actually you can reset the developer token:
Maybe my question was not clear enough. We had to reset our developer token
and secrets of existing OAuth2 client configurations. My question would
have been if these changes take effect immediately and if these changes
have any effects on existing refresh tokens (of the reset OAuth2
However, in the meantime we did these changes with the following outcomes:
- After reset the previous developer token is invalidated immediately.
- The same is true for resetting the secret of an existing OAuth2
credential. After the reset the previous secret is invalidated immediately.
- The existing refresh tokens (of the reset OAuth2 configuration) have *not*
been invalidated by these changes. They are still valid.
However, neither the reset of the developer token nor the reset of of an
existing OAuth2 secret had any effects on existing refresh tokens of this
(reset) OAuth credential.
On Tuesday, February 13, 2018 at 8:53:47 AM UTC+1, Vincent Racaza (AdWords
API Team) wrote:
> Hi Peter,
> You cannot reset on your end the developer token as the token is generated
> when you completed the sign-up
> <https://developers.google.com/adwords/api/docs/guides/signup>for an MCC
> account (all the 3 steps in the guide). However, do you have any reasons
> (e.g. is it compromised or have you accidentally shared it to somebody?) on
> why you want to reset your developer token? If you wish to have your
> developer token be reset, I can notify the AdWords Compliance Team to
> confirm if this is possible.
> In terms of OAuth2 credentials (client ID, client secret, refresh token),
> you can create a new client ID and secret in the Google API Console
> Credentials page <https://console.developers.google.com/apis/credentials>.
> When you create a new client ID in the credentials page, it won't
> invalidate other existing client IDs unless you manually delete them in the
> credential page. When you delete a client ID, you cannot use it in your API
> requests as this will generate an error.
> As for your refreshToken, since it is dependent of your *clientId* and
> *clientSecret*, then once you delete the two, this will invalidate all
> the refresh tokens associated to it. However, if your goal is to generate a
> new refresh token only for a specific client ID, then the old refresh token
> won't be invalidated unless you manually revoked its access
> you have reached the limit of 50 refresh tokens (e.g. your 51st generation
> of refresh token will invalidate the first/oldest refresh token for a given
> client ID) per user/email account. You can check this guide
> <https://developers.google.com/identity/protocols/OAuth2#expiration> for
> more information on this.
> Furthermore, you can check this guide
> <https://developers.google.com/adwords/api/docs/guides/authentication> for
> more information on how to authenticate in the AdWords API.
> Let me know if you have further clarifications.
> AdWords API Team
Also find us on our blog and Google+:
You received this message because you are subscribed to the Google
Groups "AdWords API Forum" group.
To post to this group, send email to email@example.com
To unsubscribe from this group, send email to
For more options, visit this group at
You received this message because you are subscribed to the Google Groups
"AdWords API Forum" group.
To unsubscribe from this group and stop receiving emails from it, send an email
Visit this group at https://groups.google.com/group/adwords-api.
To view this discussion on the web visit
For more options, visit https://groups.google.com/d/optout.