Closed khoinguyen19k8 closed 7 months ago
Can you verify the scope you're using when generating the refresh token? It needs to be https://www.googleapis.com/auth/dfp
.
Also, if your goal is to avoid having a file you can use a GoogleCredentialsClient
and pass in any Credentials created from the google.auth
package, like application default or a service account loaded from a dict:
https://googleapis.dev/python/google-auth/latest/reference/google.auth.html#google.auth.load_credentials_from_dict
I store my client_id, client_secret, and refresh_token in Google Secrets then retrieve them to initialize an AdManager Client. When I tried to get saved queries the server returned a 401 Unauthorized error.
It worked when I used the service account route, that is to download the service account file to local storage then create oauth2_client using GoogleServiceAccountClient. However, due to some security reason I don't want to do this and using access token only. This approach should work as it had been documented here: https://github.com/googleads/googleads-python-lib/wiki/API-access-on-behalf-of-your-clients-(web-flow)#step-2---setting-up-the-client-library.