Restricting GAM API Access by Advertiser
95 views
Skip to first unread message
Pasha
Sep 3, 2025, 11:04:34 AMSep 3
to Google Ad Manager API Forum
Hi Team,
I’d like to clarify if the Ad Manager API can be restricted at an advertiser level. Specifically, we want to know whether it’s possible to configure API access for a user (or service account) so that:
-
The user can only query data related to a specific advertiser.
-
They are unable to access data, reports, or entities belonging to other advertisers within the same GAM network.
We are aware that roles and teams can be used to limit access in the GAM UI, but we’d like to confirm if the same level of restriction applies consistently when accessing data through the API.
Could you please confirm whether this is supported, and if so, share the best-practice steps to configure it?
Thank you for your guidance.
Thanks,
Chand
Ad Manager API Forum Advisor
Sep 3, 2025, 12:59:37 PMSep 3
to google-doubleclick...@googlegroups.com
Hi,
Thank you for contacting the Ad Manager API support team.
The roles and teams restrictions that are configured in the Ad Manager UI apply to the Ad Manager API also. If a user or service account is assigned to a team that only has access to a specific Advertiser, then when using the API that account will also be restricted to querying only the data they are allowed see in the UI.
They will not be able to pull reports or entities related to other advertisers outside their assigned teams. You may refer to this article for more information.
Thanks,
Feedback
How was our support today?
Thank you for contacting the Ad Manager API support team.
The roles and teams restrictions that are configured in the Ad Manager UI apply to the Ad Manager API also. If a user or service account is assigned to a team that only has access to a specific Advertiser, then when using the API that account will also be restricted to querying only the data they are allowed see in the UI.
They will not be able to pull reports or entities related to other advertisers outside their assigned teams. You may refer to this article for more information.
Thanks,
 |
Ad Manager API Team |
Feedback
How was our support today?
[2025-09-03 16:59:19Z GMT] This message is in relation to case "ref:!00D1U01174p.!500Ht01u5jf4:ref" (ADR-00331769)
Pasha
Sep 17, 2025, 4:57:55 AMSep 17
to Google Ad Manager API Forum
Hi Team,
We have tried restricting a service account to have access to certain advertiser data, but when i check the access thru script it shows access denied and in users tab status still show pending. Please check attached screenshots and script response.
Response:
Error summary: {'faultMessage': '[AuthenticationError.NO_NETWORKS_TO_ACCESS @ ]', 'requestId': 'f296023e10ab11aeddda39bea03d25f9', 'responseTime': '24', 'serviceName': 'CreativeService', 'methodName': 'getCreativesByStatement'}
Traceback (most recent call last):
File "/home/mcpasha/python_env/lib64/python3.13/site-packages/googleads/common.py", line 982, in MakeSoapRequest
return soap_service_method(
~~~~~~~~~~~~~~~~~~~^
*packed_args, _soapheaders=soap_headers)['body']['rval']
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/home/mcpasha/python_env/lib64/python3.13/site-packages/zeep/proxy.py", line 46, in __call__
return self._proxy._binding.send(
~~~~~~~~~~~~~~~~~~~~~~~~~^
self._proxy._client,
^^^^^^^^^^^^^^^^^^^^
...<3 lines>...
kwargs,
^^^^^^^
)
^
File "/home/mcpasha/python_env/lib64/python3.13/site-packages/zeep/wsdl/bindings/soap.py", line 135, in send
return self.process_reply(client, operation_obj, response)
~~~~~~~~~~~~~~~~~~^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/home/mcpasha/python_env/lib64/python3.13/site-packages/zeep/wsdl/bindings/soap.py", line 229, in process_reply
return self.process_error(doc, operation)
~~~~~~~~~~~~~~~~~~^^^^^^^^^^^^^^^^
File "/home/mcpasha/python_env/lib64/python3.13/site-packages/zeep/wsdl/bindings/soap.py", line 329, in process_error
raise Fault(
...<4 lines>...
)
zeep.exceptions.Fault: [AuthenticationError.NO_NETWORKS_TO_ACCESS @ ]
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "/home/mcpasha/python_env/Scripts/product_validator/creative_details.py", line 37, in <module>
get_creative_details(ad_manager_client, creative_ids, '/home/mcpasha/python_env/Scripts/product_validator/creatives_details.csv')
~~~~~~~~~~~~~~~~~~~~^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/home/mcpasha/python_env/Scripts/product_validator/creative_details.py", line 23, in get_creative_details
response = creative_service.getCreativesByStatement(statement.ToStatement())
File "/home/mcpasha/python_env/lib64/python3.13/site-packages/googleads/common.py", line 994, in MakeSoapRequest
raise googleads.errors.GoogleAdsServerFault(
e.detail, errors=error_list, message=e.message)
googleads.errors.GoogleAdsServerFault: [AuthenticationError.NO_NETWORKS_TO_ACCESS @ ]
Traceback (most recent call last):
File "/home/mcpasha/python_env/lib64/python3.13/site-packages/googleads/common.py", line 982, in MakeSoapRequest
return soap_service_method(
~~~~~~~~~~~~~~~~~~~^
*packed_args, _soapheaders=soap_headers)['body']['rval']
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/home/mcpasha/python_env/lib64/python3.13/site-packages/zeep/proxy.py", line 46, in __call__
return self._proxy._binding.send(
~~~~~~~~~~~~~~~~~~~~~~~~~^
self._proxy._client,
^^^^^^^^^^^^^^^^^^^^
...<3 lines>...
