设置授权
使用集合让一切井井有条
根据您的偏好保存内容并对其进行分类。
Search Ads 360 API 要求所有请求必须指定 OAuth 2.0 访问令牌以进行身份验证。您可以按照任何标准 OAuth 2.0 身份验证工作流生成令牌,并将其传递给 Search Ads 360 API。我们建议您采用下述工作流程,因为它适用于完全自动化的转化数据上传和报告下载。
如需了解下述工作流的替代方案,请参阅为已安装的应用使用 OAuth 2.0 或
为服务器到服务器应用使用 OAuth 2.0。如果您使用其他工作流,请在请求 OAuth 2.0 授权代码时将以下值指定为 scope
参数:
https://www.googleapis.com/auth/doubleclicksearch
如果您采用服务器到服务器方式,请将服务账号添加为 Search Ads 360 用户。
推荐的授权工作流程
- 前往 Google API 控制台,然后选择您的项目。
如果您尚未创建 Google API 控制台项目和 OAuth 凭据,请按照为您的客户端创建 Google API 控制台项目和 OAuth 凭据中的说明操作。
如需查找项目的 OAuth 客户端 ID 和密钥,请执行以下操作:
- 打开“凭据”页面。
- 在名称列中,点击您的 OAuth 客户端的名称。
- 该页面上会列出客户端 ID 和密钥。
- 打开网络浏览器,然后使用有权访问 Search Ads 360 中的数据的 Google 账号登录 Google
。
这是您的 API 客户端将用来向 Search Ads 360 进行身份验证的 Google 账号。
如果 Google 账号持有人离开贵公司,并且您从该账号中移除了 Search Ads 360 访问权限,则需要重复此授权工作流程,并指定其他 Google 账号。
- 通过调用 Search Ads 360 实用工具脚本获取刷新令牌,具体操作步骤如下:
sa360Api.py --login
该脚本会引导您完成使用 OAuth 客户端 ID 和密钥获取刷新令牌的过程。刷新令牌仅适用于您在上一步中登录的 Google 账号。
在此过程中,脚本会生成一个网址,并指示您在网络浏览器中访问该网址。
-
当浏览器要求您允许 OAuth 客户端访问 Search Ads 360 数据时,请确保系统显示您之前登录的 Google 账号。(如果您登录了多个 Google 账号,系统可能会显示其他账号。)
该过程结束后,sa360Api.py
脚本会输出一个以英文逗号分隔的字符串。第一个值是您提供的客户端 ID,第二个值是您提供的客户端密钥,第三个值是刷新令牌。在以下示例输出中,刷新令牌以粗体文本显示:
123456789123.apps.googleusercontent.com,ABCDEFGHIJKLMNOPQR_abcdef,1/HIJklM01OPQR23NOP456rst890uvw
- 将客户端 ID、客户端密钥和刷新令牌存储在您的应用可访问的后端数据库或其他安全位置。
如果您打算使用 sa360Api.py
将示例 JSON 请求发送到 Search Ads 360 API,请将整个以英文逗号分隔的字符串保存在方便访问的位置。您将在每次调用脚本时将整个字符串作为参数传递。
- 将用于执行以下操作的代码添加到应用中:
- 使用客户端 ID、客户端密钥和刷新令牌获取新的 OAuth 2.0 访问令牌。
- 使用新的访问令牌向 Search Ads 360 API 发送请求。
如果您使用的是客户端库,请参阅下一部分(设置应用),了解如何将此授权代码添加到您的应用。
如果您使用的不是上述任一客户端库,请参阅针对已安装的应用使用 OAuth 2.0,了解有关获取新访问令牌的建议。
如未另行说明,那么本页面中的内容已根据知识共享署名 4.0 许可获得了许可,并且代码示例已根据 Apache 2.0 许可获得了许可。有关详情,请参阅 Google 开发者网站政策。Java 是 Oracle 和/或其关联公司的注册商标。
最后更新时间 (UTC):2024-11-07。
[null,null,["最后更新时间 (UTC):2024-11-07。"],[[["\u003cp\u003eThe Search Ads 360 API requires OAuth 2.0 access tokens for authentication, obtainable through standard OAuth 2.0 workflows or the recommended workflow outlined in the document.\u003c/p\u003e\n"],["\u003cp\u003eThe recommended workflow involves obtaining a refresh token using the provided utility script and storing it securely along with the client ID and secret.\u003c/p\u003e\n"],["\u003cp\u003eApplications should be designed to use the stored credentials to obtain fresh access tokens for API requests, as detailed in the "Set Up Your Application" section or relevant OAuth 2.0 documentation.\u003c/p\u003e\n"],["\u003cp\u003eAlternative workflows for installed or server-to-server applications are available with specific scope requirements and user management considerations.\u003c/p\u003e\n"]]],["The Search Ads 360 API requires OAuth 2.0 access tokens for authentication. The recommended workflow involves creating a Google API Console project and obtaining OAuth credentials. Users sign into a Google Account with Search Ads 360 access, then use the `sa360Api.py` script to generate a refresh token. The script outputs client ID, client secret, and refresh token. Store these securely, and use them in your application to obtain a fresh OAuth access token for API requests.\n"],null,["# Set Up Authorization\n\nThe Search Ads 360 API requires all requests to specify an [OAuth 2.0](/accounts/docs/OAuth2)\naccess token for authentication. You can follow any standard OAuth 2.0 authentication workflow\nto generate the token and pass it to the Search Ads 360 API. We recommend the workflow described\nbelow because it is suitable for fully automated conversion uploads and report downloads.