questions about authentication and general viability
83 views
Skip to first unread message
r...@subseo.de
Nov 10, 2015, 9:06:11 AM11/10/15
to AdWords API Forum
hello,
we are developing a tool to automate and possibly outsource some keyword research tasks. long-tail keywords are generated by us but need to be checked for search traffic volume and adwords competition, as is possible using the estimator service in the adwords frontend. we need to be able to let third parties use this tool to assist us in our research endeavors.
first off i'm wondering if this is generally a viable application for qualified adwords api usage. will we get a permanent, unlimited developer token for this kind of application model? actually, the really crucial piece of information for us is search volume per search key, competition value would be great but isnt totally necessary. and actually, imho, given google's market position in search engines, this information should be freely available to anyone, anyway..
my second question is about authentication. i see there are several methods available, but i'm unclear as to which will work for us. the main thing is that the main user of the tool must not have access to any kind of adwords credentials, so all authentication needs to happen silently and without user interaction (no oauth2 login screens etc). how can we best achieve this?
thanks for your help!
my second question is about authentication. i see there are several methods available, but i'm unclear as to which will work for us. the main thing is that the main user of the tool must not have access to any kind of adwords credentials, so all authentication needs to happen silently and without user interaction (no oauth2 login screens etc). how can we best achieve this?
thanks for your help!
kind regards,
-rob k.
Michael Cloonan (AdWords API Team)
Nov 10, 2015, 1:04:14 PM11/10/15
to AdWords API Forum
Hello,
Please see two resources on our developers site that should answer these questions.
Required Minimum Functionality: This shows all the requirements your software has to meet in order to be allowed to use the API. There are a few different sets of requirements, depending on your specific tool, so make sure you read carefully.
Get Started guide: This guide covers everything you need to know about authentication. You should use the "installed application" flow for your use case; the guide will show you exactly how to set it up.
Regards,
Mike, AdWords API Team
r...@subseo.de
Nov 12, 2015, 4:27:43 AM11/12/15
to AdWords API Forum
hi there,
thanks for those links. we have reviewed those, and we still have questions. specifically, the rmf guide mentions that tools offering very limited and specialized functionality do not have to meet any creation and management requirements, but then goes on to suggest that tools providing data related to the TrafficEstimatorSerive have to provide ALL functionality listed in the rmf table: so if all we want to do is query that service for two values, which of these recommendations do we adhere to? were we to provide access to our tool to anonymous third parties, it wouldnt be strictly for internal use, what would our requirements be in this case?
which leads to my confusion about your answer to my second question. you mention that we should implement the application flow of authentication, but the documentation indicates that in this model the user does indeed have to manually authenticate via a login screen. only once, i get that, but in our case even once would not be acceptable. is not what we really want a service account for authentication where credentials are read from a file accessible only by our tool?
i should mention that this tool will run on php, browser-based. thanks for all your help.
thanks for those links. we have reviewed those, and we still have questions. specifically, the rmf guide mentions that tools offering very limited and specialized functionality do not have to meet any creation and management requirements, but then goes on to suggest that tools providing data related to the TrafficEstimatorSerive have to provide ALL functionality listed in the rmf table: so if all we want to do is query that service for two values, which of these recommendations do we adhere to? were we to provide access to our tool to anonymous third parties, it wouldnt be strictly for internal use, what would our requirements be in this case?
which leads to my confusion about your answer to my second question. you mention that we should implement the application flow of authentication, but the documentation indicates that in this model the user does indeed have to manually authenticate via a login screen. only once, i get that, but in our case even once would not be acceptable. is not what we really want a service account for authentication where credentials are read from a file accessible only by our tool?
i should mention that this tool will run on php, browser-based. thanks for all your help.
kind regards,
-rob
Michael Cloonan (AdWords API Team)
Nov 12, 2015, 9:09:16 AM11/12/15
to AdWords API Forum
Hello,
Unfortunately, my team can't make the judgment about whether your tool needs to follow the RMF, or whether your tool qualifies. If you have questions that aren't answered by the RMF document, you will need to contact the compliance team. There are instructions on how to do this in the RMF guide I linked, but I've coped them here as well.
If you're not sure whether the RMF policy applies to your tool, contact the AdWords API Compliance team. The AdWords API Compliance team will decide whether your tool is full-service or not. Your tool may be reevaluated if the functionality changes significantly.
As for using installed application, as the guide mentions, the user interaction in a browser happens only once, during development. Think of this as setting up your environment for development. At the time that the tool you write is used, the end user doesn't have to do any authentication. The Get Started guide has a section dedicated to explaining this. Using installed application flow exactly meets your stated requirements.
Regards,
Mike, AdWords API Team
r...@subseo.de
Nov 12, 2015, 11:45:38 AM11/12/15
to AdWords API Forum
thanks again michael, and sorry if i've made u repeat yourself. :)
have a good one,
-rob
have a good one,
-rob
Reply all
Reply to author
Forward
0 new messages