Hi, I work on Airbyte <https://github.com/airbytehq/airbyte>, an open source data portability platform. Airbyte allows users to sync data from their Databases and SaaS applications (e.g: Google Adwords) to their data warehouses for analysis. We support Google Adwords API <https://docs.airbyte.io/integrations/sources/google-adwords> as a connector to allow our users to pull data from Adwords into their data warehouses.
Our users have reported multiple rejections when requesting Adwords API tokens for use with Airbyte. I am writing to find a path forward for Airbyte to be able to support Google Adwords as a source connector so that we may be able to serve our mutual users. When an API token application gets rejected, it's often with a reason such as: "It appears that you are planning on using a third-party tool (AirByte) with an AdWords API token. This is a violation of the Ads API Policies, and is not a permissible use case for API access. Airbyte requiring users to apply for their own devtoken to use their 3rd party software is a direct violation of our Ads API Policies. Airbyte should have its own API token and all you have to do is sign in with your AdWords account.". However, it is not feasible for us to have a publicly available application that Adwords users use for authentication for a number of reasons. The biggest issue is security: it would give Airbyte (the company) access to the user's data, which is against the operating principles of the product for security reasons. Airbyte's goal is to let users get their own data into their own warehouses without it ever going through a 3rd party. In addition, because Airbyte is public and modifiable software, I don't think it's possible to create an Adwords API token for Airbyte while being able to keep it private. Any user of Airbyte would be able to see Airbyte's API token, which would allow them to impersonate Airbyte in other contexts, another big security risk. In some sense, using Airbyte is exactly like downloading a code sample from the internet which displays how to pull data from the Adwords API and running it on your own servers, which seems like a use case that Google wouldn't reject granting an API token for. So my request is: 1. given the description above, is it truly a violation of Google's policies for Airbyte to require a user to get their own API token for use with Airbyte? If yes, could you help me understand how it violates the agreement so we can know how to build our product in compliance with the policy? 2. If it's not a violation of the policy, can we whitelist Airbyte so that any subsequent Airbyte users which request a developer token can be granted the token without having to go through multiple rounds of appeals? We're also happy to provide a particular text copy that our users should use when requesting a connector. I appreciate your help with this matter. Best, Shrif Nada Founding Engineer, Airbyte -- -- =~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~ Also find us on our blog: https://googleadsdeveloper.blogspot.com/ =~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~ You received this message because you are subscribed to the Google Groups "AdWords API and Google Ads API Forum" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/adwords-api?hl=en --- You received this message because you are subscribed to the Google Groups "AdWords API and Google Ads API Forum" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/adwords-api/1f544e66-8bd7-4951-b58b-791cac947135n%40googlegroups.com.
