Re: How to link a client account (obtained via OAuth2) with my MCC account?

186 views
Skip to first unread message
Message has been deleted

Luis Xander Talag (AdWords API Team)

unread,
Apr 2, 2018, 4:11:42 AM4/2/18
to AdWords API Forum
Hi,

I deleted your original post as it contains your private information. In the future, please do not include any confidential information such as clientCustomerId in your public post. You may refer to this guide before posting. Re-posting with your masked information:

Hello everyone,

I've been using the API for a couple years now with my MCC linked accounts. So far so good. Now I want to allow users to provide me access to their accounts (OAuth2) and then link their account with my MCC so I can supervise their accounts from my AdWords dashboard. Getting the OAuth authorization was simple. I'm able to read the user's account data just fine

Problem is that I just can't use ManagedCustomerService's mutate_link to connect the client account to my MCC. The problems lies in that I don't know what should be the header's clientCustomerId, and I've tried all combinations. Here are the problems in details.

Note 1: MCC's id is XXX-XXX-XXXX, client account XXX-XXX-XXXX.
Note 2: I acquired the client account id by calling getCustomers in the CustomerService.
Note 3: I've tried both production MCC and test MCC account, both with the same results. The client account is a real one. The examples below use test account

Scenario 1: MCC's access token, clientCustomerId=client's

Outgoing request: SOAPAction: "mutateLink", User-Agent: Ruby AdHoc (AwApi-Ruby/1.2.0, Common-Ruby/1.0.1, GoogleAdsSavon/1.0.3, ruby/2.3.1, HTTPI/2.4.3, httpclient), Authorization: REDACTED, Content-Type: text/xml;charset=UTF-8, Content-Length: 1050 <?xml version="1.0" encoding="UTF-8"?><env:Envelope xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:wsdl="https://adwords.google.com/api/adwords/mcm/v201802" xmlns:env="http://schemas.xmlsoap.org/soap/envelope/" xmlns:ns0="https://adwords.google.com/api/adwords/cm/v201802"><env:Header><wsdl:RequestHeader xmlns="https://adwords.google.com/api/adwords/cm/v201802"><userAgent>Ruby AdHoc (AwApi-Ruby/1.2.0, Common-Ruby/1.0.1, GoogleAdsSavon/1.0.3, ruby/2.3.1, HTTPI/2.4.3, httpclient)</userAgent><developerToken>REDACTED</developerToken><clientCustomerId>XXXXXXXXXX</clientCustomerId><partialFailure>true</partialFailure></wsdl:RequestHeader></env:Header><env:Body><mutateLink xmlns="https://adwords.google.com/api/adwords/mcm/v201802"><operations><ns0:operator>ADD</ns0:operator><operand><managerCustomerId>XXX-XXX-XXXX</managerCustomerId><clientCustomerId>XXXXXXXXXX</clientCustomerId><linkStatus>PENDING</linkStatus></operand></operations></mutateLink></env:Body></env:Envelope>

---

Incoming response: Content-Type: text/xml; charset=UTF-8, Date: Sat, 31 Mar 2018 19:43:28 GMT, Expires: Sat, 31 Mar 2018 19:43:28 GMT, Cache-Control: private, max-age=0, X-Content-Type-Options: nosniff, X-Frame-Options: SAMEORIGIN, X-XSS-Protection: 1; mode=block, Server: GSE, Alt-Svc: hq=":443"; ma=2592000; quic=51303432; quic=51303431; quic=51303339; quic=51303335,quic=":443"; ma=2592000; v="42,41,39,35", Accept-Ranges: none, Vary: Accept-Encoding, Transfer-Encoding: chunked <soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/"><soap:Header><ns2:ResponseHeader xmlns:ns2="https://adwords.google.com/api/adwords/mcm/v201802" xmlns="https://adwords.google.com/api/adwords/cm/v201802"><requestId>000568ba9220b0da0ac12246ad0db968</requestId><serviceName>ManagedCustomerService</serviceName><methodName>mutateLink</methodName><operations>1</operations><responseTime>71</responseTime></ns2:ResponseHeader></soap:Header><soap:Body><soap:Fault><faultcode>soap:Server</faultcode><faultstring>[AuthorizationError.USER_PERMISSION_DENIED @ ; trigger:'&lt;null&gt;']</faultstring><detail><ns2:ApiExceptionFault xmlns="https://adwords.google.com/api/adwords/cm/v201802" xmlns:ns2="https://adwords.google.com/api/adwords/mcm/v201802"><message>[AuthorizationError.USER_PERMISSION_DENIED @ ; trigger:'&lt;null&gt;']</message><ApplicationException.Type>ApiException</ApplicationException.Type><errors xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="AuthorizationError"><fieldPath></fieldPath><trigger>&lt;null&gt;</trigger><errorString>AuthorizationError.USER_PERMISSION_DENIED</errorString><ApiError.Type>AuthorizationError</ApiError.Type><reason>USER_PERMISSION_DENIED</reason></errors></ns2:ApiExceptionFault></detail></soap:Fault></soap:Body></soap:Envelope>

The error message I suppose is because I'm attempting to do an operation in the client's account using MCC's access token, but MCC doesn't have access to that account yet.

