Stay organized with collections
Save and categorize content based on your preferences.
Requests to the ReachPlanService must
supply an approved developer token, OAuth credentials, and a customer ID that
your OAuth credentials can access.
This guide covers authentication details specific to
ReachPlanService. If you haven't already,
first complete the steps outlined in Get
started, then come back to this point.
Developer token and OAuth credentials
In addition to the guidance presented by Get
started, keep the following points in mind:
Your developer token must be allowlisted to connect to the
ReachPlanService, even if it's
already approved for use with other Google Ads API services. For more information,
see the eligibility
requirements.
You must accept the Google Ads API Terms of Service in order to connect to
the Google Ads API.
The user who owns your OAuth refresh token determines which customer IDs you
can query in the ReachPlanService.
This informs your integration and is explained in more details below.
Customer IDs
Most services within the Google Ads API operate on specific Google Ads accounts and
campaigns. As a result, most requests require both a customer ID to identify
the account you're managing or querying, and OAuth
credentials that have permission to access that
customer ID. However, ReachPlanService
is meant for video planning activities that might occur before you know the
specific customer ID where you would run a campaign.
For partners who build tools for internal use in their organization, we
recommend one of the following choices:
If your planners don't have access to your clients' Google Ads accounts:
Generate OAuth credentials using the installed application flow for a user
with access to your developer token's manager account. Then create or obtain
a Google Ads account for each team that uses your tool, and link them to
your manager account. When making requests to
ReachPlanService provide the customer ID
corresponding to a user's team.
If your planners have access to a Google Ads manager account that manages
your clients' accounts: Implement the web application flow to allow your
app to use your planners' OAuth credentials. Then you can pass in the
customer ID corresponding to the customer of your plan.
For partners who build a tool for external users, we recommend similar
approaches:
Generate OAuth credentials using the installed application flow for a user
with access to your developer token's manager account. Create a Google Ads
account per external client and link them to your manager
account. Then configure your tool to provide a client's
corresponding customer ID when they're generating plans.
Give your users the ability to grant your tool access to their accounts
by using the web application flow. Once a user grants permission, use the
CustomerService to provide
them with a list of Google Ads accounts they can access.
The goal is to ensure planners have the lowest possible friction when using the
ReachPlanService. Before you integrate the
API, select one of the two approaches according to your situation and identify
a few customer IDs to test. If in doubt, use the first suggested approach for
your tool type.
[[["Easy to understand","easyToUnderstand","thumb-up"],["Solved my problem","solvedMyProblem","thumb-up"],["Other","otherUp","thumb-up"]],[["Missing the information I need","missingTheInformationINeed","thumb-down"],["Too complicated / too many steps","tooComplicatedTooManySteps","thumb-down"],["Out of date","outOfDate","thumb-down"],["Samples / code issue","samplesCodeIssue","thumb-down"],["Other","otherDown","thumb-down"]],["Last updated 2025-09-03 UTC."],[[["\u003cp\u003eThe ReachPlanService API requires allowlisted access, an approved developer token, OAuth credentials, and a valid customer ID.\u003c/p\u003e\n"],["\u003cp\u003eYour developer token needs to be specifically allowlisted for ReachPlanService, and you must accept the Google Ads API Terms of Service.\u003c/p\u003e\n"],["\u003cp\u003eCustomer ID selection depends on whether planners have access to client accounts or use a manager account, impacting OAuth credential flow.\u003c/p\u003e\n"],["\u003cp\u003ePartners building internal tools can choose between using a manager account with linked team accounts or leveraging planners' existing manager account access.\u003c/p\u003e\n"],["\u003cp\u003ePartners building external tools can use a similar approach, either linking client accounts to a manager account or utilizing the web application flow for direct user account access.\u003c/p\u003e\n"]]],[],null,["# Authentication\n\n| **Important:** This feature is available to allowlisted accounts only. Contact your Google representative if you need access to the feature.\n\n\u003cbr /\u003e\n\nRequests to the [`ReachPlanService`](/google-ads/api/reference/rpc/v21/ReachPlanService) must\nsupply an approved developer token, OAuth credentials, and a customer ID that\nyour OAuth credentials can access.\n\nThis guide covers authentication details specific to\n[`ReachPlanService`](/google-ads/api/reference/rpc/v21/ReachPlanService). If you haven't already,\nfirst complete the steps outlined in [Get\nstarted](/google-ads/api/docs/get-started/introduction), then come back to this point.\n\nDeveloper token and OAuth credentials\n-------------------------------------\n\nIn addition to the guidance presented by [Get\nstarted](/google-ads/api/docs/get-started/introduction), keep the following points in mind:\n\n1. Your developer token must be allowlisted to connect to the [`ReachPlanService`](/google-ads/api/reference/rpc/v21/ReachPlanService), even if it's already approved for use with other Google Ads API services. For more information, see the [eligibility\n requirements](/google-ads/api/docs/reach-forecasting#eligibility).\n2. You must accept the Google Ads API Terms of Service in order to connect to the Google Ads API.\n3. The user who owns your OAuth refresh token determines which customer IDs you can query in the [`ReachPlanService`](/google-ads/api/reference/rpc/v21/ReachPlanService). This informs your integration and is explained in more details below.\n\nCustomer IDs\n------------\n\nMost services within the Google Ads API operate on specific Google Ads accounts and\ncampaigns. As a result, most requests require both a customer ID to identify\nthe account you're managing or querying, and [OAuth\ncredentials](/google-ads/api/docs/oauth/overview) that have permission to access that\ncustomer ID. However, [`ReachPlanService`](/google-ads/api/reference/rpc/v21/ReachPlanService)\nis meant for video planning activities that might occur before you know the\nspecific customer ID where you would run a campaign.\n\nFor partners who build tools for internal use in their organization, we\nrecommend one of the following choices:\n\n1. **If your planners don't have access to your clients' Google Ads accounts** :\n Generate OAuth credentials using the *installed application flow* for a user\n with access to your developer token's manager account. Then create or obtain\n a Google Ads account for each team that uses your tool, and [link them to\n your manager account](//support.google.com/google-ads/answer/7459601). When making requests to\n [`ReachPlanService`](/google-ads/api/reference/rpc/v21/ReachPlanService) provide the customer ID\n corresponding to a user's team.\n\n2. **If your planners have access to a Google Ads manager account that manages\n your clients' accounts** : Implement the *web application flow* to allow your\n app to use your planners' OAuth credentials. Then you can pass in the\n customer ID corresponding to the customer of your plan.\n\nFor partners who build a tool for external users, we recommend similar\napproaches:\n\n1. Generate OAuth credentials using the *installed application flow* for a user\n with access to your developer token's manager account. Create a Google Ads\n account per external client and [link them to your manager\n account](//support.google.com/google-ads/answer/7459601). Then configure your tool to provide a client's\n corresponding customer ID when they're generating plans.\n\n2. Give your users the ability to grant your tool access to their accounts\n by using the *web application flow* . Once a user grants permission, use the\n [`CustomerService`](/google-ads/api/docs/account-management/listing-accounts) to provide\n them with a list of Google Ads accounts they can access.\n\nThe goal is to ensure planners have the lowest possible friction when using the\n[`ReachPlanService`](/google-ads/api/reference/rpc/v21/ReachPlanService). Before you integrate the\nAPI, select one of the two approaches according to your situation and identify\na few customer IDs to test. If in doubt, use the first suggested approach for\nyour tool type."]]
