Restricting GAM API Access by Advertiser

60 views
Skip to first unread message

Pasha

unread,
Sep 3, 2025, 11:04:34 AMSep 3
to Google Ad Manager API Forum

Hi Team,

I’d like to clarify if the Ad Manager API can be restricted at an advertiser level. Specifically, we want to know whether it’s possible to configure API access for a user (or service account) so that:

  • The user can only query data related to a specific advertiser.

  • They are unable to access data, reports, or entities belonging to other advertisers within the same GAM network.

We are aware that roles and teams can be used to limit access in the GAM UI, but we’d like to confirm if the same level of restriction applies consistently when accessing data through the API.

Could you please confirm whether this is supported, and if so, share the best-practice steps to configure it?

Thank you for your guidance.

Thanks,

Chand

Ad Manager API Forum Advisor

unread,
Sep 3, 2025, 12:59:37 PMSep 3
to google-doubleclick...@googlegroups.com
Hi,

Thank you for contacting the Ad Manager API support team.

The roles and teams restrictions that are configured in the Ad Manager UI apply to the Ad Manager API also. If a user or service account is assigned to a team that only has access to a specific Advertiser, then when using the API that account will also be restricted to querying only the data they are allowed see in the UI.

They will not be able to pull reports or entities related to other advertisers outside their assigned teams. You may refer to this article for more information.

Thanks,
 
Google Logo Ad Manager API Team

Feedback
How was our support today?

rating1    rating2    rating3    rating4    rating5
[2025-09-03 16:59:19Z GMT] This message is in relation to case "ref:!00D1U01174p.!500Ht01u5jf4:ref" (ADR-00331769)



Pasha

unread,
Sep 17, 2025, 4:57:55 AM (10 days ago) Sep 17
to Google Ad Manager API Forum

Hi Team,

We have tried restricting a service account to have access to certain advertiser data, but when i check the access thru script it shows access denied and in users tab status still show pending. Please check attached screenshots and script response.
GAM 3.jpgGAM 2.jpgGAM 3.jpg

Response:
Error summary: {'faultMessage': '[AuthenticationError.NO_NETWORKS_TO_ACCESS @ ]', 'requestId': 'f296023e10ab11aeddda39bea03d25f9', 'responseTime': '24', 'serviceName': 'CreativeService', 'methodName': 'getCreativesByStatement'}
Traceback (most recent call last):
  File "/home/mcpasha/python_env/lib64/python3.13/site-packages/googleads/common.py", line 982, in MakeSoapRequest
    return soap_service_method(
           ~~~~~~~~~~~~~~~~~~~^
        *packed_args, _soapheaders=soap_headers)['body']['rval']
        ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/home/mcpasha/python_env/lib64/python3.13/site-packages/zeep/proxy.py", line 46, in __call__
    return self._proxy._binding.send(
           ~~~~~~~~~~~~~~~~~~~~~~~~~^
        self._proxy._client,
        ^^^^^^^^^^^^^^^^^^^^
    ...<3 lines>...
        kwargs,
        ^^^^^^^
    )
    ^
  File "/home/mcpasha/python_env/lib64/python3.13/site-packages/zeep/wsdl/bindings/soap.py", line 135, in send
    return self.process_reply(client, operation_obj, response)
           ~~~~~~~~~~~~~~~~~~^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/home/mcpasha/python_env/lib64/python3.13/site-packages/zeep/wsdl/bindings/soap.py", line 229, in process_reply
    return self.process_error(doc, operation)
           ~~~~~~~~~~~~~~~~~~^^^^^^^^^^^^^^^^
  File "/home/mcpasha/python_env/lib64/python3.13/site-packages/zeep/wsdl/bindings/soap.py", line 329, in process_error
    raise Fault(
    ...<4 lines>...
    )
zeep.exceptions.Fault: [AuthenticationError.NO_NETWORKS_TO_ACCESS @ ]

During handling of the above exception, another exception occurred:

Traceback (most recent call last):
  File "/home/mcpasha/python_env/Scripts/product_validator/creative_details.py", line 37, in <module>
    get_creative_details(ad_manager_client, creative_ids, '/home/mcpasha/python_env/Scripts/product_validator/creatives_details.csv')
    ~~~~~~~~~~~~~~~~~~~~^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/home/mcpasha/python_env/Scripts/product_validator/creative_details.py", line 23, in get_creative_details
    response = creative_service.getCreativesByStatement(statement.ToStatement())
  File "/home/mcpasha/python_env/lib64/python3.13/site-packages/googleads/common.py", line 994, in MakeSoapRequest
    raise googleads.errors.GoogleAdsServerFault(
        e.detail, errors=error_list, message=e.message)
googleads.errors.GoogleAdsServerFault: [AuthenticationError.NO_NETWORKS_TO_ACCESS @ ]

Thanks,
Chand

Pasha

unread,
Sep 22, 2025, 5:20:53 AM (5 days ago) Sep 22
to Google Ad Manager API Forum
Hi Team,

Any update here?

Thanks,
Chand

Ad Manager API Forum Advisor

unread,
Sep 22, 2025, 10:20:57 AM (5 days ago) Sep 22
to google-doubleclick...@googlegroups.com
Hi,

I think you might have missed our previous email, attaching the same again.

Regarding your concern about limiting service account access to specific advertiser data in the Ad Manager UI, this request falls outside the scope of our team. To assist you further provide us with your Network code, so that we can route you to the respective team.

Thanks,
 
Google Logo Ad Manager API Team

Feedback
How was our support today?

rating1    rating2    rating3    rating4    rating5

[2025-09-22 14:20:34Z GMT] This message is in relation to case "ref:!00D1U01174p.!500Ht01u5jf4:ref" (ADR-00331769)



Reply all
Reply to author
Forward
0 new messages