Common Errors

This page lists common errors and provides tips on preventing and handling them. For a complete list of errors, review the error references. For further support, visit our forum.

`google.auth.exceptions.RefreshError`

invalid_grant

Summary	Token has been expired or revoked.
Common causes	A Google Cloud Platform project with an OAuth consent screen configured for an external user type and a publishing status of `Testing` is issued a refresh token expiring in 7 days.
How to handle	Your Google project's publishing status is `Testing` so the refresh token expires every 7 days and receives an `invalid_grant` error. Go to the Google API Console and navigate to the OAuth consent screen. Then change the publishing status to `In production` following these instructions to avoid the refresh token expiring in 7 days.
Prevention tips	See Unverified apps.

`AuthenticationError`

CLIENT_CUSTOMER_ID_INVALID

Summary	Client customer ID is not a number.
Common causes	Using an improper client customer ID.
How to handle	N/A
Prevention tips	123-456-7890 should be 1234567890. See Get started for details.

CLIENT_CUSTOMER_ID_IS_REQUIRED

Summary	Client customer ID was not specified in the HTTP header.
Common causes	Not specifying a client customer ID in the HTTP header.
How to handle	N/A
Prevention tips	Client customer ID is required for all calls, so make sure you've specified one in the HTTP header. Consider using our client libraries as they handle this for you.

CUSTOMER_NOT_FOUND

Summary	No account found for the customer ID provided in the header.
Common causes	Trying to access an account that was just created before the account is established in the backend.
How to handle	Wait an initial five minutes, then retry every 30 seconds.
Prevention tips	Wait a few minutes after the account is created before issuing requests against it.

GOOGLE_ACCOUNT_COOKIE_INVALID

Summary	The access token in the request header is either invalid or has expired.
Common causes	The access token has been invalidated.
How to handle	Request a new token. If you're using one of our client libraries, consult its documentation on how to refresh the token.
Prevention tips	Store and reuse access tokens until they expire.

NOT_ADS_USER

Summary	The Google account used to generate the access token is not associated with any Google Ads account.
Common causes	The login information provided corresponds to a Google account that does not have Google Ads enabled.
How to handle	Make sure to sign in with a valid Google Ads account (typically your manager account) for the OAuth flow. You can also invite the Google account to access an existing Google Ads account by signing in to your manager account, selecting the customer or manager account in question, navigating to `Tools and Settings > Access and security`, then adding the Google account email address.
Prevention tips	N/A

OAUTH_TOKEN_INVALID

Summary	OAuth access token in the header is not valid.
Common causes	Your access token passed with the HTTP header was not correct.
How to handle	N/A
Prevention tips	Make sure you've passed the correct access token associated with your account. It's sometimes confused with refresh tokens and authorization codes. If you would like to get a credential that can access all client accounts under a manager account, make sure you get the refresh token for the manager account. For more details, see our guide on access token and refresh token and OAuth2.

`AuthorizationError`

CUSTOMER_NOT_ENABLED

Summary	The customer account cannot be accessed because it is not in an enabled state.
Common causes	This occurs when the customer account hadn't finished signup or had been deactivated.
How to handle	Sign in to the Google Ads UI and ensure that you've completed the signup process for this account. For deactivated accounts, see Reactivate a cancelled Google Ads account.
Prevention tips	You can proactively check if a customer account is deactivated by checking for a status of CANCELLED.

DEVELOPER_TOKEN_NOT_APPROVED

Summary	The developer token is only approved for use with test accounts and attempted to access a non-test account.
Common causes	A test developer token was used to access a non-test account.
How to handle	Ensure that you do in fact want to access a non-test account. If so, then you need to apply to have your developer token upgraded to Standard or Basic access.
Prevention tips	N/A

DEVELOPER_TOKEN_PROHIBITED

Summary	The developer token is not allowed with the project sent in the request.
Common causes	Each Google API Console project can be associated with the developer token from only one manager account. Once you make a Google Ads API request, the developer token is permanently paired to the Google API Console project. If you don't use a new Google API Console project, you'll get a `DEVELOPER_TOKEN_PROHIBITED` error when making a request.
How to handle	N/A
Prevention tips	If switching to a developer token under a new manager account, you'll need to create a new Google API Console project for Google Ads API requests that use the new manager's token.

USER_PERMISSION_DENIED

Summary	The authorized customer does not have access to the operating customer.
Common causes	Authenticating as a user with access to a manager account but not specifying `login-customer-id` in the request.
How to handle	N/A
Prevention tips	Specify the `login-customer-id` as the manager account ID without hyphens (`-`). Client libraries have built in support for this.

Make an API call

Next steps