Making the app internal instead of external
3,794 views
Skip to first unread message
Lukas St
Jan 31, 2022, 4:11:08 AM1/31/22
to Google Ads API and AdWords API Forum
Hello,
I am trying to publish my app in order to prevent refreshing the refresh token every 7 days.
In order to do that I have to change my user type from External to Internal in Google Cloud Platform OAuth consent screen.
However, the option is grayed out with statement:
"Your app will only be available to users you add to the list of test users. Once your app is ready to publish, you may need to verify your app. Learn more about user type"
The Google account where my ADS API is, is on Gmail. I signed up for Google Workspace but I can't add this account into the workspace since it's on a different domain.
Is there a way how to do this without having to create new account and go through the whole verification process of the developer token again?
Thank you for help.
Lukas.
Thank you for help.
Lukas.
Google Ads API Forum Advisor
Jan 31, 2022, 12:49:08 PM1/31/22
to lukasmast...@gmail.com, adwor...@googlegroups.com
Hi Lukas,
One developer token can be used by many GCP projects concurrently, you can just create a new GCP project set up for your Workspace and using the same developer token. The only restriction is each Google API Console project can be associated with the developer token from only one manager account. Once you make a Google Ads API request, the developer token is permanently paired to the Google API Console project. If switching to a developer token under a new manager account, you'll need to create a new Google API Console project for Google Ads API requests that use the new manager's token. If you do not use a new Google API Console project, you'll get a
Also, Workspace accounts are used by service account access to the API. Note that we strongly recommend using OAuth2 desktop app or web app flow instead of service accounts unless you need a domain-specific feature (for example, impersonation). OAuth2 desktop app and web app flows do require an initial user interaction for granting access to the account, but are much simpler to set up.
ref:_00D1U1174p._5004Q2W2q00:ref
One developer token can be used by many GCP projects concurrently, you can just create a new GCP project set up for your Workspace and using the same developer token. The only restriction is each Google API Console project can be associated with the developer token from only one manager account. Once you make a Google Ads API request, the developer token is permanently paired to the Google API Console project. If switching to a developer token under a new manager account, you'll need to create a new Google API Console project for Google Ads API requests that use the new manager's token. If you do not use a new Google API Console project, you'll get a
DEVELOPER_TOKEN_PROHIBITED error when making a request.Also, Workspace accounts are used by service account access to the API. Note that we strongly recommend using OAuth2 desktop app or web app flow instead of service accounts unless you need a domain-specific feature (for example, impersonation). OAuth2 desktop app and web app flows do require an initial user interaction for granting access to the account, but are much simpler to set up.
For the OAuth2 desktop app flow, you can persist a refresh token (which never expires) to obtain a new access token whenever necessary. When using one of our client libraries, you can authorize your app by filling out a configuration file.
Regards,
|
||||||
ref:_00D1U1174p._5004Q2W2q00:ref
Colin Hirdman
Jan 31, 2022, 12:56:20 PM1/31/22
to Google Ads API and AdWords API Forum
Hi Aryeh,
Along these lines, if we have a software product that is connected to our developer token and our Manager account, how do we allow other Google Ads accounts (these may be Manager accounts) to connect to our product without requiring them to create their own Developer token?
Google Ads API Forum Advisor
Jan 31, 2022, 1:30:19 PM1/31/22
to colin....@augurian.com, adwor...@googlegroups.com
Hi Colin,
One developer token can be used by many MCC accounts, and those MCC accounts do not have to be in the hierarchy of the MCC account that has the developer token. The developer token is used for Access Levels and Permissible Use. The way to access MCC's and the accounts linked to them is to create a refresh token based on a user that has access to that MCC. The login-customer-id can then be set to the MCC and then the customer Id in the request is set to the account you are trying to access.
One developer token can be used by many MCC accounts, and those MCC accounts do not have to be in the hierarchy of the MCC account that has the developer token. The developer token is used for Access Levels and Permissible Use. The way to access MCC's and the accounts linked to them is to create a refresh token based on a user that has access to that MCC. The login-customer-id can then be set to the MCC and then the customer Id in the request is set to the account you are trying to access.
Colin Hirdman
Jan 31, 2022, 1:33:34 PM1/31/22
to Google Ads API and AdWords API Forum
Thanks!!
Reply all
Reply to author
Forward
0 new messages