I have attempted to authenticate using this documentation and to send conversions via REST API using this REST endpoint due to the absence of a Typescript/Javascript Client Library.
However, I am encountering authentication issues. Once resolved, I aim to successfully send click conversions. Should my assumptions be incorrect, I have elaborated on my questions here. I hope the query is not too extensive. Feel free to correct me if I am mistaken.
The error I am facing can be seen here.
Configuration Overview: As per the provided guide, I have a Google Ads account with a developer token which will be utilized for sending click conversions, as demonstrated here. This token does not affect service account authentication. Hence, I have set up a service account within the Google Cloud Project with Google Ads Api enabled. This includes adding the client ID of the service account to domain-wide delegation with scope , resulting in an entry under APIs & Services as an OAuth 2.0 Client IDs. Details about this setup are here.
In addition, I have included the workspace domain in domain wide delegation and configured the OAuth consent screen with scope in Testing status with external access, although it may not be necessary for a service account.
The service account itself does not require any further permissions according to the documentation, suggesting that adding the client ID to domain wide delegation should suffice. However, I acknowledge the possibility of missing a crucial step.
Potential Issues: There could be insufficient permissions or a misunderstanding regarding the refresh token in the authenticateToGoogleAdsManager function. The JWT generated is based on Google's recommendation, yet the authentication process only returns an access token without a refresh token as anticipated.
This code snippet showcases how I execute the functions (within a test case environment, using Service Account JSON and pre-defined click conversion data).
// Generating a signed JWT
const jwt = generateJsonWebTokenForServiceAccount(
serviceAccount,
['https://www.googleapis.com/auth/adwords'],
'googleads'
)
// Authenticating to Google Ads Manager using the signed JWT
const authenticationResult = await authenticateToGoogleAdsManager(
serviceAccount.client_id,
serviceAccount.private_key,
jwt
)
console.log(authenticationResult)
// Sending the click conversion to Google Ads Manager using the access token
const test = await sendClickConversionToGoogleAdsManager(
CUSTOMERID,
clickConversion,
accessToken.access_token,
'DEV-TOKEN'
)
Below are the key functions used in the implementation:
/**
* Function to generate a JSON Web Token (JWT) for a service account.
*/
export function generateJsonWebTokenForServiceAccount(
serviceAccount: ServiceAccount,
scopes: string[],
serviceName: string = 'oauth2',
expirationTimeInSeconds = 3600
) {
...
}
/**
* Function to authenticate to Google Ads Manager using provided credentials.
*/
export async function authenticateToGoogleAdsManager(
clientId: string,
clientSecret: string,
refreshToken: string
): Promise<string> {
...
}
/**
* Function to send a click conversion to Google Ads Manager.
*/
export async function sendClickConversionToGoogleAdsManager(
customerId: number,
clickConversion: ClickConversion,
accessToken: string,
developerToken: string,
options?: ApiOptions
): Promise<void> {
...
}