Thank you so much, guys, on the assistance here. This explains a lot. I'll work with the GCP Support process more out of curiosity than anything else. I mean, my code is now revised so that when I get an invalid_grant message in the JSON during the Access Token generation, I'll get an email alert and then know to go through the steps to create a new Refresh Token using the oAuth Playground, and I learned that this cannot be automated.
On Wednesday, July 27, 2022 at 4:00:21 PM UTC-4 adsapi wrote: > Hi Mike, > > I work with Jinky. This support channel can only point you to > documentation on GCP's website and attempt to assist you. With that being > said, since only one user will use your GCP project you can publish it > without going through verification, and my team researched this. Moreover, > the screenshot you gave us shows an app marked Internal, so it appears that > you don't have to go through verification and here ius the following from > GCP support: > > > You do not need to submit your app for review > <https://support.google.com/cloud/answer/9110914?hl=en#verification-types&circumstances&skip&verification-time&mark-internal&submit-who&submit-howto&api-scopes&select-scopes&check-verification&how-smooth&in-app-testing-video&in-progress-addition&data&i-do-not-publish-for-review&rejected&why-seeing&verified-but-app-disabled&pending-app-disabled&definition&restricted-scope-apis&restricted-def&prep-for-next-year&when-restricted&enterprise&enterprise-security-assessment-notification&enterprise-imap-or-smtp&migrate-to-new-scopes-and-minimize-impact&key-dates&how-long&several-apps&combo-scopes&faster&verification-requirements&addl-scopes&how-often&guidelines&task-automation¬-type&restricted-not-allowed&explain-types&inconsistent&privacy-policy-language&multiple-types&compliance-with-limited-use-requirements&needed&how&user-data-not-restricted&assessment-includes&more-detailed-sec-reqts&why-fee&local-client&restricted-scopes-expansion&third-party&recently-completed-sec-assess&no-vulnerability-disclosure-program&security-assessment-not-required&how-long-sec-assess-valid&after-receive-loa&reassessment-prep&security-rewards-program-definition&security-rewards-program-criteria&security-rewards-program-process&security-rewards-program-sla-noncompliance&security-rewards-program-unfixed-bug&questions&check-user-cap&complete-test&deployment-access&zippy=%2Csteps-for-apps-requesting-sensitive-scopes%2Cwhat-are-sensitive-api-scopes%2Cwhat-are-the-different-types-of-verification-that-google-requires-for-accessing-user-data-via-oauth%2Cwhen-does-my-app-have-to-be-verified-by-google%2Chow-long-will-the-verification-process-take%2Chow-can-i-mark-my-app-as-internal-only-so-it-doesnt-require-verification%2Cwho-can-submit-a-project-for-verification%2Chow-do-i-submit-for-verification%2Cwhy-cant-i-see-the-api-scopes-in-the-scope-picker%2Ci-need-help-selecting-scopes-for-my-app-where-can-i-find-support-for-various-product-apis%2Chow-do-i-check-my-verification-status%2Chow-can-i-make-sure-the-verification-process-is-as-streamlined-as-possible%2Cwhat-information-should-i-include-in-the-in-app-testing-video%2Cwhat-happens-if-i-add-new-sensitive-or-restricted-scopes-to-my-app-while-my-sensitive-or-restricted-scope-verification-is-in-progress%2Chow-can-i-access-data-from-my-users-google-cloud-project-using-cloud-apis%2Cwhat-happens-if-i-dont-submit-my-app-for-review%2Chow-do-i-check-my-user-cap-status%2Cwhat-happens-if-my-app-gets-rejected-from-the-verification-process%2Cwhy-are-users-seeing-this%2Cwhy-are-users-of-verified-apps-seeing-the-unverified-app-screen-or-sign-in-disabled%2Cwhy-are-users-of-apps-that-are-currently-in-the-verification-process-seeing-the-unverified-app-screen-or-sign-in-disabled%2Cwhat-are-restricted-api-scopes%2Cwhat-is-the-restricted-scope-app-verification-and-how-is-it-different-from-the-sensitive-scope-app-verification%2Chow-can-i-prepare-for-a-restricted-scope-verification%2Chow-do-i-determine-if-i-need-to-submit-my-app-for-restricted-scope-verification%2Cmy-application-has-users-with-enterprise-accounts-from-another-google-workspace-domain-how-does-this-apply-to-my-google-workspace-or-cloud-identity-enterprise-accounts%2Cwhat-if-my-app-is-using-imap-or-smtp-do-i-need-to-submit-for-verification%2Chow-do-i-migrate-my-oauth-client-to-new-api-scopes-and-minimize-impact-to-users%2Cwhat-if-i-have-several-apps-requesting-restricted-scopes-will-they-all-need-to-be-verified%2Cif-my-app-uses-a-combination-of-restricted-and-non-restricted-apis-will-i-need-to-submit-for-verification%2Chow-do-i-get-my-verification-completed-faster%2Cwhat-are-the-requirements-for-verification%2Cif-google-announces-additional-apis-that-fall-into-the-restricted-scope-category-do-i-need-to-re-submit-for-another-verification%2Cwhat-if-my-app-is-not-one-of-the-application-types%2Cwhat-type-of-applications-are-not-allowed-to-use-gmail-restricted-scopes%2Ccould-you-explain-the-limited-use-requirements-from-the-google-api-services-user-data-policy%2Chow-do-i-know-if-my-privacy-policy-does-not-meet-the-limited-use-requirements%2Cwhat-is-an-example-of-language-that-meets-the-limited-use-requirements%2Cwhat-if-my-privacy-policy-covers-multiple-types-of-data-including-non-restricted-scope-data%2Chow-can-i-make-my-privacy-policy-compliant-with-the-limited-use-requirements%2Cwhy-is-the-security-assessment-needed%2Chow-will-the-security-assessment-work%2Cwhat-if-my-app-accesses-google-user-data-through-oauth-api-scopes-that-arent-restricted-api-scopes%2Cwhat-will-the-security-assessment-include%2Cwhat-are-more-detailed-security-requirements-that-might-be-applied-during-a-security-assessment%2Cwhy-is-google-charging-a-fee-for-the-security-assessment%2Cif-i-have-gone-through-a-security-assessment-once-for-the-restricted-gmail-scopes-do-i-need-to-go-through-the-assessment-again-when-the-list-of-restricted-scopes-expands%2Chow-is-the-assessment-scope-impacted-if-my-application-sends-data-to-third-parties-for-processing-or-is-hosted-on-third-party-services-such-as-a-cloud-provider%2Cwhen-is-the-security-assessment-not-required%2Chow-long-is-the-security-assessment-valid-for%2Cwhat-should-i-do-after-i-receive-my-letter-of-assessment-loa-from-the-assessor%2Chow-do-i-prepare-for-my-annual-security-reassessment%2Cwhat-access-is-needed-by-the-third-party-security-assessor-for-the-deployment-review%2Cdoes-the-annual-security-reassessment-only-test-changes-ive-made-to-my-application-since-the-previous-assessment%2Cwhat-happens-if-i-dont-remediate-my-vulnerabilities%2Chow-can-i-submit-feedback-about-these-policies-and-changes%2Cwhat-app-types-are-not-applicable-for-verification> > > if it's going to be used in any of the following scenarios: > > - Personal Use: The app is not shared with anyone else or will be used > by fewer than 100 users. Hence, you can continue using the app by > bypassing > the unverified app warning during sign-in. > - SMTP/IMAP/WP: The app is used to send emails through WordPress, or > similar single account SMTP plug-ins. > - Internal Use: An app is internal when the people in your domains > only use it internally. Learn more about public and internal > applications > <https://support.google.com/cloud/answer/6158849#public-and-internal>. > Learn how to mark your app as internal in the FAQ How can I mark my > app as internal-only? > <https://support.google.com/cloud/answer/9110914?hl=en#mark-internal> > > > If you are willing to go through all the steps necessary to create a > service account then you won't need a refresh token to impersonate users in > your Workspace domain that are also ads users. This route isn't a > recommended route because of difficulty of setup and security risks > <https://developers.google.com/google-ads/api/docs/oauth/service-accounts#security_concerns> > . > > Unfortunately, a refresh token could expire for many reasons and we > cannot cover all scenarios. Since refresh token expiration is a GCP issue I > suggest you reach out to GCP support > <https://cloud.google.com/support/docs/manage-cases> for further > assistance in refresh token expiration issues. > > Regards, > > [image: Google Logo] > Aryeh > Google Ads API Team > > > ref:_00D1U1174p._5004Q2d1nfG:ref > -- -- =~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~ Also find us on our blog: https://googleadsdeveloper.blogspot.com/ =~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~ You received this message because you are subscribed to the Google Groups "AdWords API and Google Ads API Forum" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/adwords-api?hl=en --- You received this message because you are subscribed to the Google Groups "Google Ads API and AdWords API Forum" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/adwords-api/5cadd524-b410-42e5-8120-33273164d96cn%40googlegroups.com.
