SlideShare a Scribd company logo

AdWords API & OAuth 2.0, Advanced

M
marcwan
TechnologyBusiness
1 of 31
Download to read offline
Google Inc - All Rights Reserved
AdWords API - Using OAuth 2.0 Advanced usage Ray Tsang, Google, Inc. Danial Klimkin, Google, Inc.
Agenda ● Hopefully you are already using OAuth 2.0! ● Issue with unoptimized OAuth 2.0 requests ● Solutions ● Resources
Google Inc. - All Rights Reserved Refresher OAuth 2.0????
Google Inc. - All Rights Reserved ClientLogin is going away You must migrate to OAuth 2.0 ASAP ClientLogin is Going Away!
Google Inc. - All Rights Reserved Secure ○ Users enter their username/password in secure Google login page ○ Third-party application won’t receive nor store the password ○ Reduced impact if OAuth 2.0 access is compromised More Control ○ Restrict access via “scopes” ○ User can revoke access at will Standards driven ○ RFC 6749 ○ Used by many large service providers, including Google Why OAuth 2.0?
Google Inc. - All Rights Reserved Already using OAuth 2.0? Great to hear! Watch out for some common issues
Google Inc. - All Rights Reserved Access Token Expiration Anticipate the possibility that a granted token might no longer work ○ The access token has expired (expires_in value) ○ The user has revoked access ○ The account has exceeded a certain number of active token for the same application
Google Inc. - All Rights Reserved The refresh token expired if unused for six months. 25 refresh token limit per user per application ○ When exceeded, oldest refresh token is quietly invalidated ○ no user-visible warning - your application need to handle this You should only need one refresh token per user Refresh Token Expiration
Google Inc. - All Rights Reserved When an access token has expired or revoked: AuthenticationError.OAUTH_TOKEN_INVALID Cause: access token expired Resolution: get a new access token with the refresh token AuthenticationError.INVALID_GRANT_ERROR Cause: access revoked Resolution: re-authorize via the authorization URL (the consent screen) Common Errors
Google Inc. - All Rights Reserved Revoking Access
Google Inc. - All Rights Reserved Rate Limits There is a rate limit for obtaining the access token QPS may change over time based on different conditions Beware in multi-threaded and/or multi-server environment Be ready for it in Production!
Google Inc. - All Rights Reserved Multithreaded Environment Client Application Thread 1 Thread 2 Thread N . . . I have a refresh token, I need an access token! I have a refresh token, I need an access token! I have a refresh token, I need an access token!
Google Inc. - All Rights Reserved Multi-Server / Multi-Process Environment Client Application . . . I have a refresh token, I need an access token! I have a refresh token, I need an access token! I have a refresh token, I need an access token! Client Application Client Application
Google Inc. - All Rights Reserved Client ApplicationClient Application Put Them Together Client Application Thread 1 Thread 2 Thread N . . .
Google Inc. - All Rights Reserved What’s Your Platform Like? .Net
Google Inc. - All Rights Reserved Sharing the access token Sharing is caring
Google Inc. - All Rights Reserved Share the token and the expiration time Access token Calculated expiration time 12 6 39 T1 expires_in Te
Google Inc. - All Rights Reserved Multithreaded platforms can share data among threads Must be thread-safe Use the singleton pattern Use a Singleton Credential object in Java can be shared
Google Inc. - All Rights Reserved Minimize Access Token Requests Client Application Thread 1 Thread 2 Thread N . . . I have a refresh token, I need an access token! I’ll re-use the Credential I’ll re-use the Credential
Google Inc. - All Rights Reserved Minimize the number of initial access token requests is half the problem When access token expires - minimize refresh requests! Handling Expiration Credential object in Java handles expiration
Google Inc. - All Rights Reserved Use a shared storage ○ In-memory: Memcached, Infinispan, Ehcache, ... ○ Persistent: RDBMS, MongoDB, … Store securely! Don’t forget to check for expirations Use Shared storage
Google Inc. - All Rights Reserved Using a Shared Storage Client Application . . . Client Application Shared Storage 1. Check if unexpired access token is already in the shared storage Client Application 2. If expired, use the refresh token to get an access token 3. Write the credential back to the shared storage 4. Check if unexpired access token is already in the shared storage
Google Inc. - All Rights Reserved Worst case scenario: All processes simultaneously read expired access token from the shared storage ● Avoid race conditions ● Eagerly refresh stored credentials before it expires ○ e.g., If access token expires in 1 hr, refresh in 45 minutes Proactive Refresh Make sure server clocks are in sync (use NTP)
Google Inc. - All Rights Reserved Proactive Refresh Client Application Shared Storage Check if unexpired access token is already in the shared storage Periodic Refresher 1. Use the refresh token to get a new access token 2. Write the credential back to the shared storage
Google Inc. - All Rights Reserved Centralize OAuth 2.0 access token management ○ Retrieval ○ Refresh ○ Storage Service-oriented approach OAuth 2.0 Token Management Server Example - OAuth 2.0 Key Cache
Google Inc. - All Rights Reserved Using a Token Management Server Client Application Token Mgmt Server 1. I need the access token 2. Here you go! O ops! Expired, let m e fetch another one.
Google Inc. - All Rights Reserved Refresh token and access token = Credentials Store them securely! Last Note - Security!
Google Inc. - All Rights Reserved Resources Download links AdWords API OAuth 2.0 Guide Optimizing OAuth 2.0 Requests for AdWords API Google OAuth 2.0 Documentation
Google Inc. - All Rights Reserved Questions?
Google Inc. - All Rights Reserved

