Today we’re announcing the deprecation of v1 and v1.1 of the DoubleClick Ad Exchange Buyer REST API, both of which are scheduled to be sunset on December 1st, 2014. These versions are becoming increasingly less relevant as we expand on the latest and greatest version of the API—currently v1.3. We recommend that you migrate to v1.3 before this date in order to take advantage of the newest functionality and also to continue having uninterrupted access to the API. If you have not migrated from these deprecated versions by December 1st, calls against the API will return an error response.

The vast majority of users have already migrated to newer versions of the API, but if you’re among the few who haven’t, we expect it to be an easy upgrade because newer versions still support all of the resources you’re familiar with. The only changes that could cause a code break when migrating from v1 to v1.3 are in the Creatives resource; the adgroup_id field was removed and the disapprovalReasons field is no longer a list of strings. You can use the following resources to help you with your migration:

• Release Notes: A listing of all changes between versions of the API.
• Code Examples: Examples demonstrating how to use the client libraries with the most recent version of the API.
• Developer Guides: Guides covering the most recent version of the API.

Of course, if you have any questions or need help with the migration, feel free to reach out to us via the forum or the Ads Developers G+ page.

 - Mark Saniscalchi, DoubleClick Ad Exchange Team

Until now, the DFP API only supported the OAuth 2.0 native/installed application flow. The OAuth 2.0 service account flow was only supported it you had a Google Apps for Business Account. Today, we’re unveiling the new OAuth 2.0 service account flow for DFP. This authorization flow has been simplified to no longer require a Google Apps domain. We’ve also updated the DFP web UI to allow service accounts to be added to be a DFP network.

Why should I use service accounts?

Service accounts allow access to Google APIs without the need for user interaction by authenticating solely with server-to-server interactions. Other OAuth 2.0 flows require user interaction or having an application cache a refresh token.

How do I use service accounts?

1. Generate a service account key from the Google Developers Console.
2. Add the service account to your DFP network by going to the Admin tab and clicking the Add a service account user button.

3. Fill in the form with your Name, Email, Teams (if applicable), and Role. Then, click Save.

4. View existing service account users by going to the Users tab and then clicking the Service Account filter.

With the *.p12 key generated from the Google Developers Console and the service account added to the DFP network, you can now generate an OAuth 2.0 token. For example, using the Java client library:

    GoogleCredential credential = new GoogleCredential.Builder()
        .setTransport(new NetHttpTransport())
        .setJsonFactory(new GsonFactory())
        .setServiceAccountId("****@developer.gserviceaccount.com")
        .setServiceAccountScopes("https://www.googleapis.com/auth/dfp")
        .setServiceAccountPrivateKeyFromP12File(new File("/path/to/key.p12"))
        .build();

For more information, see our updated guide on using service accounts with DFP.

 - Vincent Tsao, DFP API Team

A new OAuth 2.0 scope for the AdWords API was introduced along with the v201406 client library release. The OAuth 2.0 scope identifies the service that your application can access during the authorization process.

The new scope is: https://www.googleapis.com/auth/adwords. This new scope better aligns with the naming conventions of many of the other Google APIs.

Starting today, use the new scope when authorizing access for the AdWords API regardless of the AdWords API version. All our current AdWords API client libraries use this new scope.

But I have refresh tokens from the deprecated scope...

Don’t worry if your client code is using refresh tokens authorized with the deprecated scope - they will still work. However, new authorizations should specify the new scope.

As always, if you have any questions, drop us a line on the AdWords API forum or Ads Developers Google+ page.

- Ray Tsang, AdWords API Team

ClientLogin authentication support for the AdWords API and the DoubleClick Ad Exchange API will sunset along with v201309 on July 21st, 2014. You only have 3 weeks left to migrate!

We have plenty of resources to help you migrate. It might take longer than you expect to migrate to OAuth 2.0, especially if you don't already use a single top-level MCC to manage your AdWords accounts or if you are a DoubleClick Ad Exchange customer.

Start your migration as soon as possible and reach out to us early on the AdWords API Forum or the DoubleClick Ad Exchange API Forum with any questions.

- Ray Tsang, AdWords API Team

Whether you’re just starting out with the DoubleClick Ad Exchange Buyer REST API or are working with an unfamiliar client library, our examples will help you get started! Our examples are now on GitHub and have been expanded to cover the following languages:

• C#
• Java
• PHP
• Python
• Ruby

Each of these include documentation to help you get started with the corresponding client library and demonstrate how you can use the Service Account authorization flow with the DoubleClick Ad Exchange Buyer REST API.

