Damn I've seriously looked through 100 threads related to this and finally found one that was helpful. The step I was missing was adding the `client_id` from the JSON key to the 'authorized client' list in admin.google.com, and also the `oauth2_prn` user to impersonate.
Now I have a new error though... `AuthorizationError.USER_PERMISSION_DENIED`. Am I supposed to use the global MCC account rather than my test MCC? (My dev token isnt approved yet). If I use my master MCC email for `oauth2_prn` I get the above error, but if I use my test MCC I made I get this error: `Client is unauthorized to retrieve access tokens using this method.` Here is how I have it set up again: - **Production** Google developer console (domain-enabled service account used for `oauth2_key`, `oauth2_issuer`) - **Production** GSuite account (enable production service account access to `https://www.googleapis.com/auth/adwords`) - **Production** MCC account (API key used for `developer_token`) - **Test** MCC account (email for `oauth2_prn`) - **Test** client account (customer id for `client_customer_id`) They key takeaway is all this was under the production account. The only test stuff I created was MCC/client account (I didnt create a test google developer console service or API access or anything like that) -- -- =~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~ Also find us on our blog and Google+: https://googleadsdeveloper.blogspot.com/ https://plus.google.com/+GoogleAdsDevelopers/posts =~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~ You received this message because you are subscribed to the Google Groups "AdWords API Forum" group. To post to this group, send email to adwords-api@googlegroups.com To unsubscribe from this group, send email to adwords-api+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/adwords-api?hl=en --- You received this message because you are subscribed to the Google Groups "AdWords API Forum" group. To unsubscribe from this group and stop receiving emails from it, send an email to adwords-api+unsubscr...@googlegroups.com. Visit this group at https://groups.google.com/group/adwords-api. To view this discussion on the web visit https://groups.google.com/d/msgid/adwords-api/ee79149f-5a8e-41a4-ab1d-0137d300c0fb%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
