I GOT IT!!!!!!!!!
After getting the ?code= from the URL $url = "https://accounts.google.com/o/oauth2/token";; $params = array( "code" => $authCode, "client_id" => $clientId, "client_secret" => $clientSecret, "redirect_uri" => $callbackUrl, "grant_type" => "authorization_code" ); $curl = curl_init(); curl_setopt($curl, CURLOPT_URL, $url); curl_setopt($curl, CURLOPT_HEADER, false); curl_setopt($curl, CURLOPT_FOLLOWLOCATION, true); curl_setopt($curl, CURLOPT_RETURNTRANSFER, true); curl_setopt($curl, CURLOPT_POST, true); curl_setopt($curl, CURLOPT_POSTFIELDS, $params); curl_setopt($curl, CURLOPT_ENCODING, ""); $curlData = curl_exec($curl); curl_close($curl); $result = json_decode ($curlData); print_r( $result ); $access_token = $result->access_token; $user = new AdWordsUser(); $user->SetOAuth2Info(array( "client_id" => $clientId, "client_secret" => $clientSecret, "access_token" => $access_token, "refresh_token" => "" )); I save the Auth Info and I was able to pull the other account data! On Tuesday, December 10, 2013 10:01:29 AM UTC-5, Christian Gibbs wrote: > > I am trying to access accounts that are not linked to our MCC by the > consent of the user. > > It first starts here, > > $user = new AdWordsUser(); > $user->SetOAuth2Info(array( > "response_type" => 'code', > "client_id" => $clientId, > "client_secret" => $clientSecret, > "access_token" => $access, > "refresh_token" => $refresh, > "scope" => 'offline' > )); > $params = array( > "response_type" => 'code', > "client_id" => $clientId, > "client_secret" => $clientSecret, > "access_token" => $access, > "refresh_token" => $refresh, > "scope" => 'offline' > ); > > /* > * public function GetAuthorizationUrl(array $credentials, > $redirectUri = NULL, $offline = NULL, array $params = NULL) { > */ > > // Generate an authorization URL given the callback URL > try{ > $OAuth2Handler = $user->GetOAuth2Handler(); > $OAuth2Handler->scope = 'https://adwords.google.com/api/adwords/'; > print_r( $OAuth2Handler ); > $authUrl = $OAuth2Handler->GetAuthorizationUrl($params, $callbackUrl, > true, null); > }catch( Exception $e ){ > print_r($e->getMessage()); > } > > header("Location: $authUrl"); > > > > Then it takes you to the consent page. > > After login is successful, > > > Not sure if I need to set scope = 'offline' Paul Matthews said something > about that but wasnt clear. There is another scope but it is a URL so I > dont know what hes talking about. Maybe you can shed some light on that. > > Anyway, the callback url runs this code, > > > $user = new AdWordsUser(); > $user->SetOAuth2Info(array( > "response_type" => 'code', > "client_id" => $clientId, > "client_secret" => $clientSecret, > "access_token" => $access, > "refresh_token" => $refresh, > "scope" => 'offline' > )); > $authCode = $_REQUEST["code"]; > //GetOAuth2Credential function copied below > > $oauth2Info = $this->Google_model->GetOAuth2Credential($user, $authCode, > $callbackUrl); > $user->SetOAuth2Info($oauth2Info); > $user->SetAuthToken( $authCode ); > > > > > > function GetOAuth2Credential($user, $code, $redirectUri = NULL) { > > $offline = TRUE; > // Get the authorization URL for the OAuth2 token. > // No redirect URL is being used since this is an installed application. > A web > // application would pass in a redirect URL back to the application, > // ensuring it's one that has been configured in the API console. > // Passing true for the second parameter ($offline) will provide us a > refresh > // token which can used be refresh the access token when it expires. > $OAuth2Handler = $user->GetOAuth2Handler(); > $authorizationUrl = $OAuth2Handler->GetAuthorizationUrl( > $user->GetOAuth2Info(), $redirectUri, $offline); > // In a web application you would redirect the user to the > authorization URL > // and after approving the token they would be redirected back to the > // redirect URL, with the URL parameter "code" added. For desktop > // or server applications, spawn a browser to the URL and then have the > user > // enter the authorization code that is displayed. > printf("Log in to your