Skip to content

API access on behalf of your clients (web flow)

Jump to bottom
Vincent edited this page May 27, 2016 · 3 revisions

This guide will walk you through how to setup OAuth2 for API access on behalf of your clients using web flow.

Step 1 - Creating OAuth2 credentials

Follow the steps for the product you're using to generate a client ID and secret, as well as callback URLs that can be handled by your web app, then come back to this page.

Step 2 - Setting up the client library

  1. Under the authentication section of your adwords_api.yml or dfp_api.yml file, insert your client ID and secret.
:oauth2_client_id: INSERT_OAUTH2_CLIENT_ID_HERE
:oauth2_client_secret: INSERT_OAUTH2_CLIENT_SECRET_HERE

  1. See the login_controller.rb from our Rails demo app for an example of how to handle callbacks.

  2. Call the authorize method on the API object with an additional argument specifying the :oauth2_callback. This will bring the user to a consent screen.

Consent screen allow

  1. In your callback method, call authorize again with the callback url, and the :oauth2_verification_code from the response, after the user granted access.

  2. Store the user's token along with their ID in your database so you can retrieve it the next time they login to your system, so they do not have to re-grant authorization each time.

Clone this wiki locally