Recommended

Getting Started with AdWords API and Google Analytics
Getting Started with AdWords API and Google AnalyticsGetting Started with AdWords API and Google Analytics
Getting Started with AdWords API and Google Analyticsmarcwan
 
Opportunity Analysis with Kratu (v2)
Opportunity Analysis with Kratu (v2)Opportunity Analysis with Kratu (v2)
Opportunity Analysis with Kratu (v2)marcwan
 
Opportunity Analysis with Kratu
Opportunity Analysis with KratuOpportunity Analysis with Kratu
Opportunity Analysis with Kratumarcwan
 
Google Cloud Next 2021 Recap
Google Cloud Next 2021 Recap Google Cloud Next 2021 Recap
Google Cloud Next 2021 RecapErvin Weber
 
AdWords API and OAuth 2.0
AdWords API and OAuth 2.0AdWords API and OAuth 2.0
AdWords API and OAuth 2.0marcwan
 
Reporting Tips and Tricks (Spanish)
Reporting Tips and Tricks (Spanish)Reporting Tips and Tricks (Spanish)
Reporting Tips and Tricks (Spanish)marcwan
 
Rate limits and performance (Spanish)
Rate limits and performance (Spanish)Rate limits and performance (Spanish)
Rate limits and performance (Spanish)marcwan
 
AwReporting tool introduction (Spanish)
AwReporting tool introduction (Spanish)AwReporting tool introduction (Spanish)
AwReporting tool introduction (Spanish)marcwan
 

Recommended

Getting Started with AdWords API and Google Analytics
Getting Started with AdWords API and Google AnalyticsGetting Started with AdWords API and Google Analytics
Getting Started with AdWords API and Google Analyticsmarcwan
 
Opportunity Analysis with Kratu (v2)
Opportunity Analysis with Kratu (v2)Opportunity Analysis with Kratu (v2)
Opportunity Analysis with Kratu (v2)marcwan
 
Opportunity Analysis with Kratu
Opportunity Analysis with KratuOpportunity Analysis with Kratu
Opportunity Analysis with Kratumarcwan
 
Google Cloud Next 2021 Recap
Google Cloud Next 2021 Recap Google Cloud Next 2021 Recap
Google Cloud Next 2021 RecapErvin Weber
 
AdWords API and OAuth 2.0
AdWords API and OAuth 2.0AdWords API and OAuth 2.0
AdWords API and OAuth 2.0marcwan
 
Reporting Tips and Tricks (Spanish)
Reporting Tips and Tricks (Spanish)Reporting Tips and Tricks (Spanish)
Reporting Tips and Tricks (Spanish)marcwan
 
Rate limits and performance (Spanish)
Rate limits and performance (Spanish)Rate limits and performance (Spanish)
Rate limits and performance (Spanish)marcwan
 
AwReporting tool introduction (Spanish)
AwReporting tool introduction (Spanish)AwReporting tool introduction (Spanish)
AwReporting tool introduction (Spanish)marcwan
 
OAuth 2.0
OAuth 2.0 OAuth 2.0
OAuth 2.0 marcwan
 
Android Security: Defending Your Users
Android Security: Defending Your UsersAndroid Security: Defending Your Users
Android Security: Defending Your UsersCommonsWare
 
Cloud Computing
Cloud ComputingCloud Computing
Cloud ComputingOmar Fathy
 
OAuth Base Camp
OAuth Base CampOAuth Base Camp
OAuth Base CampOliver Pfaff
 
Accessing Google Cloud APIs
Accessing Google Cloud APIsAccessing Google Cloud APIs
Accessing Google Cloud APIswesley chun
 
GCCP Session 2.pptx
GCCP Session 2.pptxGCCP Session 2.pptx
GCCP Session 2.pptxDSCIITPatna
 
