I am attempting to follow several guides to implement a API access to our own google ads api. The goal is to load spend and campaign information to our internal data warehouse so we can build reports etc.. Pretty straight forward. oh no!

We use a SaaS tool called Celigo to build interfaces to API's in this case the google API. I have followed the guides, which have not been simple for me to understand:)

After several failed attempt, I finally thought I was on the right lines, I enabled the API in GOOGLE CLOUD under my project. set up a OAuth consent screen. I then attempted to create credentials. however I get this internal error to which after much google-ing I can't find any support for. Does anybody have any experience of this issue? or help my unblock this part ? thanks in hope!

The request failed because one of the field of the resource is invalid.

Expecting to create oauth credentials

FYI guides I have been following are https://www.youtube.com/watch?v=HXKpfGqPRy0&t=1042s https://docs.celigo.com/hc/en-us/articles/360060770192-Set-up-a-connection-to-Google-Ads#Client-Info3

I am following Google Ads documentation to fetch a refresh token. I have got to this step: https://developers.google.com/google-ads/api/docs/get-started/make-first-call#fetch_a_refresh_token

oauth2l fetch --credentials credentials.json --scope adwords \     --output_format refresh_token 

When I run the above command I get the error missing 'type' field in credentials

I found answers similar to this: https://github.com/GeneralElectric/GABeat/issues/2

So I tried adding "type": "service_account" to the json file but then I get this error instead: "private key should be a PEM or plain PKCS1 or PKCS8; parse error: asn1: syntax error: sequence truncated"

Below is the credentials.json file (after I added the "type" field). The original was downloaded during this step of the Google Ads documentation: https://developers.google.com/google-ads/api/docs/get-started/oauth-cloud-project#id-secret

{   "type": "service_account",   "web": {     "client_id": "XXXXXXXXXX.apps.googleusercontent.com",     "project_id": "XXXXXXXXXX",     "auth_uri": "https://accounts.google.com/o/oauth2/auth",     "token_uri": "https://oauth2.googleapis.com/token",     "auth_provider_x509_cert_url": "https://www.googleapis.com/oauth2/v1/certs",     "client_secret": "XXXXXXXXXX",     "javascript_origins": [       "https://XXXXXXXXXX.co.uk"     ]   } } 

I have generated developer_token, access_token and refresh token with googleads read permission. While using in code using google-ads-api I am getting below error.

Code:

from google.ads.googleads.client import GoogleAdsClient googleads_client = GoogleAdsClient.load_from_storage(path="./googleads.yaml", version="v14") 

Error:

  googleads_client = GoogleAdsClient.load_from_storage(path="./googleads.yaml", version="v14") 

I followed this tutorial to generate developer token, access token and refresh_token.

Here is permissions in the app and during authorization screenshot

I created new credentials in Google Developer Console for Google Ads base URL : https://googleads.googleapis.com/v14/customers. and added the scope: https://www.googleapis.com/auth/adwords . Using Oauth2 user consent. https://developers.google.com/identity/protocols/oauth2

In Postman, I performed the following steps in my Google Ads workspace :

1a. Added Client Id and Client Secret to the variables portion of the Google Ads collection.

1. Set the token name
2. Set the grant type = 'Authorization Code'
3. Callback URL = https://oauth.pstmn.io/v1/browser-callback
4. Auth URL = https://accounts.google.com/o/oauth2/v2/auth
5. Access Token URL = https://oauth2.googleapis.com/token
6. Scope = https://www.googleapis.com/auth/adwords
7. Refresh token (default) = https://oauth2.googleapis.com/token

When I click the Access New Token button, I get the redirect page requesting me to choose an account. So I choose my google account and allow oauth.pstmn.io to access my google account (This is postman browser) .

The token generation fails with the message below (note that I have already successfully done token generation in Postman with credentials used for DFA Reporting for Campaigns, Sites, and Ads in GCM 360):

However, the result is that I get an "invalid client". How could that be since I created the client in Google Developer Console and copied those over to Postman doing everything that I did successfully for GCM 360 APIs ? Thanks. Here are the slides:

Google Sensitive scopes List

Postman Redirect

Postman Error Logs

Response body (in error log)

Using bellow code I can get the access and refresh token:

private const SCOPE                 = 'https://www.googleapis.com/auth/adwords'; private const AUTHORIZATION_URI     = 'https://accounts.google.com/o/oauth2/v2/auth'; private const OAUTH2_CALLBACK_PATH  = ''; private const REDIRECT_URL          = 'http://localhost:3000/google/google-ads/confirmed'; $code           = $request->input('code'); $scope          = $request->input('scope'); $state          = $request->input('state'); $project_token  = $request->input('project_token'); $project_name   = $request->input('project_name'); $account_name   = $request->input('account_name'); $account_id     = $request->input('account_id'); $clientId       = 'my-client-id--kh3el.apps.googleusercontent.com'; $clientSecret   = 'my-clicent-secret4cCm'; $redirectUrl    = self::REDIRECT_URL; $oauth2 = new OAuth2(     [         'clientId'              => $clientId,         'clientSecret'          => $clientSecret,         'authorizationUri'      => self::AUTHORIZATION_URI,         'redirectUri'           => $redirectUrl . self::OAUTH2_CALLBACK_PATH,         'tokenCredentialUri'    => CredentialsLoader::TOKEN_CREDENTIAL_URI,         'scope'                 => self::SCOPE,         // Create a 'state' token to prevent request forgery. See         // https://developers.google.com/identity/protocols/OpenIDConnect#createxsrftoken         // for details.         'state' => sha1(openssl_random_pseudo_bytes(1024))     ] ); // Set the authorization code and fetch refresh and access tokens. $oauth2->setCode($code); $authToken = $oauth2->fetchAuthToken(); $refreshToken   = isset( $authToken['refresh_token'] ) ? $authToken['refresh_token'] : ''; $accessToken    = $oauth2->getAccessToken(); 

now how can I get the emaill address? Is there any way?