Can I create campaigns under root manager account directly.

[hari krishna]

Hi,

1) Can I create campaigns under root manager account directly with out child client account. If yes can you please point me to a documentation/guide so that i can create campaigns under direct root manager account.

2)Can I create Refreshtoken for each campaign under root manager account. If yes can you please point me to a documentation/guide so that i can create Refreshtoken  for each campaign. 

3) If we can't create Refreshtoken for each campaign under root manager account,Can we create Refresh token for each client account which is there under root manager account.If yes Can you please point me to  a documentation/guide so that i can create Refresh token for each client account which is there under  root manager account. So that i can access each client account with refresh token and other credentials individually. 

Thanks!

Hari. 

 

[Vincent Racaza (AdWords API Team)]

Hi Hari,

Please see answers below to your questions.

1) Can I create campaigns under root manager account directly with out child client account. If yes can you please point me to a documentation/guide so that i can create campaigns under direct root manager account.

Campaigns cannot be created in a manager account. It can only be created in a client account. This is true for both AdWords UI and API. You can check this example (in Java) on how to create campaigns.

For your questions 2 and 3, kindly refer to my answer below.

Refresh token is not campaign based, it is user based or email address based. You can check these users in your AdWords UI -> Account settings. For example, if you have 2 users (e.g. a...@example.com, b...@example.com) in your client account, then you can generate OAuth2 credentials (with client ID, client secret, refresh token) to these two users. The user a@example will have a unique refresh token and b...@example.com will have a different unique refresh token. The idea here is that OAuth2 credential is associated to an email address of a user which is under your client/manager account, and not on a campaign or the client account itself.  

You can check this guide on how to authenticate in the AdWords API including the generation of refresh token (see this section). 

Could you confirm on why do you want to generate separate refresh tokens to your campaigns or to your client accounts? If you want to access multiple client accounts under an MCC, then you can select a user from that MCC that has administrative/standard access, and generate the OAuth credential for that user. This way, your credential can access the MCC and all sub MCCs and client accounts under it.

Let me know if you have further clarifications.

Thanks,

Vincent

AdWords API Team

[hari krishna]

Thanks Vincent for information. 

We want to create refresh tokens for individual accounts because our vendor (third party campaign manger who manages our accounts) also managing other company account in same hierarchy,he dont want to give root manager account refresh token as it will expose other company accounts too which he is managing. 

Since we are going to use refresh token per client account. I am going to authenticate each refresh token in application startup it self and keep all accesstokens in a HashMap to use later point. 

I have seen accessToken expire time is one hour. Java Adwords client libraries will automatically refresh access tokens once it expires right. 

Below is the code I am going to use and My HashMap will be like  map(clientId,AdWordsSession );

public AdWordsSession generateAdwordsSession(final Properties prop,final String clientId) {

String dpTokenUrl = (String) prop.getProperty(DP_TOKEN_URL);

String refreshToken = refreshTokenMap.get(clientId);

// Generate a refreshable OAuth2 credential.

Credential oAuth2Credential;

try {

oAuth2Credential = new OfflineCredentials.Builder().forApi(Api.ADWORDS).withTokenUrlServer(dpTokenUrl).withRefreshToken(refreshToken).fromFile().build()

.generateCredential();

// Construct an AdWordsSession.

return new AdWordsSession.Builder().fromFile().withOAuth2Credential(oAuth2Credential).build();

} catch (OAuthException | ValidationException | ConfigurationLoadException e) {

LOGGER.error("Error in getting AdwordsSession with given credentials", e);

return null;

}

}

Can you please let me know whether above approach works or not ?

Thanks!

Hari. 

[Vincent Racaza (AdWords API Team)]

Hi Hari,

In regards to your scenario on which your vendor doesn't want to provide the refresh token of the root/parent MCC for security purposes, then as I have previously mentioned, you can select a user on a client account that has access only to that client account and generate OAuth credentials. This way, the credential will only be used for that client account. If you'll attempt to use the credential to other client accounts, it will generate an error.

In regards to the code you have provided, I can see that you have already talked about this with my colleague, Peter. Since you are using our Java client library, then you don't need to create your own method for generating the AdWords session. Our examples already incorporated the creation of AdWords session as you can see on this line. As what Peter previously mentioned, access tokens are also automatically generated (using the refresh token) once it is about to expire using our client libraries. As a recommendation and for simplicity, please follow the examples instead.

[hari krishna]

Thanks Vincent, 

I will ask them to create separate user for that client and ask them to provide Refreshtoken for that user. 

And regarding code : There is no difference in the code which you shown to me and which I given  above. If you see closely, I just created separate method and put the code which you have shown to me inside. The only difference is i have added two more methods i.e withTokenUrlServer(dpTokenUrl).withRefreshToken(refreshToken) in the first statement,That is required as per my requirement. Can you please check my code again and let me know if you think any difference I am doing.

Can you please confirm below things. 

1)Is it mandatory to have client id , client secret and Refreshtoken to generate access token to connect to adwords APIs or is there any other way to do that. 

2)If I have client Id, client sect and developer token, Then can i connect to any account if i have refresh token for that account. Should There be any link between (client id , client secret and developer token) to the refresh token of that account. 

Thanks!

Hari. 

Thanks!

Hari. 

[Vincent Racaza (AdWords API Team)]

Hi Hari,

You are correct that the difference with your code is only those methods. However, I am not sure on why you are setting the tokenUrlServer. For the AdWords API itself, the needed fields in order to create an AdWordsSession is your credential (client ID, client secret, refresh token, developer token). These are the four required fields.

For your two questions, please see answers below:

1)Is it mandatory to have client id , client secret and Refreshtoken to generate access token to connect to adwords APIs or is there any other way to do that.

Yes, it is mandatory to have client ID, client secret and refresh token to generate the access token. As I have said, the access token is automatically generated in the background using the client library. Client ID and client secret are needed to generate the refresh token, and the refresh token is needed to generate the access token, so all these properties are required.

 2)If I have client Id, client sect and developer token, Then can i connect to any account if i have refresh token for that account. Should There be any link between (client id , client secret and developer token) to the refresh token of that account. 

It is not the refresh token alone that is needed to access an AdWords account. Every refresh token is associated to a client ID and secret, so you cannot randomly match your client ID and secret with the refresh token (e.g. from the other email address).

To answer your question, if the refresh token is the correct refresh token associated to your client ID and secret, then you can access any AdWords account as long as the email address (associated to the client ID) is a user with valid permission in those AdWords accounts. If you will be using a refresh token that is not associated to your client ID, then the API will generate an error. If you'll target an AdWords account and the user is not existing on that account, it will also generate an error.

[hari krishna]

Thanks Vincent for patiently reading my questions and answering .

Thanks!

Hari.