The previous Search Ads 360 Reporting API is decommissioned. You can now create your reports using the new Search Ads 360 Reporting API.

Note that the Search Ads 360 Conversion API is not affected and will continue to be supported.

Set Up Authorization

The Search Ads 360 API requires all requests to specify an OAuth 2.0 access token for authentication. You can follow any standard OAuth 2.0 authentication workflow to generate the token and pass it to the Search Ads 360 API. We recommend the workflow described below because it is suitable for fully automated conversion uploads and report downloads.

For alternatives to the workflow described below, see Using OAuth 2.0 for Installed Applications or Using OAuth 2.0 for Server to Server Applications. If you use an alternate workflow, specify the following value as the scope parameter when you request an OAuth 2.0 authorization code:
https://www.googleapis.com/auth/doubleclicksearch
If you follow the server to server route, add the service account as a Search Ads 360 user.

Recommended authorization workflow

Go to the Google API Console and select your project.
If you haven't already created a Google API Console project and OAuth credentials, follow the instructions in Create a Google API Console project and OAuth credentials for your client.

To find your project's OAuth client ID and secret, do the following:
1. Open the Credentials page.
2. In the Name column, click the name of your OAuth client.
3. The client ID and secret are listed on the page.
Open a web browser and sign into Google with a Google Account that has permission to access data in Search Ads 360.
This is the Google Account your API client will use to authenticate with Search Ads 360. If the Google Account holder leaves your company and you remove Search Ads 360 access from the account, you will need to repeat this authorization workflow and specify a different Google Account.
Obtain a refresh token by invoking the Search Ads 360 utility script as follows:
sa360Api.py --login

The script takes you through the process of using the Oauth client ID and secret to obtain a refresh token. The refresh token is valid only for the Google Account you signed into during the previous step.
As part of this process, the script generates a URL and instructs you to visit the URL in a web browser.
When the browser asks you to allow OAuth client access to Search Ads 360 data, make sure the Google Account you signed into earlier appears. (If you're signed into multiple Google Accounts, you might be presented with a different account.)

At the end of the process, the sa360Api.py script outputs a comma-delimited string. The first value is the client ID you provided, the second value is the client secret you provided, and the third value is the refresh token. In the following example output, the refresh token is in bold text:
123456789123.apps.googleusercontent.com,ABCDEFGHIJKLMNOPQR_abcdef,1/HIJklM01OPQR23NOP456rst890uvw
Store the client ID, client secret, and refresh token in a backend database or other secure location that's accessible to your application.
Keep the entire comma-delimited string in a convenient location if you plan to use sa360Api.py to send sample JSON requests to the Search Ads 360 API. You'll pass the entire string as a parameter each time you invoke the script.
Add code to your application that does the following:
1. Use the client ID, client secret, and refresh token to obtain a fresh OAuth 2.0 access token.
2. Send requests to the Search Ads 360 API using the fresh access token.
If you're using the client libraries, the next section, Set Up Your Application, describes how to add this authorization code to your application.

If you're not using one of the client libraries, see Using OAuth 2.0 for Installed Applications for suggestions on obtaining a fresh access token.