The developer token should be stored in a separate location, like a config file - it shouldn't be hardcoded. This is also helpful when a token is 'lost', and cancelled. In that situation you don't have to ask the third party developers to recompile the app.
Note that the developer token only defines who picks up the bill for the API usage. You can ask the third party developers to pick up their own and use that for development and testing. Or you can hand out your own, and pick up the bill. The cost is probably a fraction of the money spent on development. In my opinion the sandbox is useless for development. Just look at reports in the sandbox - you'll notice that all reports will be empty, useless if you want to write an app that processes these reports. You should consider giving access to the account too. I've seen a lot of accounts, and every now and then I run into a situation never seen in any other account. If you want to be sure that the software works with a certain account, you should give access to that account. Within Adwords, you can create a separate login to that account for those developers, and when they are done, you can stop its access by changing the password or removing the login. If you don't trust the developers, you shouldn't outsource the project. Who says that the software won't have a backdoor, sending tokens, credentials and data to a secret location? --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "AdWords API Forum" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/adwords-api?hl=en -~----------~----~----~----~------~----~------~--~---