If you have any feedback or feature requests for these examples, we’d definitely be interested in hearing about it! Feel free to contact us via the forum or our Google+ page.

 - Mark Saniscalchi, Ad Exchange Team

ClientLogin authentication support for the AdWords API and the DoubleClick Ad Exchange SOAP API will sunset along with v201309 on July 21st, 2014. You only have two months left to migrate - don’t wait until the last minute!

We have plenty of resources to help you migrate. It might take longer than expected to migrate to OAuth2, especially if you don't already use a single top-level MCC to manage your AdWords accounts or if you are a DoubleClick Ad Exchange customer.

Start your migration as soon as possible and reach out to us early on the AdWords API Forum or the DoubleClick Ad Exchange API Forum with any questions.

- Ray Tsang, AdWords API Team

ClientLogin authentication support for the AdWords API will sunset along with v201309 on July 21st, 2014. But it doesn’t mean you should wait till the last minute to migrate!

We have plenty of resources to help you migrate. It might take longer than expected to migrate to OAuth2, especially if you don't already use a single top-level MCC to manage your AdWords accounts.

Start your migration as soon as possible and reach out to us early on the AdWords API Forum with any questions.

- Ray Tsang, AdWords API Team

Is your AdWords API client application still using ClientLogin? If so, you should start your migration from ClientLogin to OAuth 2.0 as soon as possible.

Your AdWords API client applications must be fully migrated to OAuth 2.0 before ClientLogin is sunset in June 2014, as previously announced. If you don't migrate by then, your client applications will fail -- they won't be able to access your MCC account or any AdWords account via the API.

How do I get started?

We have prepared a ClientLogin to OAuth 2.0 migration guide which includes:

• Detailed migration strategies based on use cases
• Code samples to automate parts of the migration
• Client library-specific migration videos, code, and pertinent OAuth 2.0 documentation

You don't want to worry about your applications failing, so get started now. For most developers with a single top level MCC, this migration will involve only a few configuration and code changes. But if you run into any issues with your particular application or AdWords accounts, you'll be glad you left plenty of time before the sunset to work things out.

We are here to help

If you run into any issues, or if you have any questions, please reach out to us on the AdWords API Forum.

- Ray Tsang, AdWords API Team

ClientLogin support has been deprecated across Google in favor of the security enhanced OAuth2 authentication mechanism.

AdWords and DFP will be sunsetting ClientLogin support in all API versions to be released, starting in 2014. To ensure uniform, and high, standards of privacy and security for our advertisers and publishers, we will support only OAuth2 in the future.

All current AdWords and DFP API versions, and those released during rest of year in 2013 will continue to support ClientLogin. The client libraries will retain support for ClientLogin authentication until 2013 API versions are sunset.

2013 AdWords API versions are expected to be sunset in June 2014. We will have a follow up announcement for DFP APIs.

For uninterrupted use of the APIs, please migrate to OAuth2 as soon as possible. To help you migrate, we’ve put together a comprehensive set of OAuth2 information including a video overview, links to documentation and a full list of client library resources.

With so many users already migrated, most questions have been answered in either the AdWords API forum or the DFP API forum. To get face-to-face assistance, attend one of our upcoming Office Hours sessions focusing on ClientLogin to OAuth2 migration.

- Paul Matthews, AdWords API Team

We are glad to announce that AdWords scripts now uses OAuth2 for authorization. In addition to streamlining the authorization flow, this change also increases the limit of number of scripts per user to 250.

When you create a new script, you will be prompted to authorize the script to access your account on your behalf. When you click the “Authorize Now” button, a “Request for Permission” dialog that lists the Google services required by your script will be displayed. You can review and grant the requested permissions to authorize the script. As of now, AdWords scripts request permissions for the following Google services:

• Send email as you 
• View and manage your spreadsheets in Google Drive 
• Manage your AdWords campaigns
• Perform these operations when you are offline.

As we add support for more Google services in AdWords scripts, this list may expand to include newer services.

To list all the scripts you have authorized:

• Sign in on the Google Accounts homepage.
• Click the Security tab, and select "Manage access" under "Connected applications and sites." This page lists the third-party sites you selected to always approve for Google authentication. Your authorized AdWords scripts can be found on this page.

