Hi John, Refresh tokens are valid indefinitely (unless explicitly revoked by the account owner). In general, using a regular login email on your MCC with offline access (i.e. refresh token) will have the same effective behavior as service accounts - you will just need to refresh your token periodically (access tokens are valid for 60 minutes), which doesn't require user interaction.
Service accounts can also be used to impersonate other users on the domain (hence the need for Google Apps for business). - Kevin Winter AdWords API Team On Sunday, December 30, 2012 3:18:08 PM UTC-5, John Lister wrote: > > Hi, I've previously been using the ClientLogin authentication, but am > currently in the process of switching to using OAuth2 with the java libs > and have a few questions. > > Firstly as this is for a service style process running in the background > making updates over a numer of accounts, so I initially tried to use a > Service account: > As an MCC user I used the api console to create a service account and > saved the private key, etc. Using these I can create a oauth credential and > open up an adwords session, etc but as soon as I try and perform an > operation I get a NOT_ADS_USER error (Note this occurs if I use a standard > adwords user for the service account). I am passing the client ID of the > accounts I wish to use, but it fails on all of them. Do I need to register > the service account as an adwords user (I can't see a way to enable it in > the api console), or am I missing something obvious? I've had no problems > using oauth2 with the analytics api for example. A solution posted on this > forum requires the use of a Google Apps for Business account which we don't > have and didn't want to set up - is this required? > > So given that didn't work, I switched to using a client id and tokens, > this seems to work. For future reference, I used the OAuth2Example to > generate the tokens but although the client id doesn't seem to be used > until after the credentials are generated it ties you to a particular > account. By using the MCC customer ID, you can get a credential that works > for all accounts registered with a MCC user. However my question is thus: > How long does a refresh token last? Can i effectively save it and use it > indefinitely or do I need to generate it again in the future - I ask as I > noticed another forum post claiming that the refresh token seemed to have > expired and stopped generating valid access tokens, as my process runs in > the background it is impractical to use a browser to fetch the > authorisation token repeatedly. > > Thanks > > John > -- -- =~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~ Also find us on our blog and discussion group: http://adwordsapi.blogspot.com http://groups.google.com/group/adwords-api =~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~ You received this message because you are subscribed to the Google Groups "AdWords API Forum" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/adwords-api?hl=en
