Okay, I'm going to follow Ewan Heming's tutorial and see how I get on with that: http://www.ewanheming.com/adwords-api-oauth-tutorial
Thanks On Tuesday, September 10, 2013 11:14:42 PM UTC+1, Alan Coleman wrote: > > Hi David, > > Many thanks for taking the time to reply. > > I understand the concepts of OAuth2, I've been through all of the > documentation many times and it all makes sense. Much of the documentation > seems to be geared towards web applications for anonymous users, whilst > this is very useful it just adds confusion to my process, which is quite > simple. > > If we could could focus our attention on this very simple scenario, > everything else will fall into place. > > > 1. I've added my application to the Google APIs console and have added > my *client_id* and *client_secret* to auth.ini in place of the *email*and > *password* I've previously been using for authentication. > 2. I've run the GetRefreshToken.php process and have obtained an > authorization token from https://accounts.google.com/o/oauth2/auth?.... > which in turn has given me a *refresh_token*, this has been added to > auth.ini > 3. I run get GetCampaigns.php to test OAuth2 > 4. I get an *access_token* required error > > Okay, so I need an *access_token*. At what stage, in the numbers 1, & 3 > above do I need to generate an *access_token *as documented > here<https://developers.google.com/accounts/docs/OAuth2InstalledApp#refresh> > ? > > Once I have an *access_token* how do I pass it to the API? In auth.ini? > > Do I need to generate a new *access_token* every time I want to use > GetCampaigns.php? > > Many thanks for helping me with this, I understand the concept fully, just > confused with this real world example. > > Thanks again > > > > On Tuesday, September 10, 2013 5:03:36 PM UTC+1, David Torres (AdWords API > Team) wrote: >> >> Hi Alan, >> >> You use your refresh token to generate new access tokens. Then the access >> token is the one you include in the API calls so your request get properly >> authorized, as you mentioned. >> >> So if you were able to generate a refresh token already, a call to >> https://accounts.google.com/o/oauth2/token allows you to generate an >> access token. As explained >> her<https://developers.google.com/accounts/docs/OAuth2InstalledApp#refresh> >> e. >> >> But your mention to redirect URIs makes me think that you are in early >> stages of the OAuth2 protocol and haven't been able to generate a refresh >> token. In a simplistic way to describe it, you first redirect your user to >> our auth server so they can authorize your application to access their >> data, our server will then redirect to your application with a confirmation >> code (this is not an access or refresh token) that you then need to >> exchange for a pair of access token and refresh token. Access tokens are >> short lived and their lifetime is returned as part of the response, while >> refresh token don't expire and you should securely store these on your >> side. I'd recommend you carefully reading this doc >> page<https://developers.google.com/accounts/docs/OAuth2> and >> also recommend you specifically reading about the Installed Apps >> flow<https://developers.google.com/accounts/docs/OAuth2InstalledApp> >> >> BTW, I'd highly recommend you using our client libraries, which will >> greatly help you implement the whole auth logic since all of them offer >> utilities and code examples on how to deal with OAuth2. If you tell me what >> programming language your are working with I can point you to some of these >> resources. >> >> Best, >> >> - David Torres - AdWords API Team >> >> On Monday, September 9, 2013 5:27:41 PM UTC-4, Alan Coleman wrote: >>> >>> Hi Brett, >>> >>> Thanks again for replying, I'm still confused about the returning * >>> access_token* that my app will need to use the API. >>> >>> Do I need to handle or store it somewhere? >>> >>> I understand that OAuth2 uses the *client_id*, *client_secret* and * >>> refresh_token* to get an *access_token*, which in turn should allow my >>> app to use the API. However I don't understand where the *access_token*gets >>> returned to. >>> >>> In the Google APIs Console a Client ID for Installed applications gives >>> no option for the redirect URIs, it's set as localhost as default. >>> >>> Could a firewall be preventing the access token from returning to my >>> application? >>> >>> Many thanks. >>> >>> On Thursday, September 5, 2013 5:58:03 PM UTC+1, Brett Baggott wrote: >>>> >>>> Alan, here's a link to Google's official explanation of the different >>>> types of >>>> projects<https://developers.google.com/accounts/docs/OAuth2?csw=1#scenarios>. >>>> >>>> I suggest that, instead of thinking of these different project types in >>>> relation to what _your_ application is, think of them in relation to how >>>> each is different. Here's my lame attempt at describing each of these >>>> projects in my own words: >>>> >>>> Web Application - This is for interactive applications that are going >>>> to allow any user (basically) to go through your application and authorize >>>> you to access their account via API and then your application will do >>>> whatever it is designed to do, most likely interactively. >>>> Installed Application - This is for an application that contains >>>> functionality that uses the Adwords API but authorization is most likely a >>>> one-time thing (at least in the way I think of it), probably accessing a >>>> specific account(s), and where authorization (or more likely refreshing of >>>> authorization) pretty much happens in the background. >>>> Service Application - This is the same as the Installed Application >>>> except it's meant to be run on a server and therefore even less user >>>> interaction. There's actually some assumed authorization processes that >>>> are >>>> pretty different from the Installed Application but for the purposes of my >>>> example here, is beyond the scope of discussion. >>>> >>>> So really I think of these different project types in terms of _how_ >>>> I'm going to handle authorization (i.e. interactively or "built-in"). >>>> >>>> As far as your question about the Redirect URI, think of it like the >>>> PayPal process. You click on a PayPal button on a website, you're taken to >>>> PayPal to sign in and authorize the payment, and then you are redirected >>>> at >>>> some point back to the vendors site so he can say Thank You. Well, in the >>>> same way you'd tell PayPal "here's the URI I want you to redirect to after >>>> the payment is processed" (i.e. my thank you page), you tell the Auth API >>>> where you want to redirect to after the user has authorized you to access >>>> their account. >>>> >>>> Hope that helps, >>>> ~Brett >>>> >>>> On Thursday, September 5, 2013 9:25:11 AM UTC-5, Alan Coleman wrote: >>>>> >>>>> Hello everyone, >>>>> >>>>> Apologies for my lack of understanding surrounding this topic and >>>>> continuous post about the basics of the protocol. >>>>> >>>>> I'm passing *client_id*, *client_secret* and *refresh_token* to the >>>>> Google OAuth2 Authorisation Server but my application is returning an >>>>> *access token required* error. >>>>> >>>>> Does the access token get returned to the Redirect URI ? >>>>> >>>>> If so, what do I have to do to handle the access_token at that point? >>>>> Do I have to store it or pass it somewhere else? >>>>> >>>>> Apologies again, I'm just finding all of the documentation a little >>>>> overwhelming. >>>>> >>>>> Many thanks >>>>> >>>> -- -- =~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~ Also find us on our blog and discussion group: http://adwordsapi.blogspot.com http://groups.google.com/group/adwords-api =~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~ You received this message because you are subscribed to the Google Groups "AdWords API Forum" group. To post to this group, send email to adwords-api@googlegroups.com To unsubscribe from this group, send email to adwords-api+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/adwords-api?hl=en --- You received this message because you are subscribed to the Google Groups "AdWords API Forum" group. To unsubscribe from this group and stop receiving emails from it, send an email to adwords-api+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/groups/opt_out.