\n\n\nFor alternatives to the workflow described below, see [Using\nOAuth 2.0 for Installed Applications](https://developers.google.com/accounts/docs/OAuth2InstalledApp) or\n[Using OAuth 2.0 for Server to Server Applications](https://developers.google.com/identity/protocols/OAuth2ServiceAccount). If you use an alternate workflow,\nspecify the following value as the `scope` parameter when you request an OAuth\n2.0 authorization code: \n\n`https://www.googleapis.com/auth/doubleclicksearch`\n\nIf you follow the server to server route, add the service account as a Search Ads 360 user.\n\nRecommended authorization workflow\n----------------------------------\n\n1. Go to the [Google API Console](https://console.cloud.google.com/) and select your project.\n\n\n If you haven't already created a Google API Console project and OAuth credentials, follow\n the instructions in [Create a Google API\n Console project and OAuth credentials for your client](/search-ads/v2/prereqs#project).\n\n To find your project's OAuth client ID and secret, do the following:\n 1. Open the [Credentials page](https://console.cloud.google.com/apis/credentials).\n 2. In the **Name** column, click the name of your OAuth client.\n 3. The client ID and secret are listed on the page.\n2. Open a web browser and [sign into Google](https://accounts.google.com/ServiceLogin)with a Google Account that [has\n permission to access data](/search-ads/v2/prereqs#permissions) in Search Ads 360.\n\n This is the Google Account your API client will use to authenticate with Search Ads 360.\n If the Google Account holder leaves your company and you remove Search Ads 360 access\n from the account, you will need to repeat this authorization workflow and specify a\n different Google Account.\n3. Obtain a refresh token by invoking the [Search Ads 360 utility script](/search-ads/v2/prereqs#ds3py) as follows:\n\n\n `sa360Api.py --login`\n\n\n The script takes you through the process of using the Oauth client ID and secret to\n obtain a refresh token. The refresh token is valid only for the Google Account you signed\n into during the previous step.\n\n As part of this process, the script generates a URL and instructs you to\n visit the URL in a web browser.\n4. When the browser asks you to allow OAuth client access to Search Ads 360 data,\n make sure the Google Account you signed into earlier appears. (If you're signed into multiple\n Google Accounts, you might be presented with a different account.)\n\n\n At the end of the process, the `sa360Api.py` script outputs a comma-delimited\n string. The first value is the client ID you provided, the second value is the client\n secret you provided, and the third value is the refresh token. In the following example\n output, the refresh token is in **bold text** : \n\n `123456789123.apps.googleusercontent.com,ABCDEFGHIJKLMNOPQR_abcdef,`**1/HIJklM01OPQR23NOP456rst890uvw**\n5. Store the client ID, client secret, and refresh token in a backend database or other secure location that's accessible to your application.\n Keep the entire comma-delimited string in a convenient location if you plan to use\n `sa360Api.py` to send sample JSON requests to the Search Ads 360 API. You'll pass the\n entire string as a parameter each time you invoke the script.\n\n6. Add code to your application that does the following:\n 1. Use the client ID, client secret, and refresh token to obtain a fresh OAuth 2.0 access token.\n 2. Send requests to the Search Ads 360 API using the fresh access token.\n\n\n If you're using the client libraries, the next section, [Set Up Your Application](/search-ads/v2/configure),\n describes how to add this authorization code to your application.\n\n\n If you're not using one of the client libraries, see [Using OAuth 2.0 for Installed Applications](https://developers.google.com/accounts/docs/OAuth2InstalledApp) for\n suggestions on obtaining a fresh access token."]]