For a google account return all AdWords accounts they can access and for an AdWord account return all users that can access it.
307 views
Skip to first unread message
Tom Hughes
Feb 21, 2017, 9:39:16 AM2/21/17
to AdWords API Forum
I'm assessing the AdWords and I'm trying to work out if it can satisfy the following requirements :
1. Given a Google account (which is authenticated against an app with the requisite scopes), can I retrieve all the AdWords accounts that it can access and the level of access it has?
e.g. given my.emp...@gmail.com
return
adwor...@gmail.com - Adminstrative
adwor...@gmail.com - Read-only
2. Given an AdWords account (again authenticated with the requisite scopes), can I retrieve all Google accounts that have access and their levels of access?
The information returned will be equivalent to the table in the following image :
thanks in advance,
Tom
Shwetha Vastrad (AdWords API Team)
Feb 21, 2017, 3:10:21 PM2/21/17
to AdWords API Forum
Hi Tom,
Given a Google account, you can retrieve the AdWords accounts directly accessible by this account using CustomerService.getCustomers() method. This service returns the details of all the customers directly accessible by the user authenticating the call if no clientCustomerId is specified in the request header. I'm afraid it's not possible to retrieve the access levels the authenticated user has to each AdWords account.
Given a Google account, you can retrieve the AdWords accounts directly accessible by this account using CustomerService.getCustomers() method. This service returns the details of all the customers directly accessible by the user authenticating the call if no clientCustomerId is specified in the request header. I'm afraid it's not possible to retrieve the access levels the authenticated user has to each AdWords account.
Unfortunately, the second requirement is not supported in AdWords API. The users listed is the Account Access section cannot be retrieved using any of the AdWords API services.
Regards,
Shwetha, AdWords API Team.
Ricardo Buitrago
Feb 21, 2017, 11:22:57 PM2/21/17
to AdWords API Forum
Thanks for your reply Shwetha! I was also searching for this answer. Quick question: If a user links their account to an Adwords API tool, and the tool gets the list of customers the user has access to using the method you mentioned, how does the API tool "understand" if it can access a specific customer account in the list? The reason I ask this is I understand that if a user has "read-only" access to a certain customer account, it cannot give permission to an API tool to access the account. Am I right? How do API tools "know" which customer accounts it has permission to access?
Thanks in advance!
Ricardo
Shwetha Vastrad (AdWords API Team)
Feb 22, 2017, 1:24:42 PM2/22/17
to AdWords API Forum
Hi Ricardo,
In AdWords API, all requests are authorized through OAuth2. The OAuth 2.0 authorization framework enables your AdWords API client app to obtain access to a user's AdWords account without having to handle or store the user's login information. The access of the login email used to generate OAuth2 credentials applies to API access as well. If you've authenticated as a read-only client, you'll only be able to make GET calls and download reports. Email-only logins cannot make AdWords API calls at all. You can still use a login with read-only access to make API requests. The OAuth2 credentials used in the request determines which accounts can be targeted. This guide describes how the account structure impacts authorization in AdWords API. You can find additional information in Google's OAuth2 guide.
In AdWords API, all requests are authorized through OAuth2. The OAuth 2.0 authorization framework enables your AdWords API client app to obtain access to a user's AdWords account without having to handle or store the user's login information. The access of the login email used to generate OAuth2 credentials applies to API access as well. If you've authenticated as a read-only client, you'll only be able to make GET calls and download reports. Email-only logins cannot make AdWords API calls at all. You can still use a login with read-only access to make API requests. The OAuth2 credentials used in the request determines which accounts can be targeted. This guide describes how the account structure impacts authorization in AdWords API. You can find additional information in Google's OAuth2 guide.
Tom Hughes
Feb 22, 2017, 1:27:59 PM2/22/17
to AdWords API Forum
Thank you Shwetha.
What does Customer mean in this context? Is this a linked AsWords account? How do you see these links in the UI.
I also notice a AdwordsUserListService. Which promises to return Users. What are Users in this context? And how would I see these in the UI?
thanks again,
Tom
Ricardo Buitrago
Feb 22, 2017, 3:00:17 PM2/22/17
to AdWords API Forum
Thanks again Shwetha! Needing some clarification though. The guide about OAuth credentials you linked to talks mostly about Manager Accounts, but what if a user with a standard Adwords account has access to multiple Adwords accounts ? Let me explain with an example:
Our tool currently asks users in the first step to link their Adwords account. When they confirm permission through OAuth, if it´s a Manager account we list the Accounts that the manager account has access to. That works perfectly, however, we would also like to allow users with Standard accounts to link multiple accounts they have access to. Does it work the same with Standard accounts as it does with manager accounts? Also, how can we identify if the access level that a certain user has over one of the accounts he has access to does not allow API access?
Thanks!
Ricardo
Shwetha Vastrad (AdWords API Team)
Feb 22, 2017, 4:49:10 PM2/22/17
to AdWords API Forum
Hi Tom,
In this context, the "Customer" refers to the AdWords account (manager or client account) that is accessible directly by the login using which the OAuth2 credentials were generated. For example, if you use the login associated with your manager account (which has multiple client accounts linked to it) to create your OAuth2 credentials, the CustomerService.getCustomers() method will return the details of the manager account, assuming that this login email is not associated with other AdWords accounts. On September 12th, 2016, AdWords announced that you can now use one Google login to access multiple AdWords accounts. With this change, you can associate up to 5 AdWords accounts with a single Google account. In this scenario, the getCustomers() method will return all the AdWords accounts directly accessible by this Google account.
The AdwordsUserListService is used to manage user lists (audiences) for audience targeting and remarketing in your campaigns. This is not related to the users who have access to an AdWords account. These UserLists will be available in the Audience section in the Shared Library in the UI.
In this context, the "Customer" refers to the AdWords account (manager or client account) that is accessible directly by the login using which the OAuth2 credentials were generated. For example, if you use the login associated with your manager account (which has multiple client accounts linked to it) to create your OAuth2 credentials, the CustomerService.getCustomers() method will return the details of the manager account, assuming that this login email is not associated with other AdWords accounts. On September 12th, 2016, AdWords announced that you can now use one Google login to access multiple AdWords accounts. With this change, you can associate up to 5 AdWords accounts with a single Google account. In this scenario, the getCustomers() method will return all the AdWords accounts directly accessible by this Google account.
The AdwordsUserListService is used to manage user lists (audiences) for audience targeting and remarketing in your campaigns. This is not related to the users who have access to an AdWords account. These UserLists will be available in the Audience section in the Shared Library in the UI.
Shwetha Vastrad (AdWords API Team)
Feb 22, 2017, 4:49:37 PM2/22/17
to AdWords API Forum
Hi Ricardo,
By "Standard accounts", are you referring to AdWords client (non-manager) accounts? If so, CustomerService can be used to retrieve the details of the AdWords client account similar to manager accounts. The canManageClients field can be used to determine if the account being authenticated is a Manager account or a client account. I'm afraid it's not possible to retrieve the access level of a user for a particular account. If you invoke a method for which you don't have the authorization, you'll encounter OperationAccessDenied.ACTION_NOT_PERMITTED.
By "Standard accounts", are you referring to AdWords client (non-manager) accounts? If so, CustomerService can be used to retrieve the details of the AdWords client account similar to manager accounts. The canManageClients field can be used to determine if the account being authenticated is a Manager account or a client account. I'm afraid it's not possible to retrieve the access level of a user for a particular account. If you invoke a method for which you don't have the authorization, you'll encounter OperationAccessDenied.ACTION_NOT_PERMITTED.
Reply all
Reply to author
Forward
0 new messages