Scenario 2: MCC's access token, clientCustomerId=MCC's

ID: 5902706053, URL: https://adwords.google.com/api/adwords/mcm/v201802/ManagedCustomerService, Service: ManagedCustomerService, Action: mutate_link, Response time: 203ms, Request ID: 000568cde79c64e00ac13309610a7cfe, Operations: 1, Is fault: true, Fault message: [ManagedCustomerServiceError.BAD_ID @ operations[0]]

Outgoing request: SOAPAction: "mutateLink", User-Agent: Ruby AdHoc (AwApi-Ruby/1.2.0, Common-Ruby/1.0.1, GoogleAdsSavon/1.0.3, ruby/2.3.1, HTTPI/2.4.3, httpclient), Authorization: REDACTED, Content-Type: text/xml;charset=UTF-8, Content-Length: 1050 <?xml version="1.0" encoding="UTF-8"?><env:Envelope xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:wsdl="https://adwords.google.com/api/adwords/mcm/v201802" xmlns:env="http://schemas.xmlsoap.org/soap/envelope/" xmlns:ns0="https://adwords.google.com/api/adwords/cm/v201802"><env:Header><wsdl:RequestHeader xmlns="https://adwords.google.com/api/adwords/cm/v201802"><userAgent>Ruby AdHoc (AwApi-Ruby/1.2.0, Common-Ruby/1.0.1, GoogleAdsSavon/1.0.3, ruby/2.3.1, HTTPI/2.4.3, httpclient)</userAgent><developerToken>REDACTED</developerToken><clientCustomerId>XXXXXXXXXX</clientCustomerId><partialFailure>true</partialFailure></wsdl:RequestHeader></env:Header><env:Body><mutateLink xmlns="https://adwords.google.com/api/adwords/mcm/v201802"><operations><ns0:operator>ADD</ns0:operator><operand><managerCustomerId>XXX-XXX-XXXX</managerCustomerId><clientCustomerId>XXXXXXXXX</clientCustomerId><linkStatus>PENDING</linkStatus></operand></operations></mutateLink></env:Body></env:Envelope>

---

Incoming response: Content-Type: text/xml; charset=UTF-8, Date: Sun, 01 Apr 2018 18:47:27 GMT, Expires: Sun, 01 Apr 2018 18:47:27 GMT, Cache-Control: private, max-age=0, X-Content-Type-Options: nosniff, X-Frame-Options: SAMEORIGIN, X-XSS-Protection: 1; mode=block, Server: GSE, Alt-Svc: hq=":443"; ma=2592000; quic=51303432; quic=51303431; quic=51303339; quic=51303335,quic=":443"; ma=2592000; v="42,41,39,35", Accept-Ranges: none, Vary: Accept-Encoding, Transfer-Encoding: chunked <soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/"><soap:Header><ns2:ResponseHeader xmlns:ns2="https://adwords.google.com/api/adwords/mcm/v201802" xmlns="https://adwords.google.com/api/adwords/cm/v201802"><requestId>000568cde79c64e00ac13309610a7cfe</requestId><serviceName>ManagedCustomerService</serviceName><methodName>mutateLink</methodName><operations>1</operations><responseTime>203</responseTime></ns2:ResponseHeader></soap:Header><soap:Body><soap:Fault><faultcode>soap:Server</faultcode><faultstring>[ManagedCustomerServiceError.BAD_ID @ operations[0]]</faultstring><detail><ns2:ApiExceptionFault xmlns="https://adwords.google.com/api/adwords/cm/v201802" xmlns:ns2="https://adwords.google.com/api/adwords/mcm/v201802"><message>[ManagedCustomerServiceError.BAD_ID @ operations[0]]</message><ApplicationException.Type>ApiException</ApplicationException.Type><errors xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="ns2:ManagedCustomerServiceError"><fieldPath>operations[0]</fieldPath><fieldPathElements><field>operations</field><index>0</index></fieldPathElements><trigger></trigger><errorString>ManagedCustomerServiceError.BAD_ID</errorString><ApiError.Type>ManagedCustomerServiceError</ApiError.Type><ns2:reason>UNKNOWN</ns2:reason></errors></ns2:ApiExceptionFault></detail></soap:Fault></soap:Body></soap:Envelope>



--------------------

More details:
* v201802
* using the Ruby client


Can someone help me understand what I'm doing wrong here? Also, one thing that is not clear, once I link the account, will it drop any current manager the account already has?

Thanks

Regards,
Luis
AdWords API Team

Luis Xander Talag (AdWords API Team)

unread,
Apr 2, 2018, 4:13:25 AM4/2/18
to AdWords API Forum
Hi Alex,

Could you clarify if this email address (al...@apisync.io) is the one you are using in scenario 1? Upon checking on the MCC account you provided, I found out that the email access still has a pending invitation to that MCC account which might be the cause of the error. You need to have an approved email access first to be able to make a successful request. Should this not resolve the issue, you may send to me via the Reply privately to author option, the generated SOAP request and response so I can further investigate.

In scenario 2, you used the same clientCustomerId and managerCustomerId which causes the ManagedCustomerServiceError.BAD_ID.

Once you link the account to your new manager account, that would be considered as an additional manager account and your current manager account should stay the same. You may check this guide for reference on linking accounts.

Thanks and regards,
Luis
AdWords API Team

Alex de Oliveira

unread,
Apr 2, 2018, 10:42:27 PM4/2/18
to AdWords API Forum
Hi Luis,

I'm sending in private the SOAP request I'm doing.

1. Context: the API has been working fine for 2 years connection with the MCC's accounts (linked via AdWords UI). I can create campaigns, ad groups etc. It's fine. The only thing that doesn't work (which I tried last week for the 1st time) is linking a client account with the MCC via API.

2. I'm not using the email mentioned to access the MCC. I just log in with the main email address for that account. I can access the AdWords UI just fine. I don't think the current problem has anything to do with emails. The request to MutateLink uses an access token/developer token that are already used in other requests to create campaigns in that MCC.

Thanks.
Reply all
Reply to author
Forward
0 new messages