API access denied
185 views
Skip to first unread message
Guillaume Bielli
Nov 19, 2024, 6:25:40 PM11/19/24
to Google Ads API and AdWords API Forum
We're implementing Google Ads offline conversion tracking using sGTM and Stape IO template, with the following setup:
- Test manager account
- Production Google Ads account Developer Token (currently in sandbox mode)
When attempting to send a conversion to the test account using the Developer Token, we receive a 403 permission denied error.
Questions:
- Which specific permission is missing - is this related to MCC (Manager) account or subaccount access?
- What's the typical turnaround time for obtaining a production Developer Token?
{
"error": {
"code": 403,
"message": "The caller does not have permission",
"status": "PERMISSION_DENIED",
"details": [
{
"@type": "type.googleapis.com/google.ads.googleads.v18.errors.GoogleAdsFailure",
"errors": [
{
"errorCode": {
"authorizationError": "USER_PERMISSION_DENIED"
},
"message": "User doesn't have permission to access customer. Note: If you're accessing a client customer, the manager's customer id must be set in the 'login-customer-id' header. See https://developers.google.com/google-ads/api/docs/concepts/call-structure#cid"
}
],
"requestId": "..."
}
]
}
}
Google Ads API Forum Advisor
Nov 20, 2024, 12:27:27 AM11/20/24
to guillaum...@boryl.io, adwor...@googlegroups.com
Hi,
Thank you for reaching out to the Google Ads API support team.
I could see that you are encountering a USER_PERMISSION_DENIED authorization error, it means the user doesn't have permission to access the customer. According to the documentation, if you're accessing the customer, please specify the login-customer-id as the manager account ID without hyphens (-). Also, check if you have the correct access level to the Google Ads account that you are accessing. Kindly note that you have not provided the complete API logs.
To analyze your issue further could you provide us with the below details.
You can send the details via Reply privately to the author option, or direct private reply to this email.
Thank you for reaching out to the Google Ads API support team.
I could see that you are encountering a USER_PERMISSION_DENIED authorization error, it means the user doesn't have permission to access the customer. According to the documentation, if you're accessing the customer, please specify the login-customer-id as the manager account ID without hyphens (-). Also, check if you have the correct access level to the Google Ads account that you are accessing. Kindly note that you have not provided the complete API logs.
To analyze your issue further could you provide us with the below details.
- Execute List Accessible Customers and provide us complete API request and response logs, you may also check this API documentation for more information.
- The user email is used for generating the OAuth credentials i.e, refresh token.
- Complete API logs (request and response with request-id and request header) generated at your end.
You can send the details via Reply privately to the author option, or direct private reply to this email.
This message is in relation to case "ref:!00D1U01174p.!5004Q02vGlBN:ref" (ADR-00276141)
Thanks,
Feedback
How was our support today?
Thanks,
 |
Google Ads API Team |
Feedback
How was our support today?
Message has been deleted
Google Ads API Forum Advisor
Nov 21, 2024, 3:26:55 AM11/21/24
to schoo...@gmail.com, adwor...@googlegroups.com
Hi,
Thank you for reaching out to the Google Ads API support team.
Thank you for reaching out to the Google Ads API support team.
After reviewing your concern, I understand that you are encountering the DEVELOPER_TOKEN_NOT_APPROVED error, and you have applied for an access token, but you haven't received any updates on your application status.
Kindly note that access requests are out of scope for the Google Ads API support team as our team specializes in Google Ads API related concerns and technical implementations only. I would recommend you reach out to the Google Ads API Compliance team as they are better equipped to address your concern.
Kindly note that access requests are out of scope for the Google Ads API support team as our team specializes in Google Ads API related concerns and technical implementations only. I would recommend you reach out to the Google Ads API Compliance team as they are better equipped to address your concern.
This message is in relation to case "ref:!00D1U01174p.!5004Q02vGlQh:ref" (ADR-00276322)
Thanks,
|
Google Ads API Team |
Feedback
How was our support today?
tarik waleed
Nov 27, 2024, 2:49:12 PM11/27/24
to Google Ads API and AdWords API Forum
when i send the api request using the python client library where should i put the `login-customer-id`?
Google Ads API Forum Advisor
Nov 27, 2024, 11:42:22 PM11/27/24
to tarikwal...@gmail.com, adwor...@googlegroups.com
Hi,
I would like to inform you that the login-customer-id is a new required header in the Google Ads API when using a manager account to access an operating customer account. If accessing an operating customer account directly, the login-customer-id header is not required. If the user/email address has access to or is associated with the MCC/manager account, you will need to specify the MCC/manager account's ID without hyphens (-) as the value of the login-customer-id field.
I hope this helps! Feel free to get back to us in case of any further queries.
I would like to inform you that the login-customer-id is a new required header in the Google Ads API when using a manager account to access an operating customer account. If accessing an operating customer account directly, the login-customer-id header is not required. If the user/email address has access to or is associated with the MCC/manager account, you will need to specify the MCC/manager account's ID without hyphens (-) as the value of the login-customer-id field.
I hope this helps! Feel free to get back to us in case of any further queries.
Reply all
Reply to author
Forward
0 new messages