AdWords account and open the following > URL:\n%s\n\n", > $authorizationUrl); > //print "After approving the token enter the authorization code here: "; > > // Get the access token using the authorization code. Ensure you use > the same > // redirect URL used when requesting authorization. > $user->SetOAuth2Info( > $OAuth2Handler->GetAccessToken( > $user->GetOAuth2Info(), $code, $redirectUri)); > // The access token expires but the refresh token obtained for offline > use > // doesn't, and should be stored for later use. > return $user->GetOAuth2Info(); > } > > > > > > I still get the alert, [AuthorizationError.USER_PERMISSION_DENIED @ ; > trigger:''] > > > > > > On Tuesday, November 12, 2013 2:43:24 AM UTC-5, Takeshi Hagikura (AdWords > API Team) wrote: >> >> Hi Bikram, >> >> If the accounts are not linked to your MCC, you need to get a separate >> access token (and a refresh token) for each client account. >> In that case, I think an installed application mechanism is not practical >> because it requires manual process for each account. >> >> You can use the web application >> flow<https://developers.google.com/accounts/docs/OAuth2#webserver> by >> preparing a web server that doesn't require manual process in your side >> when a client grants your application access to their data. >> >> > Also please let me know what is the durability of our refresh token. >> Will not ever change after we give access and generate it. >> A refresh token never expires unless you explicitly revoke the access. >> >> Best, >> - Takeshi, AdWords API Team >> >> On Saturday, November 9, 2013 2:18:31 AM UTC+9, Bikram Bhuyan wrote: >>> >>> Hi Takeshi, >>> >>> Thanks for your detailed explanation. You are absolutely right. If both >>> the accounts are under our MCC account then everything should work fine as >>> you mentioned. I am trying to connect to our clients AdWords account which >>> will definitely be not under our MCC account. So I am trying to figure out >>> what will be the best mechanism to implement it. >>> >>> Also please let me know what is the durability of our refresh token. >>> Will not ever change after we give access and generate it. >>> >>> Thanks, >>> Bikram. >>> >>> On Thursday, November 7, 2013 10:08:43 PM UTC-8, Takeshi Hagikura >>> (AdWords API Team) wrote: >>>> >>>> HI Bikram, >>>> >>>> Glad to hear your issue has resolved. >>>> >>>> As for the next question, I'm assuming following account structures. >>>> >>>> MCC1 >>>> | -- AdWords1 >>>> | -- AdWords2 >>>> >>>> If client accounts are linked to the MCC, getting a refresh token is >>>> required only once. >>>> You can use the same credential of MCC1 when you access to AdWords1 and >>>> AdWords2. >>>> >>>> So once, you need to get a refresh token manually like opening a web >>>> browser and grant your application access to your MCC data. >>>> Then store the refresh token, you can use the same refresh token for >>>> both AdWords1 and AdWords2. >>>> (if you use one of our client libraries, it automatically refresh >>>> expires access tokens. Note: An access token expires in one hour) >>>> >>>> Does that answer your question? >>>> >>>> Best, >>>> - Takeshi, AdWords API Team >>>> >>>> On Friday, November 8, 2013 9:31:15 AM UTC+9, Bikram Bhuyan wrote: >>>>> >>>>> Hi Takeshi, >>>>> >>>>> I finally able to find the right MCC account for and user that to >>>>> generate the tokens and am able to access the API now. That issues is >>>>> resolved now. So thanks a lot for your help. >>>>> >>>>> Now I have a different issues to deal with. Looking at the refresh >>>>> token generation process, I see that we need to open the web page and >>>>> give >>>>> access to our MCC account manually and then the refresh token is >>>>> generated >>>>> which can be used to make the API call. Now for our requirement, we have >>>>> a >>>>> windows service which runs in the background, and we have several clients >>>>> who are using our application. Now the question is how do our application >>>>> get access API access to their AdWords accounts and proceed with fetching >>>>> the