kwargs,
^^^^^^^
)
^
File "/home/mcpasha/python_env/lib64/python3.13/site-packages/zeep/wsdl/bindings/soap.py", line 135, in send
return self.process_reply(client, operation_obj, response)
~~~~~~~~~~~~~~~~~~^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/home/mcpasha/python_env/lib64/python3.13/site-packages/zeep/wsdl/bindings/soap.py", line 229, in process_reply
return self.process_error(doc, operation)
~~~~~~~~~~~~~~~~~~^^^^^^^^^^^^^^^^
File "/home/mcpasha/python_env/lib64/python3.13/site-packages/zeep/wsdl/bindings/soap.py", line 329, in process_error
raise Fault(
...<4 lines>...
)
zeep.exceptions.Fault: [AuthenticationError.NO_NETWORKS_TO_ACCESS @ ]
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "/home/mcpasha/python_env/Scripts/product_validator/creative_details.py", line 37, in <module>
get_creative_details(ad_manager_client, creative_ids, '/home/mcpasha/python_env/Scripts/product_validator/creatives_details.csv')
~~~~~~~~~~~~~~~~~~~~^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/home/mcpasha/python_env/Scripts/product_validator/creative_details.py", line 23, in get_creative_details
response = creative_service.getCreativesByStatement(statement.ToStatement())
File "/home/mcpasha/python_env/lib64/python3.13/site-packages/googleads/common.py", line 994, in MakeSoapRequest
raise googleads.errors.GoogleAdsServerFault(
e.detail, errors=error_list, message=e.message)
googleads.errors.GoogleAdsServerFault: [AuthenticationError.NO_NETWORKS_TO_ACCESS @ ]
Thanks,
Chand
Pasha
Sep 22, 2025, 5:20:53 AMSep 22
to Google Ad Manager API Forum
Hi Team,
Any update here?
Thanks,
Chand
Ad Manager API Forum Advisor
Sep 22, 2025, 10:20:57 AMSep 22
to google-doubleclick...@googlegroups.com
Hi,
I think you might have missed our previous email, attaching the same again.
Regarding your concern about limiting service account access to specific advertiser data in the Ad Manager UI, this request falls outside the scope of our team. To assist you further provide us with your Network code, so that we can route you to the respective team.
I think you might have missed our previous email, attaching the same again.
Regarding your concern about limiting service account access to specific advertiser data in the Ad Manager UI, this request falls outside the scope of our team. To assist you further provide us with your Network code, so that we can route you to the respective team.
Thanks,
|
Ad Manager API Team |
Feedback
How was our support today?
[2025-09-22 14:20:34Z GMT] This message is in relation to case "ref:!00D1U01174p.!500Ht01u5jf4:ref" (ADR-00331769)
Pasha
Oct 17, 2025, 5:04:19 AM (2 days ago) Oct 17
to Google Ad Manager API Forum
Hi Team,
Sorry for the late response, i was OOO.
Please check the following code, i have being using and network code is 4312434
import locale
import sys
import _locale
from googleads import ad_manager,errors
import google.auth
from google.auth.transport.requests import Request
from google.oauth2 import service_account
import requests
import tempfile
import csv
import gzip
import datetime
import vertica_python
import time
import pandas as pd
_locale._getdefaultlocale = (lambda *args: ['en_US', 'UTF-8'])
# Initialize a client object, by default uses the credentials in ~/googleads.yaml.
client = ad_manager.AdManagerClient.LoadFromStorage('/home/mcpasha/googleads_v2.yaml') #YAML file path
# Initialize a service.
network_service = client.GetService('NetworkService')
print('Daily Script')
# Make a request.
current_network = network_service.getCurrentNetwork()
print("Current network has network code '%s' and display name '%s'." %
(current_network['networkCode'], current_network['displayName']))
import locale
import sys
import _locale
from googleads import ad_manager,errors
import google.auth
from google.auth.transport.requests import Request
from google.oauth2 import service_account
import requests
import tempfile
import csv
import gzip
import datetime
import vertica_python
import time
import pandas as pd
_locale._getdefaultlocale = (lambda *args: ['en_US', 'UTF-8'])
# Initialize a client object, by default uses the credentials in ~/googleads.yaml.
client = ad_manager.AdManagerClient.LoadFromStorage('/home/mcpasha/googleads_v2.yaml') #YAML file path
# Initialize a service.
network_service = client.GetService('NetworkService')
print('Daily Script')
# Make a request.
current_network = network_service.getCurrentNetwork()
print("Current network has network code '%s' and display name '%s'." %
(current_network['networkCode'], current_network['displayName']))
Thanks,
Chand
Ad Manager API Forum Advisor
Oct 17, 2025, 7:21:38 AM (2 days ago) Oct 17
to google-doubleclick...@googlegroups.com
Hi,
I'm adding another support team for their expertise in troubleshooting your issue. You should receive an email to assist you shortly.
I'm adding another support team for their expertise in troubleshooting your issue. You should receive an email to assist you shortly.
Thanks,
|
Ad Manager API Team |
Feedback
How was our support today?
[2025-10-17 11:21:22Z GMT] This message is in relation to case "ref:!00D1U01174p.!500Ht01u5jf4:ref" (ADR-00331769)
Reply all
Reply to author
Forward
0 new messages