I'm using OAuth2 flow to get access to a Google Ads Account. My application runs in a flask server, so I can get the authorization code from the OAuth2 flow using the the requestvariable in the flask context. First, I get the permission screen url, that redirects to "/google_ads/authorized" flask route.

auth_url = 'https://accounts.google.com/o/oauth2/auth' client_id = os.environ['CLIENT_ID'] client_secret = os.environ['CLIENT_SECRET'] redirect_uri = os.environ['REDIRECT_URI'] scope = 'https://www.googleapis.com/auth/adwords'

In the redirected flask route I'm making a request to exchange the authorization code by the access token and refresh token.

token_url = 'https://accounts.google.com/o/oauth2/token' payload = {  "code": request.args['code'],  "client_id": client_id,  "client_secret": client_secret,  "redirect_uri": redirect_uri,  "grant_type": "authorization_code" } req = requests.post(url=token_url, data=json.dumps(payload) res = req.json() credentials = {  'access_token': res['access_token'],   'refresh_token': res['refresh_token'],   'client_id': client_id,  'client_secret': client_secret,   'expiry': '2023-06-12T18:01:59',   'scopes': ['https://www.googleapis.com/auth/adwords'] }

Finally, I use the credentials dict to build a Credentials object, that is passed with the developer token as an argument to instantiate the GoogleAdsClient,

from google.oauth2.credentials import Credentials from google.ads.googleads.client import GoogleAdsClient developer_token = os.environ['DEVELOPER_TOKEN'] credentials=Credentials.from_authorized_user_info(creds) client = GoogleAdsClient(credentials=credentials, developer_token=developer_token) customer_service = client.get_service("CustomerService") customer_service.list_accessible_customers()

When I try to make a request and list the available customers in the account, using customer_service.list_accessible_customers(), I got the following error:

{  "error": {    "code": 403,    "message": "The caller does not have permission",    "status": "PERMISSION_DENIED",    "details": [      {       "@type": "type.googleapis.com/google.ads.googleads.v14.errors.GoogleAdsFailure",       "errors": [      {        "errorCode": {           "authorizationError": "DEVELOPER_TOKEN_PROHIBITED"        },        "message": "Developer token is not allowed with project '685646918301'."          }        ],        "requestId": "hYMHcD_FbdI0vwYeKRrAbw"       }     ]   } }

This method is the same method that I'm using to authenticate Google Analytics API requests. I already tried using the flow lib and I got the same error.

Tag:google-ads-api, google-cloud-platform, python

Only one comment.

  1. dorian

    The error indicates that you used a different Google Ads API developer token with the same GCP project in the past.

    Once you perform your first Google Ads API call with a given GCP project, the developer token used in that request is permanently associated with that project.

    Easiest way to solve this is to create a new project in the Google Cloud console, add a OAuth2 client to that project and then use your current token with that client.

    Reply

Add a new comment.