Reputation: 1046
Authentication to google API from multiple MCCs using OAuth Playground
I have a web app that is required to upload offline conversions using Google Ads API to different Google MCC accounts managed by different agencies. I would like to authenticate to their accounts to allow this action without the need to create the consent OAuth2 screen to obtain the token. the agencies do not have access to my system (their clients do). I would like to know beforehand, if it is possible to use my client Id and client secrete to generate a refresh token in their account using OAuth playground and submit this refresh token when I authenticate to Google API. does it make sense?
Upvotes: 0
Views: 235
Answers (1)
Reputation: 117016
is possible to use my client Id and client secrete to generate a refresh token in their account using OAuth playground? and submit this refresh token when I authenticate to Google API.
Yes in the upper right hand corer you can supply your client id and client secret. However the owner of the account will need to run it though as they will need to login and consent. You will then get a refresh token back that you can use.
You will then be able to use in your code this refresh token to request a new access token that you can use to access the api.
does it make sense?
In a way yes in a way no. The issue you will have is if the refresh token expires, yes they can expire rarely but it can happen your code will need to take that into account and you will have to contact the author of the account to request a new refresh token. IMO it would be better for you to put up an authorization end point for your users on the web which they can authorize your app and then you can store their refresh token in the database.
Using the oauth2 playground for this is a messy design IMO.
verification.
Now depending upon which scopes you are going to be using your app will need to be verified. Google is going to want to see your authorization in action. I have doubts wither or not they will consider your using the Oauth2 playground as a valid authorization end point of your app.
That being said if you do go though this please let me know if they allow it or not. (Note: I have an email out to Google to find out if this is even valid use case. response below.)
I have heard back form my contact at google. This is the essence of what they said.
The intended uses for Oauth2 playground are
- testing
- development
- learning Oauth2.
It should not be used for production applications.
It is very unlikely that that an app using the Oauth2 playground as an authorization method would be able to be verified. This is because of the fact that the redirect uri would be that of playground and the developer in question does not own that domain Google does, so they would be unable to verify the domain.
In addition to the fact that it would be a security risk as the developer would need to share the client id and secret with the users who would need to authorize the app though playground. It is against googles TOS to share the client credentials with anyone.
Upvotes: 1
Related Questions
- Enable Google API OAuth Scope
- Authorizing REST API calls to GCP
- Using Google API in Node.js : Avoiding repetitive authorization
- google OAuth login for google Apps Script webapps
- How can I get an auth token for multiple scopes using android's account manager
- how to get authorization to access a single google calendar
- oAuth token for multiple services
- Authenticating Multiple Scopes in Google API Oauth2.0
- Google Script OAuth for multiple users
- Single oauth token and secret to access multiple services from google