Hi!
I can't figure out what is the problem. I tried almost everything (test coentent, real content, different accounts, id, etc) and got the same error every time.
I got the app in the console with ads api enabled.
I have service account with generated key and domain-wide delegation enabled.
I have developer token.
What I do (PHP with no google library):
1. Token request.
$JWT_header = $this->_base64url_encode(json_encode(
array(
"alg" =>
"RS256",
"typ" =>
"JWT"
)));
$time = time();
$JWT_claim = $this->_base64url_encode(json_encode(
array(
"iss" => $this->
settings[
"api_service_email"],
"sub" => $this->
settings[
"api_service_email"],
"scope" =>
"https://www.googleapis.com/auth/adwords",
"aud" =>
"https://oauth2.googleapis.com/token",
"exp" => $time + 3600,
"iat" => $time
)));
$key =
openssl_pkey_get_private(
"file://".
__DIR__.
"/key.pem");
openssl_sign(
$JWT_header.
".".$JWT_claim,
$JWT_signature,
$key,
"SHA256"
);
$curl =
curl_init();
$options =
array(
CURLOPT_URL =>
"https://oauth2.googleapis.com/token",
CURLOPT_RETURNTRANSFER =>
true,
CURLOPT_VERBOSE =>
false,
CURLOPT_FAILONERROR =>
false,
CURLOPT_POST =>
true,
CURLOPT_POSTFIELDS =>
'grant_type=urn%3Aietf%3Aparams%3Aoauth%3Agrant-type%3Ajwt-bearer&assertion='.$JWT,
CURLOPT_HTTPHEADER =>
array(
'Content-type: application/x-www-form-urlencoded',
)
);
curl_setopt_array($curl, $options);
$response =
curl_exec($curl);
$response = json_decode($response, true);
curl_close($curl);
This works well and I get the token.
With or without "sub" in claim data.
2. ads API Call
$data = array(
"pageSize" => 10000,
"query" => "SELECT ad_group_criterion.keyword.text, ad_group_criterion.status FROM ad_group_criterion WHERE ad_group_criterion.type = 'KEYWORD' AND ad_group_criterion.status = 'ENABLED'",
);
CURLOPT_RETURNTRANSFER => true,
CURLOPT_VERBOSE => true,
CURLOPT_FAILONERROR => false,
CURLOPT_POST => false,
CURLOPT_POSTFIELDS => json_encode($data),
CURLOPT_HTTPHEADER => array(
'Authorization: Bearer '.$api_token,
'developer-token: '.$api_dev_token,
'login-customer-id: '.$api_client,
'Content-Type: application/json; charset=utf-8',
)
);
curl_setopt_array($curl, $options);
$response = curl_exec($curl);
$response = json_decode($response, true);
curl_close($curl);
This works, but I got an error every time.
[authenticationError] => NOT_ADS_USER
[message] => User in the cookie is not a valid Ads user.
Help me understand what is wrong???