data etc. >>>>> >>>>> Say for an example we have 2 separate account AdWords1 and Adwords2. >>>>> How do we get access to these different accounts in code. I understand >>>>> they >>>>> have to give access our account somehow, but I don't get the process >>>>> correctly and how it can be implemented in a background running program. >>>>> >>>>> If you could help me in providing some details on this, that will be >>>>> really helpful. >>>>> >>>>> Thanks, >>>>> Bikram. >>>>> >>>>> On Wednesday, November 6, 2013 7:57:59 PM UTC-8, Takeshi Hagikura >>>>> (AdWords API Team) wrote: >>>>>> >>>>>> Thanks for the logs. >>>>>> >>>>>> Your clientCustomerId header looks in the request looks fine. >>>>>> >>>>>> For the next step, you need to make sure the client account is linked >>>>>> to the MCC account with which you got your OAuth2 credential. >>>>>> What email address did you use when you got the OAuth2 credential >>>>>> (access_token, refresh_token)? >>>>>> If you don't want to post it here, you can select "Reply to author" >>>>>> from the top right corner. >>>>>> >>>>>> Best, >>>>>> - Takeshi, AdWords API Team >>>>>> >>>>>> On Thursday, November 7, 2013 2:59:39 AM UTC+9, Bikram Bhuyan wrote: >>>>>>> >>>>>>> Hello Takeshi, >>>>>>> >>>>>>> Thanks for the reply. I suspect the same as well. But I am making >>>>>>> the calls based on the account information that is provided by google >>>>>>> adwords team after applying for the account set up. So I am not sure >>>>>>> where >>>>>>> is the issues. I am attaching the API logs as per your message below. >>>>>>> >>>>>>> Could you please tell me where I am making wrong? If you want I can >>>>>>> email my account information to your email for further investigation >>>>>>> (if >>>>>>> you give me the email address). >>>>>>> >>>>>>> Thanks, >>>>>>> Bikram. >>>>>>> >>>>>>> On Wednesday, November 6, 2013 12:25:16 AM UTC-8, Takeshi Hagikura >>>>>>> (AdWords API Team) wrote: >>>>>>>> >>>>>>>> Hi Bikram, >>>>>>>> >>>>>>>> My first guess is you are making an API call against a client >>>>>>>> account that is different from the account you authenticated with >>>>>>>> using >>>>>>>> OAuth2. >>>>>>>> Can you please share the SOAP request xml (please remove sensitive >>>>>>>> info before posting) log and the email you used when you authenticated >>>>>>>> using OAuth2? >>>>>>>> >>>>>>>> Best, >>>>>>>> - Takeshi, AdWords API Team >>>>>>>> >>>>>>>> On Friday, November 1, 2013 8:30:39 AM UTC+9, Bikram Bhuyan wrote: >>>>>>>>> >>>>>>>>> Hello, >>>>>>>>> >>>>>>>>> We have a test mcc account and a test customer id. Also we have >>>>>>>>> got the pending developer token for our production account. I >>>>>>>>> generated the >>>>>>>>> OAuth2ClientId, OAuth2ClientSecret & OAuth2RefreshToken successfully >>>>>>>>> by >>>>>>>>> following the steps. Now when I make a the api call to fetch the list >>>>>>>>> of >>>>>>>>> campaign associated with my test customer id, I am getting >>>>>>>>> "AuthorizationError.USER_PERMISSION_DENIED" error. >>>>>>>>> >>>>>>>>> Could you please suggest if I am missing any set up process? >>>>>>>>> >>>>>>>>> If you want I can send you my IDs and token currently I used in >>>>>>>>> the application. >>>>>>>>> >>>>>>>>> Thanks, >>>>>>>>> Bikram. >>>>>>>>> >>>>>>>> -- -- =~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~ Also find us on our blog and discussion group: http://googleadsdeveloper.blogspot.com http://groups.google.com/group/adwords-api =~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~=~ You received this message because you are subscribed to the Google Groups "AdWords API Forum" group. To post to this group, send email to adwords-api@googlegroups.com To unsubscribe from this group, send email to adwords-api+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/adwords-api?hl=en --- You received this message because you are subscribed to the Google Groups "AdWords API Forum" group. To unsubscribe from this group and stop receiving emails from it, send an email to adwords-api+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/groups/opt_out.