Six Strategies for Protecting Mobile Games Against Hackers, Crackers, and Cop...
Six Strategies for Protecting Mobile Games Against Hackers, Crackers, and Cop...Six Strategies for Protecting Mobile Games Against Hackers, Crackers, and Cop...
Six Strategies for Protecting Mobile Games Against Hackers, Crackers, and Cop...AppSolid by SEWORKS
 
OAuth for QuickBooks Online REST Services
OAuth for QuickBooks Online REST ServicesOAuth for QuickBooks Online REST Services
OAuth for QuickBooks Online REST ServicesIntuit Developer
 
OpenNebulaConf2019 - How We Use GOCA to Manage our OpenNebula Cloud - Jean-Ph...
OpenNebulaConf2019 - How We Use GOCA to Manage our OpenNebula Cloud - Jean-Ph...OpenNebulaConf2019 - How We Use GOCA to Manage our OpenNebula Cloud - Jean-Ph...
OpenNebulaConf2019 - How We Use GOCA to Manage our OpenNebula Cloud - Jean-Ph...OpenNebula Project
 
Using GOCA to Manage OpenNebula - Iguane Solutions
Using GOCA to Manage OpenNebula - Iguane SolutionsUsing GOCA to Manage OpenNebula - Iguane Solutions
Using GOCA to Manage OpenNebula - Iguane SolutionsSally Laouacheria
 
Secrets of Google VRP by: Krzysztof Kotowicz, Google Security Team
Secrets of Google VRP by: Krzysztof Kotowicz, Google Security TeamSecrets of Google VRP by: Krzysztof Kotowicz, Google Security Team
Secrets of Google VRP by: Krzysztof Kotowicz, Google Security TeamOWASP Delhi
 
Troubles with Large Identity Providers.pptx
Troubles with Large Identity Providers.pptxTroubles with Large Identity Providers.pptx
Troubles with Large Identity Providers.pptxYury Leonychev
 
Gcp intro-20160721
Gcp intro-20160721Gcp intro-20160721
Gcp intro-20160721Haeseung Lee
 
NLP for videos: Understanding customers' feelings in videos - Albert Lewandow...
NLP for videos: Understanding customers' feelings in videos - Albert Lewandow...NLP for videos: Understanding customers' feelings in videos - Albert Lewandow...
NLP for videos: Understanding customers' feelings in videos - Albert Lewandow...GetInData
 
GDSC Study Jam Session 1
GDSC Study Jam Session 1GDSC Study Jam Session 1
GDSC Study Jam Session 1SahithiGurlinka
 
API Security - OWASP top 10 for APIs + tips for pentesters
API Security - OWASP top 10 for APIs + tips for pentestersAPI Security - OWASP top 10 for APIs + tips for pentesters
API Security - OWASP top 10 for APIs + tips for pentestersInon Shkedy
 
Platform Security IRL: Busting Buzzwords & Building Better
Platform Security IRL: Busting Buzzwords & Building BetterPlatform Security IRL: Busting Buzzwords & Building Better
Platform Security IRL: Busting Buzzwords & Building BetterEqual Experts
 
Cloud security - the most vital today for your business and product that uses...
Cloud security - the most vital today for your business and product that uses...Cloud security - the most vital today for your business and product that uses...
Cloud security - the most vital today for your business and product that uses...James DeLuccia IV
 
Progressive Web Apps by Millicent Convento
Progressive Web Apps by Millicent ConventoProgressive Web Apps by Millicent Convento
Progressive Web Apps by Millicent ConventoDEVCON
 
Create a Data Encryption Strategy using ADE
Create a Data Encryption Strategy using ADECreate a Data Encryption Strategy using ADE
Create a Data Encryption Strategy using ADERocket Software
 
Mcc scripts deck (日本語)
Mcc scripts deck (日本語)Mcc scripts deck (日本語)
Mcc scripts deck (日本語)marcwan
 
Getting started with Google Analytics and the AdWords API
Getting started with Google Analytics and the AdWords APIGetting started with Google Analytics and the AdWords API
Getting started with Google Analytics and the AdWords APImarcwan
 

More Related Content

Similar to AdWords API & OAuth 2.0, Advanced

OAuth 2.0
OAuth 2.0 OAuth 2.0
OAuth 2.0 marcwan
 
Android Security: Defending Your Users
Android Security: Defending Your UsersAndroid Security: Defending Your Users
Android Security: Defending Your UsersCommonsWare
 
Cloud Computing
Cloud ComputingCloud Computing
Cloud ComputingOmar Fathy
 
Accessing Google Cloud APIs
Accessing Google Cloud APIsAccessing Google Cloud APIs
Accessing Google Cloud APIswesley chun
 
