Google Adwords API錯誤：無效的授權

Question

我收到此錯誤，嘗試使用服務帳戶和JWT與Ruby API library通過Adwords API進行身份驗證。

我在複製example provided，但它似乎並不奏效。

/home/michael/.rvm/gems/ruby-2.1.2/gems/signet-0.5.1/lib/signet/oauth_2/client.rb:941:in`fetch_access_token'：授權失敗。服務器消息：（徽記:: AuthorizationError） { 「錯誤」： 「invalid_grant」 }

adwords_api.yml

--- 
# This is an example configuration file for the AdWords API client library. 
# Please fill in the required fields, and copy it over to your home directory. 
:authentication: 
    # Authentication method, methods currently supported: OAUTH2, OAUTH2_JWT. 
    :method: OAUTH2_JWT 


    # Auth parameters for OAUTH2_JWT method. See: 
    # https://developers.google.com/accounts/docs/OAuth2ServiceAccount 
    :oauth2_issuer: 43242...apps.googleusercontent.com 
    :oauth2_secret: 'notasecret' 
    # You can provide path to a file with 'oauth2_keyfile' or the key itself with 
    # 'oauth2_key' option. 
    :oauth2_keyfile: /home/.../google-api-key.p12 
    # To impersonate a user set prn to an email address. 
    :oauth2_prn: my@email.com 

    # Other parameters. 
    :developer_token: ua...w 
    :client_customer_id: 123-123-1234 
    :user_agent: test-agent 
:service: 
    # Only production environment is available now, see: http://goo.gl/Plu3o 
    :environment: PRODUCTION 
:connection: 
    # Enable to request all responses to be compressed. 
    :enable_gzip: false 
    # If your proxy connection requires authentication, make sure to include it in 
    # the URL, e.g.: http://user:password@proxy_hostname:8080 
    # :proxy: INSERT_PROXY_HERE 
:library: 
    :log_level: INFO 

test.rb

#!/usr/bin/env ruby 

require 'adwords_api' 

def use_oauth2_jwt() 
    adwords = AdwordsApi::Api.new 

    adwords.authorize() 

    campaign_srv = adwords.service(:CampaignService, API_VERSION) 

    selector = { 
    :fields => ['Id', 'Name', 'Status'], 
    :ordering => [ 
     {:field => 'Name', :sort_order => 'ASCENDING'} 
    ] 
    } 

    response = campaign_srv.get(selector) 
    if response and response[:entries] 
    campaigns = response[:entries] 
    campaigns.each do |campaign| 
     puts "Campaign ID %d, name '%s' and status '%s'" % 
      [campaign[:id], campaign[:name], campaign[:status]] 
    end 
    else 
    puts 'No campaigns were found.' 
    end 
end 

if __FILE__ == $0 
    API_VERSION = :v201409 

    begin 
    use_oauth2_jwt() 

    # HTTP errors. 
    rescue AdsCommon::Errors::HttpError => e 
    puts "HTTP Error: %s" % e 

    # API errors. 
    rescue AdwordsApi::Errors::ApiException => e 
    puts "Message: %s" % e.message 
    puts 'Errors:' 
    e.errors.each_with_index do |error, index| 
     puts "\tError [%d]:" % (index + 1) 
     error.each do |field, value| 
     puts "\t\t%s: %s" % [field, value] 
     end 
    end 
    end 
end 

Answer 1

經過幾個小時的擺弄之後，我最終通過將oauth2_prn設置爲MCC和Google Apps for Business帳戶的主電子郵件來完成工作。

Answer 2

這將是因爲它是基於授權的，所以難以明確地回答，所以錯誤消息是榮耀的「未授權」消息。

所有我能做的，只能是表明幾件事來檢查（承認你可能通過這些去的話）：

• 您的開發人員令牌肯定顯示爲「已批准」？ （你可以在客戶端中心檢查這一點 - 通過設置COG然後帳戶，然後AdWords API中心）
• 您已經通過Google Developer Console
• 您（或您嘗試訪問該帳戶的擁有者）已經批准註冊的申請您的應用程序 - 可能是由以下this guide和肯定看到這些東西在somepoint：

如果已經檢查了所有這些，那麼唯一的其他東西我可以發uggest是official forum的帖子，他們往往很有幫助，並且經常會將「授權」問題視爲「脫機」，以查看實際的soap請求等。（我發現這比通過AdWords級別更快更簡單'support'）

祝你好運！