Failed to exchange authorization code for access token
2,082 views
Skip to first unread message
Jianbo zhu
Jul 6, 2018, 2:06:49 PM7/6/18
to AdWords API and Google Ads API Forum
Hi,
We start to see a lot of below errors from yesterday, is there an ongoing issue? thanks.
Thanks,
Jianbo
Sreelakshmi Sasidharan (AdWords API Team)
Jul 6, 2018, 4:27:04 PM7/6/18
to AdWords API and Google Ads API Forum
Hi Jianbo,
Currently, we are not aware of any issues. Are you still facing this error? Could you also share some more information about the error like are you observing this while setting up the OAuth or while using the OAuth credentials that were setup and working previously? You might also want to verify that the credentials in the Google developers console were not modified causing this failure. If you were able to make the API calls previously and you started observing this error recently, could you share your CID and the complete error logs?
Currently, we are not aware of any issues. Are you still facing this error? Could you also share some more information about the error like are you observing this while setting up the OAuth or while using the OAuth credentials that were setup and working previously? You might also want to verify that the credentials in the Google developers console were not modified causing this failure. If you were able to make the API calls previously and you started observing this error recently, could you share your CID and the complete error logs?
Please use reply privately to author while sharing this information.
Thanks,
Sreelakshmi, AdWords API Team
Thanks,
Sreelakshmi, AdWords API Team
Kieran Hewitson
Jul 9, 2018, 9:00:42 AM7/9/18
to AdWords API and Google Ads API Forum
I'm seeing this exact same issue when upgrading from v201710 of the API to v201806.
I have tried using other authorisation flows to get around it, but the web application flow doesn't allow for a non-public domain in the oauth callback, and our application is completely internal (no public facing endpoints).
Sreelakshmi Sasidharan (AdWords API Team)
Jul 9, 2018, 3:44:39 PM7/9/18
to AdWords API and Google Ads API Forum
Hello,
Are you using one of our client libraries? If so, could you please ensure that you are following the setup steps specified under the web application in this section of the guide? It is also important to make sure that the client credentials are being created as described here. Please give this a try and let me know how it goes. If you are still facing issues, could you share more details as to when/ on which API call are you getting this error? If you have the complete logs, please share that as well. Please use reply privately to author while replying.
Are you using one of our client libraries? If so, could you please ensure that you are following the setup steps specified under the web application in this section of the guide? It is also important to make sure that the client credentials are being created as described here. Please give this a try and let me know how it goes. If you are still facing issues, could you share more details as to when/ on which API call are you getting this error? If you have the complete logs, please share that as well. Please use reply privately to author while replying.
Kieran Hewitson
Jul 10, 2018, 5:30:53 AM7/10/18
to AdWords API and Google Ads API Forum
Hi Sreelakshmi,
We have a web application that uses the Adwords client API library and authenticates users with an OAuth auth code/access token flow. They receive a token from google and manually pass it back to the application.
Since upgrading to the new version of the API, this type of authorisation expects a redirect Uri, which we don't have.
I've already tried following the instructions you've linked to, but the problem we have is that the web application is internally hosted, and you only allow redirect URIs that contain a publicly hosted domain. We don't want our application to be hosted publicly. I'm not sure you support this as an authentication method any more. We need individuals to authenticate as themselves for audit purposes against adwords, but we need to use a flow that allows us to use a private callback.
I know it may sound like a bit of a tangent from what the OP is asking, but what we have has been working until the API upgrade, and the error we're getting has been exactly the same as the OP.
Thanks,
Kieran.
Sreelakshmi Sasidharan (AdWords API Team)
Jul 10, 2018, 3:43:42 PM7/10/18
to AdWords API and Google Ads API Forum
Hi Kieran,
Thanks for explaining. Since you are using the web application type to setup the OAuth, you will need to specify a valid redirect url while creating the client credentials in the Google developers console. The same redirect url should be specified in your code snippet used to generate the tokens. The redirect url can be internally hosted applications as well. Please check this guide for reference. Once you set your redirect url in the credentials page, you will need to ensure to use the same in the code. For instance, the CALLBACK_URL variable in Java code sample should be having the same url as specified in your credentials page.
If you are already doing this, could you share a screenshot of your client credentials page with the redirect url visible (please be sure to redact the client id and client secret before sharing those) along with the code snippet that you are using to generate the OAuth tokens? Please use reply privately to author while sharing the sensitive information.
Thanks for explaining. Since you are using the web application type to setup the OAuth, you will need to specify a valid redirect url while creating the client credentials in the Google developers console. The same redirect url should be specified in your code snippet used to generate the tokens. The redirect url can be internally hosted applications as well. Please check this guide for reference. Once you set your redirect url in the credentials page, you will need to ensure to use the same in the code. For instance, the CALLBACK_URL variable in Java code sample should be having the same url as specified in your credentials page.
If you are already doing this, could you share a screenshot of your client credentials page with the redirect url visible (please be sure to redact the client id and client secret before sharing those) along with the code snippet that you are using to generate the OAuth tokens? Please use reply privately to author while sharing the sensitive information.
Reply all
Reply to author
Forward
0 new messages