The new Search Ads 360 Reporting API is now available. Join the searchads-api-announcements Google group to stay up to date on upcoming enhancements and releases.

OAuth Playground

One option for generating OAuth2 credentials is to use the OAuth2 Playground. The OAuth2 Playground, in conjunction with the Google Ads API console, lets you manually create OAuth2 tokens.

The OAuth2 Playground is for users who only need to access the accounts for a single manager account or Google Ads user. If you need to prompt multiple users for credentials, it is likely better to configure a client library for OAuth in Search Ads 360.

Get a client ID and client secret

If you do not have an existing cloud project:

Open the Google API Console Credentials page .
From the project drop-down, select an existing project or create a new one.
On the Credentials page, select Create credentials, then select OAuth client ID.
Under Application type, choose Web application.
Under Authorized redirect URIs, add a line with: https://developers.google.com/oauthplayground
Click Create.
On the Client ID page, take note of the client IDand client secret. You'll need these in the next step.

If you have an existing cloud project, you can reuse it by setting the Authorized redirect URIs as above.

Generate tokens

Go to the OAuth2 Playground , (using this link should pre-populate some key values for you).
Click the gear iconin the upper right corner and check the box labeled Use your own OAuth credentials(if it isn't already checked).
Make sure that:
- OAuth flowis set to Server-side.
- Access typeis set to Offline(this ensures you get a refresh token and an access token, instead of just an access token).
Enter the OAuth2 client IDand OAuth2 client secretyou obtained above.
In the section labeled Step 1 - Select & authorize APIs, click Search Ads 360 Reporting APIfrom the list and select its scope, https://www.googleapis.com/auth/doubleclicksearch . Then click Authorize APIs:
If prompted, sign in to the account to which you want to grant access and authorization. Otherwise, confirm that the current user in the top right corner is the client or manager account for whom you want to obtain credentials.

If you got your client ID and secret only a few minutes ago, and you get an error such as Error: redirect_uri_mismatch , the changes you made may not have propagated. Click the back button in your browser, wait a few minutes, then try clicking Authorize APIs again.

If you get an error that you have not been granted access by the developer and the app is currently being tested, you will need to visit the OAuth consent screen page within your GCP project and do one of the following:
- Publish the app.
- Keep the app in the Testing status, and add yourself as a test user.
A prompt appears indicating your app would like to Manage your Search Ads 360 campaigns. Click Acceptto continue.
In the tab labeled Step 2 - Exchange authorization code for tokens, an Authorization codeshould appear. Click Exchange authorization code for tokens.
If all goes well, the Refresh tokenand Access tokenshould be filled in for you (you may have to re-expand Step 2 - Exchange authorization code for tokens):
Copy the Refresh tokeninto the configuration file for your client library of choice, along with the client IDand client secret.
Configure a client library for OAuth in the Search Ads 360 Reporting API .

Remove the OAuth2 Playground from your client ID

Now that you have a refresh token, you no longer need the OAuth2 Playground to be an authorized redirect URI. To remove it from the list of authorized redirect URIs:

Go to the Google API Console Credentials page .
From the project drop-down, select your project.
On the Credentials page, click the client ID nameto edit.
Remove https://developers.google.com/oauthplayground from the Authorized redirect URIs. Note that you must leave at least one redirect URI in place.
Click Save.