SAAS APP Throwing Error

[Steven Chand]

Hi , 

We are building a SAAS Reporting Platform for Adwords.

We have Basic Developer Access Token, 

We are getting this error.

AuthorizationError.USER_PERMISSION_DENIED @ ; trigger:'<null>']

I understand after reading the forums that this error means the Client is not Added in MCC, Correct me if I am wrong.

My Question is:

1) Is it absolutely necessary to link Adwords Client account to MCC in order to authenticate with the APP

2) Would there be any permission issues with my Approved Basic Developer Token

3) Is there a way to authenticate Adwords users to our APP without adding to MCC via the API ?Thanks and Appreciate it

Would appreciate your response.

Thanks

[Peter Oliquino]

Hi Steven,

As discussed here, the USER_PERMISSION_DENIED could be two things, either there is no link between the MCC and the client account or the OAuth2 credentials that you are using belong to a user who does not have access to the specified clientCustomerId. This said, you may first use the ManagedCustomerService.get to ensure that the clientCustomerId you are using is indeed linked to your MCC.

As for your questions, you may refer below for my answers :

1) Is it absolutely necessary to link Adwords Client account to MCC in order to authenticate with the APP

- It is recommended that for any client account you wish to make calls with, it should be linked to the MCC in which your developer token is associated to, to avoid errors. However, a developer token can still be used to make calls against an un-linked client account, as long as the OAuth2 credentials you have specified are associated to the clientCustomerId you have defined in your properties file.

2) Would there be any permission issues with my Approved Basic Developer Token

- If you are referring to linking the client account to your MCC using a basic access level developer token, then there should be no issues. Let me know if I misunderstood this question.

3) Is there a way to authenticate Adwords users to our APP without adding to MCC via the API ?Thanks and Appreciate it

- As mentioned in my response to your #1 question, you may still be able to make calls to that client account using the developer token of your MCC as long as the OAuth2 credentials you are using belong to or is associated to the said client account. The OAuth2 credentials, essentially are what gives users access to view or manage data of their accounts via the AdWords API.

Let me know if this helps.

Thanks,

Peter

AdWords API Team