Credentials for accessing Google's OAuth2 servers are required in order to authenticate and authorize Google Ads users. These credentials identify your app to Google, and allow you to generate OAuth tokens for managing Google Ads users. Access to Google OAuth2 credentials is managed from the Google API Console.
Watch this video for some Cloud project best practices
Create a project
Go to the Google API Console. Click Create project, enter a name, and click Create.
Enable the Google Ads API in your project
To enable the Google Ads API for your project, do the following:
Open the API Library in the Google API Console. If prompted, select your project or create a new one. The API Library lists all available APIs, grouped by product family and popularity.
Use search to find the Google Ads API if it isn't visible in the list.
Select the Google Ads API, then click the Enable button.
Choose an app type
There are two app type options for the Google Ads API:
- Desktop apps
- Web apps
Check the table below to determine which type is most appropriate for the app you want to build:
Choose this app type | If ... |
---|---|
Desktop app |
|
Web app |
|
For more details, refer to the Google Identity Platform OAuth documentation for desktop apps or web apps.
Create a client ID and client secret
Once you've determined your app type, follow the instructions below to generate the OAuth2 client ID and client secret:
Open the Credentials page. Select a previously created project or create a new one.
On the Credentials screen, click CREATE CREDENTIALS, then select OAuth client ID.
If you hadn't configured an OAuth consent screen for this project previously, you'll be directed to do so now. Click CONFIGURE CONSENT SCREEN.
Select the user type and click CREATE.
Fill out the initial form. You can edit this later if needed. Click Save when done.
Navigate back to Credentials > CREATE CREDENTIALS > OAuth client ID to continue.
Select either Desktop app or Web application as the app type, depending on your use case.
Give it a name, then click Create.
If your client type is Web application, add at least one authorized redirect URI.
For local testing that's compatible with the default configuration in our client library examples, use
http://127.0.0.1
.For Desktop app clients, you will still use a loopback IP redirect, but the URI is not explicitly configured in the Cloud console.
On the confirmation page, copy Your Client ID and Your Client Secret to your clipboard, as you will need them when you configure your client library. You can also return to the credentials page later to retrieve these details.