API authentication

[adi]

Hi guys,

After I read several times this api documentation, I did not found a way, to use this api without an authorization (meaning an auth token).

I will need to use this for the creatives part, a way to use the api trough the api key authentication.

All examples that you provide here are with OAuth, is there any way to use only the API key?

[Joseph DiLallo (AdX API Team)]

Hello!

The AdX APIs do not allow you to use just the API key. The RESTful API supports only OAuth 2.0 and the SOAP API supports both OAuth 2.0 and ClientLogin, though ClientLogin is deprecated and not recommended.

There is a difference in ideology between the two approaches. OAuth 2.0 ties access to your Google Account, as the end-user (you, in this case) has to grant access to the private information tied to his/her Google Account (in this case, your AdX creatives). An API Key can only be used to access purely public data, such as the Google Maps API. I like the short explanation of API keys here.

Regards,

- Joseph DiLallo, the AdX Buyer API Team

[Joseph DiLallo (AdX API Team)]

To be clear, I shouldn't have said API keys are for only "purely public" data, as sometimes they can be used to access data that is considered to belong to your API project as a whole rather than specific users. Just wanted to clarify. :-)

[aditya rao]

Hi Joseph,

I am facing similar issues. How do I do the second step that you mentioned-"grant access to the private information tied to his/her Google Account"? I get a com.google.api.client.googleapis.json.GoogleJsonResponseException: 403 Forbidden now.

Thanks

On Thursday, December 20, 2012 9:55:08 AM UTC-5, Joseph DiLallo (AdX API Team) wrote:

[Joseph DiLallo (AdX API Team)]

Hey there,

Are you generated an OAuth 2.0 access token? These are the "passwords" we use to guard access to the DoubleClick Ad Exchange APIs. There is a bunch of documentation on OAuth 2.0 and this is what the code examples for our APIs do. Is there a specific step in the process I can help you with?

Cheers,

- Joseph DiLallo, the DoubleClick Ad Exchange Buyer API Team

[Aditya]

Hi Joseph,

Thank you for the reply. I believe I am authenticating myself. Just to give a little bit of background, I am trying to use OAuth 2.0 for Server to Server Applications. My method looks like this: 

private static Credential authorize() throws Exception {

        try {

            try {

                httpTransport = GoogleNetHttpTransport.newTrustedTransport();

              

                // service account credential

                GoogleCredential.Builder builder = new GoogleCredential.Builder();

                builder.setTransport(httpTransport);

                builder.setJsonFactory(JSON_FACTORY);

                builder.setServiceAccountId(SERVICE_ACCOUNT_EMAIL);

                builder.setServiceAccountScopes(Collections.singleton(AdexchangebuyerScopes.ADEXCHANGE_BUYER));

                builder.setServiceAccountPrivateKeyFromP12File(new File(keyPath));

                GoogleCredential credential = builder.build();

                return credential;

            } catch (IOException e) {

                System.err.println(e.getMessage());

                System.exit(1);

            }

        } catch (Throwable t) {

            t.printStackTrace();

        }

        return null;

    }

    /**

     * Performs all necessary setup steps for running requests against the API.

     *

     * @return An initialized AdSense service object.

     * @throws Exception

     */

    private static Adexchangebuyer initClient() throws Exception {

        // Authorization.

        Credential credential = authorize();

        // Set up API client.

        client = new Adexchangebuyer.Builder(

                httpTransport, JSON_FACTORY, credential).setApplicationName(APPLICATION_NAME).build();

        return client;

    }

Is there anything more to be done for completing the authentication process?

--
Aditya

--
You received this message because you are subscribed to a topic in the Google Groups "Doubleclick Ad Exchange Buyer API Forum" group.
To unsubscribe from this topic, visit https://groups.google.com/d/topic/google-doubleclick-ad-exchange-buyer-api/alMASaLtT8k/unsubscribe.
To unsubscribe from this group and all its topics, send an email to google-doubleclick-ad-exch...@googlegroups.com.
For more options, visit https://groups.google.com/groups/opt_out.

[Joseph DiLallo (AdX API Team)]

Hey Aditya,

That looks about right for what you need to do. HTTP 403: Forbidden could indicate that you're trying to fetch an account or creative that you don't have access to. Is it possible that that's the problem here?

Regards,

- Joseph DiLallo, the DoubleClick Ad Exchange Buyer API Team

--
Aditya

To unsubscribe from this group and all its topics, send an email to google-doubleclick-ad-exchange-buyer-api+unsub...@googlegroups.com.

[Aditya]

Hi Joseph,

Upon further debugging I came across a few more issues. The following fields in Credential object are null: 

• serviceAccountUser = null
• accessToken = null
• expirationTimeMilliseconds = null
• refreshToken = null 
• clientAuthentication = null
• requestInitializer = null 

Also, the serviceAccountPrivateKey starts with "Sun RSA private CRT key, 1024 bits\n modulus:       ". Is this valid? Does the header has to be a part of this object as well?

However, when I hard-code the access token acquired from OAuth Playground, it works. So, I feel the only missing part is acquiring an access token with the above mentioned method. 

--
Aditya

To unsubscribe from this group and all its topics, send an email to google-doubleclick-ad-exch...@googlegroups.com.

[Joseph DiLallo (AdX API Team)]

Hey Aditya,

Is this before or after a request is made? As this is a service account, there wouldn't be a refresh token at all. Many of the other fields such as accessToken would only be filled in after you've used the object to make a request.

There's an important distinction between the access tokens gotten from the playground and the access token you'd see here - the token from the playground is linked to your Google Account, while the one here is linked to your Service Account. These 2 entities do not share each other's access. The problem may just be that you need to have your service account authorized to access your Ad Exchange account. Your technical account manager would be able to do this; you'd just have to send him or her the email address for your service account found in the Google APIs Console.

Cheers,

- Joseph DiLallo, the DFA API Team

--
Aditya

--
Aditya

To unsubscribe from this group and all its topics, send an email to google-doubleclick-ad-exchange-buyer-api+unsubscribe@googlegroups.com.

For more options, visit https://groups.google.com/groups/opt_out.

[Aditya]

I think the service account is not associated with the AdX account. Thanks for the help!

--
Aditya

To unsubscribe from this group and all its topics, send an email to google-doubleclick-ad-exch...@googlegroups.com.

[Chaoyong Wang]

Hi Aditya,

    Currently I get the exactly same problem, may I know how did you solve the problem. 

Thanks.

在 2013年10月3日星期四UTC+8下午11时59分27秒，Aditya写道：

[Aditya]

You need to ask your Techncal account manager at Google to associate your service email id with the Google account.

--
Aditya

To unsubscribe from this group and all its topics, send an email to google-doubleclick-ad-exch...@googlegroups.com.