AI-generated Key Takeaways
-
This guide details setting up OAuth2 for API access using your own credentials via service accounts, a process required only once unless credentials are revoked or deleted.
-
Creating OAuth2 credentials requires a Google Workspace domain and granting the service account domain-wide delegation access by a super administrator.
-
To set up the client library, you need to configure the private key JSON file path and delegate account ID either in a
googleads.properties
file or as environment variables. -
When loading configurations, the library prioritizes credentials from OAuth2 desktop or web app flows, so ensure these are not present if you intend to use Service Account authentication.
This guide will walk you through how to setup OAuth2 for API access using your own credentials using service accounts. These steps only need to be done once, unless you revoke or delete your OAuth2 credentials.
Create OAuth2 credentials
Generate a service (delegate) account ID and a *.JSON
file
by following the linked instructions, then come back to this page.
Set up client library
Set the private key JSON file path and delegate account ID in your
configuration. If you're using a googleads.properties
file, add the following:
jsonKeyFilePath=PRIVATE_KEY_FILE_PATH
impersonatedEmail=DELEGATE_ACCOUNT
If you're using environment variables, add the following to your Bash configuration or environment:
export GOOGLE_ADS_JSON_KEY_FILE_PATH=PRIVATE_KEY_FILE_PATH
export GOOGLE_ADS_IMPERSONATED_EMAIL=DELEGATE_ACCOUNT_ID