GCCP Session 2.pptx
GCCP Session 2.pptxGCCP Session 2.pptx
GCCP Session 2.pptxDSCIITPatna
 
Six Strategies for Protecting Mobile Games Against Hackers, Crackers, and Cop...
Six Strategies for Protecting Mobile Games Against Hackers, Crackers, and Cop...Six Strategies for Protecting Mobile Games Against Hackers, Crackers, and Cop...
Six Strategies for Protecting Mobile Games Against Hackers, Crackers, and Cop...AppSolid by SEWORKS
 
OAuth for QuickBooks Online REST Services
OAuth for QuickBooks Online REST ServicesOAuth for QuickBooks Online REST Services
OAuth for QuickBooks Online REST ServicesIntuit Developer
 
OpenNebulaConf2019 - How We Use GOCA to Manage our OpenNebula Cloud - Jean-Ph...
OpenNebulaConf2019 - How We Use GOCA to Manage our OpenNebula Cloud - Jean-Ph...OpenNebulaConf2019 - How We Use GOCA to Manage our OpenNebula Cloud - Jean-Ph...
OpenNebulaConf2019 - How We Use GOCA to Manage our OpenNebula Cloud - Jean-Ph...OpenNebula Project
 
Using GOCA to Manage OpenNebula - Iguane Solutions
Using GOCA to Manage OpenNebula - Iguane SolutionsUsing GOCA to Manage OpenNebula - Iguane Solutions
Using GOCA to Manage OpenNebula - Iguane SolutionsSally Laouacheria
 
Secrets of Google VRP by: Krzysztof Kotowicz, Google Security Team
Secrets of Google VRP by: Krzysztof Kotowicz, Google Security TeamSecrets of Google VRP by: Krzysztof Kotowicz, Google Security Team
Secrets of Google VRP by: Krzysztof Kotowicz, Google Security TeamOWASP Delhi
 
Troubles with Large Identity Providers.pptx
Troubles with Large Identity Providers.pptxTroubles with Large Identity Providers.pptx
Troubles with Large Identity Providers.pptxYury Leonychev
 
Gcp intro-20160721
Gcp intro-20160721Gcp intro-20160721
Gcp intro-20160721Haeseung Lee
 
NLP for videos: Understanding customers' feelings in videos - Albert Lewandow...
NLP for videos: Understanding customers' feelings in videos - Albert Lewandow...NLP for videos: Understanding customers' feelings in videos - Albert Lewandow...
NLP for videos: Understanding customers' feelings in videos - Albert Lewandow...GetInData
 
GDSC Study Jam Session 1
GDSC Study Jam Session 1GDSC Study Jam Session 1
GDSC Study Jam Session 1SahithiGurlinka
 
API Security - OWASP top 10 for APIs + tips for pentesters
API Security - OWASP top 10 for APIs + tips for pentestersAPI Security - OWASP top 10 for APIs + tips for pentesters
API Security - OWASP top 10 for APIs + tips for pentestersInon Shkedy
 
Platform Security IRL: Busting Buzzwords & Building Better
Platform Security IRL: Busting Buzzwords & Building BetterPlatform Security IRL: Busting Buzzwords & Building Better
Platform Security IRL: Busting Buzzwords & Building BetterEqual Experts
 
Cloud security - the most vital today for your business and product that uses...
Cloud security - the most vital today for your business and product that uses...Cloud security - the most vital today for your business and product that uses...
Cloud security - the most vital today for your business and product that uses...James DeLuccia IV
 
Progressive Web Apps by Millicent Convento
Progressive Web Apps by Millicent ConventoProgressive Web Apps by Millicent Convento
Progressive Web Apps by Millicent ConventoDEVCON
 
Create a Data Encryption Strategy using ADE
Create a Data Encryption Strategy using ADECreate a Data Encryption Strategy using ADE
Create a Data Encryption Strategy using ADERocket Software
 

Similar to AdWords API & OAuth 2.0, Advanced (20)

OAuth 2.0
OAuth 2.0 OAuth 2.0
OAuth 2.0
 
Android Security: Defending Your Users
Android Security: Defending Your UsersAndroid Security: Defending Your Users
Android Security: Defending Your Users
 
Cloud Computing
Cloud ComputingCloud Computing
Cloud Computing
 
OAuth Base Camp
OAuth Base CampOAuth Base Camp
OAuth Base Camp
 
Accessing Google Cloud APIs
Accessing Google Cloud APIsAccessing Google Cloud APIs
Accessing Google Cloud APIs
 
GCCP Session 2.pptx
GCCP Session 2.pptxGCCP Session 2.pptx
GCCP Session 2.pptx
 
Six Strategies for Protecting Mobile Games Against Hackers, Crackers, and Cop...
Six Strategies for Protecting Mobile Games Against Hackers, Crackers, and Cop...Six Strategies for Protecting Mobile Games Against Hackers, Crackers, and Cop...
Six Strategies for Protecting Mobile Games Against Hackers, Crackers, and Cop...
 
