Hi folks,
I have been struggling with OAuth2 and Google Adwords API for a while but the posts in this group did not solved my problem, so excuse me if I repeat any question already made. I would like to *retrieve all accounts from a given Google Ads user*, after the sign-in and consent screens, *using the tokens retrieved* to link those accounts to my own MCC account. The OAuth2 flow I have been following is as described in many places, i.e: https://256stuff.com/gray/docs/oauth2.0/2 I am using the PHP client and I would like to retrieve the info on behalf of other Google Ads users: https://github.com/googleads/googleads-php-lib/wiki/API-access-on-behalf-of-your-clients-(web-flow) I have created the project with OAuth2 credentials as a web app, enabled the Adwords API and the tokens (access and refresh) are being retrieved like a charm. I have already checked that the scope for the user token stored in my database is the right one with https://www.googleapis.com/oauth2/v3/tokeninfo I am using a Google Test account MCC but the Sing-In/Consent process is done with a regular not testing Google Ads account. Access_Token_Info { "azp": "vvv.apps.googleusercontent.com", "aud": "vvv.apps.googleusercontent.com", "sub": "112558273664355511061", "scope": "https://www.googleapis.com/auth/plus.me https://www.googleapis.com/auth/userinfo.profile https://www.googleapis.com/auth/userinfo.email https://www.googleapis.com/auth/adwords";, "exp": "1536585726", "expires_in": "1565", "email": "[email protected]", "email_verified": "true", "access_type": "offline" } My code $oAuth2 = new OAuth2( [ 'authorizationUri' => 'https://accounts.google.com/o/oauth2/v2/auth', 'tokenCredentialUri' => 'https://www.googleapis.com/oauth2/v4/token', 'redirectUri' => env('APP_URL') . env('GOOGLE_REDIRECT_URI' ), 'clientId' => env('GOOGLE_ID'), 'clientSecret' => env('GOOGLE_SECRET'), 'scope' => 'https://www.googleapis.com/auth/adwords', 'refresh_token' => '<previously_retrieved_user_refresh_token>' ] ); $oAuth2->setState(sha1(openssl_random_pseudo_bytes(1024))); $oAuth2->setAccessToken('<previously_retrieved_user_token>'); $session = (new AdWordsSessionBuilder()) // ->withClientCustomerId('<my_MCC_client_customer_id>') ->withDeveloperToken('<my_developper_token>') ->withOAuth2Credential($oAuth2) ->build(); $adWordsServices = new AdWordsServices(); $service = $adWordsServices->get($session, CustomerService::class); // Make the get request. $page = $service->getCustomers(); In my request I am omitting the clientCustomerId intentionally and setting the user's access and refresh tokens, but not so sure this is the right way. Response [2018-09-10 12:49:21] AW_SOAP.WARNING: clientCustomerId= operations=1 service=CustomerService method=getCustomers responseTime=240 requestId= 00057583c9396a300a858c56a20d3063 server=adwords.google.com isFault=1 faultMessage=[AuthenticationError.CUSTOMER_NOT_FOUND @ ] [2018-09-10 12:49:21] AW_SOAP.NOTICE: POST /api/adwords/mcm/v201806/ CustomerService?wsdl HTTP/1.1 Host: adwords.google.com Connection: close User-Agent: PHP-SOAP/7.2.8 Content-Type: text/xml; charset=utf-8 SOAPAction: "" Content-Length: 625 Authorization: REDACTED <?xml version="1.0" encoding="UTF-8"?> <SOAP-ENV:Envelope xmlns:SOAP-ENV= "http://schemas.xmlsoap.org/soap/envelope/"; xmlns:ns1= "https://adwords.google.com/api/adwords/mcm/v201806"; xmlns:ns2= "https://adwords.google.com/api/adwords/cm/v201806";><SOAP-ENV:Header><ns1: RequestHeader><ns2:developerToken>REDACTED</ns2:developerToken><ns2:userAgent>unknown (AwApi-PHP, googleads-php-lib/37.0.0, PHP/7.2.8)</ns2:userAgent><ns2: validateOnly>false</ns2:validateOnly><ns2:partialFailure>false</ns2: partialFailure></ns1:RequestHeader></SOAP-ENV:Header><SOAP-ENV:Body><ns1: getCustomers/></SOAP-ENV:Body></SOAP-ENV:Envelope> HTTP/1.1 500 Internal Server Error Content-Type: text/xml; charset=UTF-8 Date: Mon, 10 Sep 2018 12:49:20 GMT Expires: Mon, 10 Sep 2018 12:49:20 GMT Cache-Control: private, max-age=0 X-Content-Type-Options: nosniff X-Frame-Options: SAMEORIGIN X-XSS-Protection: 1; mode=block Server: GSE Alt-Svc: quic=":443"; ma=2592000; v="44,43,39,35" Accept-Ranges: none Vary: Accept-Encoding Connection: close <soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/";><soap: Header><ResponseHeader xmlns:ns2= "https://adwords.google.com/api/adwords/cm/v201806"; xmlns= "https://adwords.google.com/api/adwords/mcm/v201806";><ns2:requestId> 00057583c9396a300a858c56a20d3063< /ns2:requestId><ns2:serviceName>CustomerService</ns2:serviceName><ns2: methodName>getCustomers</ns2:methodName><ns2:operations>1</ns2:operations>< ns2:responseTime>240</ns2:responseTime></ResponseHeader></soap:Header><soap: Body><soap:Fault><faultcode>soap:Server</faultcode><faultstring>[AuthenticationError.CUSTOMER_NOT_FOUND @ ]</faultstring><detail><ApiExceptionFault xmlns= "https://adwords.google.com/api/adwords/mcm/v201806"; xmlns:ns2= "https://adwords.google.com/api/adwords/cm/v201806";><ns2:message>[ AuthenticationError.CUSTOMER_NOT_FOUND @ ]</ns2:message><ns2: ApplicationException.Type>ApiException</ns2:ApplicationException.Type><ns2:errors xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"; xsi:type="ns2: AuthenticationError "><ns2:fieldPath></ns2:fieldPath><ns2:trigger></ns2:trigger><ns2:errorString>AuthenticationError.CUSTOMER_NOT_FOUND</ns2:errorString><ns2:ApiError.Type>AuthenticationError</ns2:ApiError.Type><ns2:reason>CUSTOMER_NOT_FOUND</ns2:reason></ns2:errors></ApiExceptionFault></detail></soap:Fault></soap:Body></soap:Envelope> I always get the CUSTOMER_NOT_FOUND error and if I include instead the MCC clientCustomerId the error changes to AuthorizationError.USER_PERMISSION_DENIED. Is this the right approach to get all Adwords accounts for a given user using OAuth2? Hope anyone can help me figure it out and thanks to everyone. -- -- =~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~ Also find us on our blog: https://googleadsdeveloper.blogspot.com/ =~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~ You received this message because you are subscribed to the Google Groups "AdWords API and Google Ads API Forum" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/adwords-api?hl=en --- You received this message because you are subscribed to the Google Groups "AdWords API and Google Ads API Forum" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. Visit this group at https://groups.google.com/group/adwords-api. To view this discussion on the web visit https://groups.google.com/d/msgid/adwords-api/91350e94-b91b-479d-b955-e5870a9b4ce6%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