If you wish to revoke access to a script, you may do so by clicking the corresponding “Revoke Access” button.

We hope you enjoy this new feature. If you have questions or feedback, please visit us on our official forum.

 - Anash P. Oommen, AdWords Scripts Team

Update: we have recently migrated code projects to GitHub and the links in the table below now point to new locations.


If you’re not using OAuth2, this blog post is aimed at you. OAuth2 is the preferred authorization mechanism at Google. That’s mainly because it’s simpler and easier to use than OAuth1 but also because it’s a lot safer than Client Login. In addition, if you’re still using Client Login you should be aware it’s deprecated.

The following video shows what you need to get started with OAuth2 for Ads. It explains what OAuth2 is, how it works, how to use it with our APIs, the different flows of OAuth2 and some best practices. If you just need the client library resources to get started, skip ahead to the Client Libraries section to get all the resources you’ll need to make the switch.

After watching the video you will understand:

• OAuth2:
• The Authorization mechanism
• Better than Client Login:
• OAuth2 is more secure
• More specific access control
• No CAPTCHA challenges
• Using OAuth2:
• Registering your application
• Making the authentication requests
• Where OAuth2 tokens fit into regular service calls
• Implementing OAuth2:
• Full support in our client libraries
• What refresh and access tokens are
• Authorization Flows:
• Installed Applications Flow
• Web Server Flow
• Best Practices:
• Storing refresh_tokens

With that knowledge, updating your applications to use OAuth2 should be trivial. All the client libraries have comprehensive support for OAuth2 and helpful examples to demonstrate its use. For further information on configuring OAuth2 in any of the libraries, see the table below.

Client Library OAuth2 Resources

Library	AdWords / DoubleClick Ad Exchange	DoubleClick For Advertisers	DoubleClick For Publishers
Java	Wiki Page Code Example	Wiki Page Code Example	Wiki Page Code Example
Python	Wiki Page Code Example	Wiki Page Code Example	Wiki Page Code Example
Ruby	Wiki Page Code Example		Wiki Page Code Example
Perl	Wiki Page Code Example
.Net	Wiki Page Code Example	Wiki Page Code Example	Wiki Page Code Example
PHP	Wiki Page Code Example		Wiki Page Code Example

 - Paul Matthews, AdWords API Team

An authorization method is a scheme the client application uses to gain access to account information. AdWords, DoubleClick Ad Exchange Buyer and DFP APIs support several authorization methods including ClientLogin, OAuth1.0a and OAuth2.0. If you are still using an email address and a password to access the API, you are using the ClientLogin method which is now deprecated and is scheduled for sunset.

In a previous blog post we’ve covered general aspects of OAuth2.0 authorization and its benefits. To describe the process in more details, we’ve created a new article that shows how to use it with our official Ruby client library.

As always, please feel free to ask any questions regarding the client libraries or the AdWords API on our forum or during scheduled office hours. You can also follow the Google Ads Developer page for all Ads-related updates.

 - Danial Klimkin, Ads Developer Relations Team.

Authorization is an important concern when writing software that interacts with Google’s Ads APIs. We’ve recently improved our documentation and published resources documenting how to use OAuth2 with many of our Ads APIs.

OAuth2 is an authorization flow that allows you to direct a user to a specially crafted Google URL where they grant permissions to your software to make changes to their account. With an authorized access token, you can make requests to Ads APIs on the user’s behalf. Benefits include:

• Users don’t need to provide a username and password - they just log into Google.
• No CAPTCHA challenges.
• Limited scope - the user will only be prompted to grant access to a specific part of their account. For example, they could grant access to AdWords without the application being able to see their email or calendar.

OAuth2 is supported by:

• AdWords API
• DoubleClick for Advertisers Reporting API
• DoubleClick for Advertisers Trafficking API
• AdSense Host API (v4)
• AdSense Management API
• DoubleClick for Publishers API
• DoubleClick Ad Exchange Buyer REST API

The Ads API client libraries supported by Google have built-in support for OAuth2. We’ve included examples demonstrating how to use this feature in all client libraries. See your respective product and language product sites for more information on OAuth2.

We’re also hosting a Google Developers Live event covering how to use OAuth2 on August 23rd. This will be recorded if you can’t make it. If you have any questions about OAuth2, please post on the respective product API forums.

 - Kevin Winter, AdWords API Team