USER_PERMISSION_DENIED

[paolo....@oom.com.sg]

Hello. Im new here but i have read other error message and other queries from users here.

My email has the access to 4 manager accounts (including my email it self) in adwords.

but when authenticating in my application (PHP laravel), i got USER_PERMISSION_DENIED error.

this is my code from getting campaigns:

$ads = new GoogleAds();

$campaignService = $ads->service(CampaignService::class);

$campaigns = $campaignService->select('campaign_id')->get();

dd($campaigns);

[Luis Xander Talag (AdWords API Team)]

Hi Paolo,

The AuthorizationError.USER_PERMISSION_DENIED error you encountered means that there is no link between the manager account authenticated in the request with the client account specified in the headers or your OAuth2 credentials are for a user who does not have access to the client customer ID specified or any of its manager accounts. This being said, you should make sure that the OAuth2 credentials you are using were generated using an email address which has access to the account(s) you are making the API requests to. Also, you could use ManagedCustomerService to determine which client accounts are linked to your manager account. You may check this sample code for reference.

If the issue persist, could you provide which email address you use to generate your OAuth2 credentials? Also, could you provide which clientCustomerId you are making API calls when you encountered the error? Please reply via Reply privately to author.

Thanks and regards,

Luis

AdWords API Team

[Luis Xander Talag (AdWords API Team)]

Hi Paolo,

Thank you for providing additional information. I had to re-post your previous post as it contained sensitive information such as clientId, clientSecret, etc. I would recommend that you review our forum posting guidelines as well in order to avoid exposing private information into this public forum.

Hello Luis,

Email: xxxxxxx@xxxxxxx

this is the one that i am using to generate oauth2. and this is the code that im using :

session_start();

$oauth2 = new OAuth2([

'authorizationUri' => 'https://accounts.google.com/o/oauth2/v2/auth',

'tokenCredentialUri' => 'https://www.googleapis.com/oauth2/v4/token',

'redirectUri' => route('user.mcc'),

'clientId' => 'xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx',

'clientSecret' => 'xxxxxxxxxxxxxxxxx',

'scope' => 'https://www.googleapis.com/auth/plus.login',

]);

if (!isset($_GET['code'])) {

$oauth2->setState(sha1(openssl_random_pseudo_bytes(1024)));

$_SESSION['oauth2state'] = $oauth2->getState();

$config = [

'access_type' => 'offline'

];

header('Location: ' . $oauth2->buildFullAuthorizationUri($config));

exit;

}

elseif (empty($_GET['state'])

|| ($_GET['state'] !== $_SESSION['oauth2state']))

{

unset($_SESSION['oauth2state']);

exit('Invalid state.');

} else {

$oauth2->setCode($_GET['code']);

$authToken = $oauth2->fetchAuthToken();

$refreshToken = $authToken['refresh_token'];

}

in the email above, i have 4 adwords manager account linked to it. for my application, I want to authenticate multiple users that has multiple adwords manager account linked to. can you help me to start with it? need some instructions coz im having a hard time in adwords api please. Java or php client will do.

Regards,

Luis

AdWords API Team

On Tuesday, July 31, 2018 at 11:22:23 AM UTC+8, Albert Paolo Rogelio wrote:

Hello Luis,

Email: xxxxxxx@xxxxxxx

this is the one that i am using to generate oauth2. and this is the code that im using :

session_start();

$oauth2 = new OAuth2([

'authorizationUri' => 'https://accounts.google.com/o/oauth2/v2/auth',

'tokenCredentialUri' => 'https://www.googleapis.com/oauth2/v4/token',

'redirectUri' => route('user.mcc'),

'clientId' => 'xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx',

'clientSecret' => 'xxxxxxxxxxxxxxxxxxxxx',

'scope' => 'https://www.googleapis.com/auth/plus.login',

]);

if (!isset($_GET['code'])) {

$oauth2->setState(sha1(openssl_random_pseudo_bytes(1024)));

$_SESSION['oauth2state'] = $oauth2->getState();

$config = [

'access_type' => 'offline'

];

header('Location: ' . $oauth2->buildFullAuthorizationUri($config));

exit;

}

elseif (empty($_GET['state'])

|| ($_GET['state'] !== $_SESSION['oauth2state']))

{

unset($_SESSION['oauth2state']);

exit('Invalid state.');

} else {

$oauth2->setCode($_GET['code']);

$authToken = $oauth2->fetchAuthToken();

$refreshToken = $authToken['refresh_token'];

}

in the email above, i have 4 adwords manager account linked to it. for my application, I want to authenticate multiple users that has multiple adwords manager account linked to. can you help me to start with it? need some instructions coz im having a hard time in adwords api please. Java or php client will do. 

[Luis Xander Talag (AdWords API Team)]

Hi Paolo,

Moving forward, could you also provide your clientCustomerId when you encountered the error so I could further investigate your concern? And please reply via Reply privately to author.

Regards

Luis,

AdWords API Team