OAuth for QuickBooks Online REST Services
OAuth for QuickBooks Online REST ServicesOAuth for QuickBooks Online REST Services
OAuth for QuickBooks Online REST Services
 
OpenNebulaConf2019 - How We Use GOCA to Manage our OpenNebula Cloud - Jean-Ph...
OpenNebulaConf2019 - How We Use GOCA to Manage our OpenNebula Cloud - Jean-Ph...OpenNebulaConf2019 - How We Use GOCA to Manage our OpenNebula Cloud - Jean-Ph...
OpenNebulaConf2019 - How We Use GOCA to Manage our OpenNebula Cloud - Jean-Ph...
 
Using GOCA to Manage OpenNebula - Iguane Solutions
Using GOCA to Manage OpenNebula - Iguane SolutionsUsing GOCA to Manage OpenNebula - Iguane Solutions
Using GOCA to Manage OpenNebula - Iguane Solutions
 
Secrets of Google VRP by: Krzysztof Kotowicz, Google Security Team
Secrets of Google VRP by: Krzysztof Kotowicz, Google Security TeamSecrets of Google VRP by: Krzysztof Kotowicz, Google Security Team
Secrets of Google VRP by: Krzysztof Kotowicz, Google Security Team
 
Troubles with Large Identity Providers.pptx
Troubles with Large Identity Providers.pptxTroubles with Large Identity Providers.pptx
Troubles with Large Identity Providers.pptx
 
Gcp intro-20160721
Gcp intro-20160721Gcp intro-20160721
Gcp intro-20160721
 
NLP for videos: Understanding customers' feelings in videos - Albert Lewandow...
NLP for videos: Understanding customers' feelings in videos - Albert Lewandow...NLP for videos: Understanding customers' feelings in videos - Albert Lewandow...
NLP for videos: Understanding customers' feelings in videos - Albert Lewandow...
 
GDSC Study Jam Session 1
GDSC Study Jam Session 1GDSC Study Jam Session 1
GDSC Study Jam Session 1
 
API Security - OWASP top 10 for APIs + tips for pentesters
API Security - OWASP top 10 for APIs + tips for pentestersAPI Security - OWASP top 10 for APIs + tips for pentesters
API Security - OWASP top 10 for APIs + tips for pentesters
 
Platform Security IRL: Busting Buzzwords & Building Better
Platform Security IRL: Busting Buzzwords & Building BetterPlatform Security IRL: Busting Buzzwords & Building Better
Platform Security IRL: Busting Buzzwords & Building Better
 
Cloud security - the most vital today for your business and product that uses...
Cloud security - the most vital today for your business and product that uses...Cloud security - the most vital today for your business and product that uses...
Cloud security - the most vital today for your business and product that uses...
 
Progressive Web Apps by Millicent Convento
Progressive Web Apps by Millicent ConventoProgressive Web Apps by Millicent Convento
Progressive Web Apps by Millicent Convento
 
Create a Data Encryption Strategy using ADE
Create a Data Encryption Strategy using ADECreate a Data Encryption Strategy using ADE
Create a Data Encryption Strategy using ADE
 

More from marcwan

Mcc scripts deck (日本語)
Mcc scripts deck (日本語)Mcc scripts deck (日本語)
Mcc scripts deck (日本語)marcwan
 
Getting started with Google Analytics and the AdWords API
Getting started with Google Analytics and the AdWords APIGetting started with Google Analytics and the AdWords API
Getting started with Google Analytics and the AdWords APImarcwan
 
Bid Estimation with the AdWords API (v2)
Bid Estimation with the AdWords API (v2)Bid Estimation with the AdWords API (v2)
Bid Estimation with the AdWords API (v2)marcwan
 
07. feeds update
07. feeds update07. feeds update
07. feeds updatemarcwan
 
AdWords Scripts and MCC Scripting
AdWords Scripts and MCC ScriptingAdWords Scripts and MCC Scripting
AdWords Scripts and MCC Scriptingmarcwan
 
AwReporting Update
AwReporting UpdateAwReporting Update
AwReporting Updatemarcwan
 
