Authentication

Requests to the ReachPlanService must supply an approved developer token, OAuth credentials, and a Customer ID that your OAuth credentials can access.

Developer token and OAuth credentials

In addition to the guidance presented by the quickstart, keep in mind that:

1. Your developer token must be allowlisted to connect to the ReachPlanService, even if it is already approved for use with other Google Ads API services. For more information see the Eligibility Requirements.
2. You must accept the Google Ads API Terms of Service in order to connect to the Google Ads API.
3. The user who owns your OAuth refresh token determines which Customer IDs you can query in the ReachPlanService. This informs your integration, and is explained in more detail below.

Customer IDs

Most services within the Google Ads API operate on specific Google Ads accounts and campaigns. As a result, most requests require both a Customer ID to identify the account you are managing or querying, and OAuth credentials that have permission to access that Customer ID. However, ReachPlanService is meant for video planning activities that may occur before you know the specific Customer ID where you would run a campaign.

For partners who build tools for internal use at their organization, we recommend you either:

1. If your planners do not have access to your clients' Google Ads accounts: Generate OAuth credentials using the Installed application flow for a user with access to your developer token's Manager Account. Then create or obtain a Google Ads account for each team who will use your tool, and link them to your Manager Account. When making requests to ReachPlanService provide the Customer ID corresponding to a user's team.
2. If your planners have access to a Google Ads Manager Account that manages your clients' accounts: Implement the Web application flow to allow your application to use your planners' OAuth credentials. Then you can simply pass in the Customer ID corresponding to the customer of your plan.

For partners who build a tool for external users, we recommend similar approaches:

1. Generate OAuth credentials using the Installed application flow for a user with access to your developer token's Manager Account. Create a Google Ads account per external client and link them to your Manager Account. Then configure your tool to provide a client's corresponding Customer ID when they're generating plans.
2. Give your end-users the ability to grant your tool access to their accounts by using the Web application flow. Once a user grants permission, use the CustomerService to provide them with a list of Google Ads accounts they can access.

Essentially, the goal is to ensure planners have the lowest possible friction when using the ReachPlanService. Before you integrate the API it would be good to settle on one of the two approaches specific to your situation, and identify a few Customer IDs to test. If in doubt, use the first suggested approach for your type of tool.