Developer Token Works, Production Token can't connect

Joshua Bartley

unread,

Dec 4, 2015, 9:57:40 PM12/4/15

to AdWords API Forum

For my application we have two developer tokens(or applications), one for development, and one approved for production use. On the development server we can connect and reconnect to our test mcc accounts perfectly. Switch out the CLIENT_ID, CLIENT_SECRET, DEVELOPER_TOKEN causes the code to break. The current error is "USER_PERMISSION_DENIED". The accounts are linked, because I see it in my accounts application access and if I attempt a reconnect, I only receive an access token, no refresh_token like when I disconnect and connect the first time and receive an refresh_token. We are using the PHP client library for access.

I wanted to see if anyone has had this issue or if anything sounded familiar enough to help guide me on where to look or how to troubleshoot this more.

Thanks,

-Josh

Umesh Dengale

unread,

Dec 7, 2015, 10:13:23 AM12/7/15

to AdWords API Forum

Hi Josh,

A developer tokens can be used with any AdWords account, regardless of which manager account was used to apply for it. A developer token is associated with a manager account simply for record-keeping purposes.

The AuthorizationError.USER_PERMISSION_DENIED means your OAuth credentials don't match clientCustomerId you specify. Basically, login you are using doesn't have access to the account you are trying to touch. BTW, this is covered here. Please re-do the OAuth flow (generate new refresh token) making sure you are logged in under a proper account(MCC account owner). Please check out OAuth2.0 PHP guide for more details.

Regards,

Umesh, AdWords API Team.

Joshua Bartley

unread,

Dec 7, 2015, 10:33:01 AM12/7/15

to AdWords API Forum

I might have mixed my words the first time. CLIENT_ID and CLIENT_SECRET is the two values we changed. Developer token is the same for the dev server and production servers.

I have read the guide, but my error does not make sense because we have re-done the OAuth flow multiple times. We changed the server to the different CLIENT_ID and CLIENT_SECRET and re-authorize the application to that, the authorization flow works but then can no longer access the API. I've dumped the request object from the oauth flow to validate the client ids and dumped the customer id before sending a request through the PHP Library. What is perplexing is that this code works on one server, but as soon as we change the CLIENT_ID and CLIENT_SECRET everything stops work, even after repeated authorizations through OAUth and verifying the application in the google account security section.

Also if I attempt to reconnect the application to AdWords, but it was never deactivated, I only get an access token back which tells me the authorization flow is correct since the refresh token only shows up on the first authorization.

Thanks,

-Josh

Umesh Dengale

unread,

Dec 8, 2015, 10:24:49 AM12/8/15

to AdWords API Forum

Hi Josh,

The AuthorizationError.USER_PERMISSION_DENIED means your OAuth credentials don't match clientCustomerId you specify. Basically, login you are using doesn't have access to the account you are trying to touch. Could you confirm that the login account used for doing OAuth2 authorization is the same as that of manager account?