Shopping Campaigns and AdWords API
Shopping Campaigns and AdWords APIShopping Campaigns and AdWords API
Shopping Campaigns and AdWords APImarcwan
 
API Updates for v201402
API Updates for v201402API Updates for v201402
API Updates for v201402marcwan
 
AdWords API Targeting Options
AdWords API Targeting OptionsAdWords API Targeting Options
AdWords API Targeting Optionsmarcwan
 
OAuth 2.0 (Spanish)
OAuth 2.0 (Spanish)OAuth 2.0 (Spanish)
OAuth 2.0 (Spanish)marcwan
 
End to-end how to build a platform (Spanish)
End to-end how to build a platform (Spanish)End to-end how to build a platform (Spanish)
End to-end how to build a platform (Spanish)marcwan
 
Api update rundown (Spanish)
Api update rundown (Spanish)Api update rundown (Spanish)
Api update rundown (Spanish)marcwan
 
AdWords Scripts (Spanish)
AdWords Scripts (Spanish)AdWords Scripts (Spanish)
AdWords Scripts (Spanish)marcwan
 
Mobile landing pages (Spanish)
Mobile landing pages (Spanish)Mobile landing pages (Spanish)
Mobile landing pages (Spanish)marcwan
 
Rate limits and performance
Rate limits and performanceRate limits and performance
Rate limits and performancemarcwan
 
OAuth 2.0 refresher
OAuth 2.0 refresherOAuth 2.0 refresher
OAuth 2.0 refreshermarcwan
 
Mobile landing pages
Mobile landing pagesMobile landing pages
Mobile landing pagesmarcwan
 
End to-end how to build a platform
End to-end how to build a platformEnd to-end how to build a platform
End to-end how to build a platformmarcwan
 
AwReporting Tool
AwReporting ToolAwReporting Tool
AwReporting Toolmarcwan
 
Api update rundown
Api update rundownApi update rundown
Api update rundownmarcwan
 

More from marcwan (20)

Mcc scripts deck (日本語)
Mcc scripts deck (日本語)Mcc scripts deck (日本語)
Mcc scripts deck (日本語)
 
Getting started with Google Analytics and the AdWords API
Getting started with Google Analytics and the AdWords APIGetting started with Google Analytics and the AdWords API
Getting started with Google Analytics and the AdWords API
 
Bid Estimation with the AdWords API (v2)
Bid Estimation with the AdWords API (v2)Bid Estimation with the AdWords API (v2)
Bid Estimation with the AdWords API (v2)
 
07. feeds update
07. feeds update07. feeds update
07. feeds update
 
AdWords Scripts and MCC Scripting
AdWords Scripts and MCC ScriptingAdWords Scripts and MCC Scripting
AdWords Scripts and MCC Scripting
 
AwReporting Update
AwReporting UpdateAwReporting Update
AwReporting Update
 
Shopping Campaigns and AdWords API
Shopping Campaigns and AdWords APIShopping Campaigns and AdWords API
Shopping Campaigns and AdWords API
 
API Updates for v201402
API Updates for v201402API Updates for v201402
API Updates for v201402
 
AdWords API Targeting Options
AdWords API Targeting OptionsAdWords API Targeting Options
AdWords API Targeting Options
 
OAuth 2.0 (Spanish)
OAuth 2.0 (Spanish)OAuth 2.0 (Spanish)
OAuth 2.0 (Spanish)
 
End to-end how to build a platform (Spanish)
End to-end how to build a platform (Spanish)End to-end how to build a platform (Spanish)
End to-end how to build a platform (Spanish)
 
Api update rundown (Spanish)
Api update rundown (Spanish)Api update rundown (Spanish)
Api update rundown (Spanish)
 
AdWords Scripts (Spanish)
AdWords Scripts (Spanish)AdWords Scripts (Spanish)
AdWords Scripts (Spanish)
 
Mobile landing pages (Spanish)
Mobile landing pages (Spanish)Mobile landing pages (Spanish)
Mobile landing pages (Spanish)
 
Rate limits and performance
Rate limits and performanceRate limits and performance
Rate limits and performance
 
OAuth 2.0 refresher
OAuth 2.0 refresherOAuth 2.0 refresher
OAuth 2.0 refresher
 
Mobile landing pages
Mobile landing pagesMobile landing pages
Mobile landing pages
 
End to-end how to build a platform
End to-end how to build a platformEnd to-end how to build a platform
End to-end how to build a platform
 
