM5/24/18
to AdWords API and Google Ads API Forum
Hello,
You will be able to know the user based on the email address used for authentication or based on the client ID used for authentication. Since you're looking to verify this scenario on your end before returning a refresh token, you could use the later option to store the client ID credentials. You will be able to verify these through the Authorization URL and then map them locally to the user authenticating the call. Please take a look at this guide for the authorization URL format. You may also refer to this link on how to configure the C# client library for OAuth credentials.
Let me know if you have any other questions.
Regards,
Bharani, AdWords API Team
Reply all
Reply to author
Forward
0 new messages