AwReporting Tool
AwReporting ToolAwReporting Tool
AwReporting Tool
 
Api update rundown
Api update rundownApi update rundown
Api update rundown
 

Recently uploaded

Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsMark Billinghurst
 
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024BookNet Canada
 
SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024Lorenzo Miniero
 
The Future of Software Development - Devin AI Innovative Approach.pdf
The Future of Software Development - Devin AI Innovative Approach.pdfThe Future of Software Development - Devin AI Innovative Approach.pdf
The Future of Software Development - Devin AI Innovative Approach.pdfSeasiaInfotech2
 
Developer Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLDeveloper Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLScyllaDB
 
Search Engine Optimization SEO PDF for 2024.pdf
Search Engine Optimization SEO PDF for 2024.pdfSearch Engine Optimization SEO PDF for 2024.pdf
Search Engine Optimization SEO PDF for 2024.pdfRankYa
 
Install Stable Diffusion in windows machine
Install Stable Diffusion in windows machineInstall Stable Diffusion in windows machine
Install Stable Diffusion in windows machinePadma Pradeep
 
"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii SoldatenkoFwdays
 
Training state-of-the-art general text embedding
Training state-of-the-art general text embeddingTraining state-of-the-art general text embedding
Training state-of-the-art general text embeddingZilliz
 
Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 3652toLead Limited
 
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
"Federated learning: out of reach no matter how close",Oleksandr LapshynFwdays
 
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationBeyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationSafe Software
 
Powerpoint exploring the locations used in television show Time Clash
Powerpoint exploring the locations used in television show Time ClashPowerpoint exploring the locations used in television show Time Clash
Powerpoint exploring the locations used in television show Time Clashcharlottematthew16
 
WordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your BrandWordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your Brandgvaughan
 
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticsKotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticscarlostorres15106
 
My INSURER PTE LTD - Insurtech Innovation Award 2024
My INSURER PTE LTD - Insurtech Innovation Award 2024My INSURER PTE LTD - Insurtech Innovation Award 2024
My INSURER PTE LTD - Insurtech Innovation Award 2024The Digital Insurer
 
Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Mattias Andersson
 
Dev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebDev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebUiPathCommunity
 
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)Bun (KitWorks Team Study 노별마루 발표 2024.4.22)
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)Wonjun Hwang
 

Recently uploaded (20)

Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR Systems
 
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
 
SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024
 
The Future of Software Development - Devin AI Innovative Approach.pdf
The Future of Software Development - Devin AI Innovative Approach.pdfThe Future of Software Development - Devin AI Innovative Approach.pdf
The Future of Software Development - Devin AI Innovative Approach.pdf
 
Developer Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLDeveloper Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQL
 
Search Engine Optimization SEO PDF for 2024.pdf
Search Engine Optimization SEO PDF for 2024.pdfSearch Engine Optimization SEO PDF for 2024.pdf
Search Engine Optimization SEO PDF for 2024.pdf
 
Install Stable Diffusion in windows machine
Install Stable Diffusion in windows machineInstall Stable Diffusion in windows machine
Install Stable Diffusion in windows machine
 
"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko
 
Training state-of-the-art general text embedding
Training state-of-the-art general text embeddingTraining state-of-the-art general text embedding
Training state-of-the-art general text embedding
 
Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365
 
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
 
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationBeyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
 
Powerpoint exploring the locations used in television show Time Clash
Powerpoint exploring the locations used in television show Time ClashPowerpoint exploring the locations used in television show Time Clash
Powerpoint exploring the locations used in television show Time Clash
 
WordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your BrandWordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your Brand
 
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticsKotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
 
My INSURER PTE LTD - Insurtech Innovation Award 2024
My INSURER PTE LTD - Insurtech Innovation Award 2024My INSURER PTE LTD - Insurtech Innovation Award 2024
My INSURER PTE LTD - Insurtech Innovation Award 2024
 
Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?
 
Dev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebDev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio Web
 
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptxE-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
 
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)Bun (KitWorks Team Study 노별마루 발표 2024.4.22)
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)
 

AdWords API & OAuth 2.0, Advanced

  • 1. Google Inc - All Rights Reserved
  • 2. AdWords API - Using OAuth 2.0 Advanced usage Ray Tsang, Google, Inc. Danial Klimkin, Google, Inc.
  • 3. Agenda ● Hopefully you are already using OAuth 2.0! ● Issue with unoptimized OAuth 2.0 requests ● Solutions ● Resources
  • 4. Google Inc. - All Rights Reserved Refresher OAuth 2.0????
  • 5. Google Inc. - All Rights Reserved ClientLogin is going away You must migrate to OAuth 2.0 ASAP ClientLogin is Going Away!
  • 6. Google Inc. - All Rights Reserved Secure ○ Users enter their username/password in secure Google login page ○ Third-party application won’t receive nor store the password ○ Reduced impact if OAuth 2.0 access is compromised More Control ○ Restrict access via “scopes” ○ User can revoke access at will Standards driven ○ RFC 6749 ○ Used by many large service providers, including Google Why OAuth 2.0?
  • 7. Google Inc. - All Rights Reserved Already using OAuth 2.0? Great to hear! Watch out for some common issues
  • 8. Google Inc. - All Rights Reserved Access Token Expiration Anticipate the possibility that a granted token might no longer work ○ The access token has expired (expires_in value) ○ The user has revoked access ○ The account has exceeded a certain number of active token for the same application
  • 9. Google Inc. - All Rights Reserved The refresh token expired if unused for six months. 25 refresh token limit per user per application ○ When exceeded, oldest refresh token is quietly invalidated ○ no user-visible warning - your application need to handle this You should only need one refresh token per user Refresh Token Expiration
  • 10. Google Inc. - All Rights Reserved When an access token has expired or revoked: AuthenticationError.OAUTH_TOKEN_INVALID Cause: access token expired Resolution: get a new access token with the refresh token AuthenticationError.INVALID_GRANT_ERROR Cause: access revoked Resolution: re-authorize via the authorization URL (the consent screen) Common Errors
  • 11. Google Inc. - All Rights Reserved Revoking Access
  • 12. Google Inc. - All Rights Reserved Rate Limits There is a rate limit for obtaining the access token QPS may change over time based on different conditions Beware in multi-threaded and/or multi-server environment Be ready for it in Production!
  • 13. Google Inc. - All Rights Reserved Multithreaded Environment Client Application Thread 1 Thread 2 Thread N . . . I have a refresh token, I need an access token! I have a refresh token, I need an access token! I have a refresh token, I need an access token!
  • 14. Google Inc. - All Rights Reserved Multi-Server / Multi-Process Environment Client Application . . . I have a refresh token, I need an access token! I have a refresh token, I need an access token! I have a refresh token, I need an access token! Client Application Client Application
  • 15. Google Inc. - All Rights Reserved Client ApplicationClient Application Put Them Together Client Application Thread 1 Thread 2 Thread N . . .
  • 16. Google Inc. - All Rights Reserved What’s Your Platform Like? .Net
  • 17. Google Inc. - All Rights Reserved Sharing the access token Sharing is caring
  • 18. Google Inc. - All Rights Reserved Share the token and the expiration time Access token Calculated expiration time 12 6 39 T1 expires_in Te
  • 19. Google Inc. - All Rights Reserved Multithreaded platforms can share data among threads Must be thread-safe Use the singleton pattern Use a Singleton Credential object in Java can be shared
  • 20. Google Inc. - All Rights Reserved Minimize Access Token Requests Client Application Thread 1 Thread 2 Thread N . . . I have a refresh token, I need an access token! I’ll re-use the Credential I’ll re-use the Credential
  • 21. Google Inc. - All Rights Reserved Minimize the number of initial access token requests is half the problem When access token expires - minimize refresh requests! Handling Expiration Credential object in Java handles expiration
  • 22. Google Inc. - All Rights Reserved Use a shared storage ○ In-memory: Memcached, Infinispan, Ehcache, ... ○ Persistent: RDBMS, MongoDB, … Store securely! Don’t forget to check for expirations Use Shared storage
  • 23. Google Inc. - All Rights Reserved Using a Shared Storage Client Application . . . Client Application Shared Storage 1. Check if unexpired access token is already in the shared storage Client Application 2. If expired, use the refresh token to get an access token 3. Write the credential back to the shared storage 4. Check if unexpired access token is already in the shared storage
  • 24. Google Inc. - All Rights Reserved Worst case scenario: All processes simultaneously read expired access token from the shared storage ● Avoid race conditions ● Eagerly refresh stored credentials before it expires ○ e.g., If access token expires in 1 hr, refresh in 45 minutes Proactive Refresh Make sure server clocks are in sync (use NTP)
  • 25. Google Inc. - All Rights Reserved Proactive Refresh Client Application Shared Storage Check if unexpired access token is already in the shared storage Periodic Refresher 1. Use the refresh token to get a new access token 2. Write the credential back to the shared storage
  • 26. Google Inc. - All Rights Reserved Centralize OAuth 2.0 access token management ○ Retrieval ○ Refresh ○ Storage Service-oriented approach OAuth 2.0 Token Management Server Example - OAuth 2.0 Key Cache
  • 27. Google Inc. - All Rights Reserved Using a Token Management Server Client Application Token Mgmt Server 1. I need the access token 2. Here you go! O ops! Expired, let m e fetch another one.
  • 28. Google Inc. - All Rights Reserved Refresh token and access token = Credentials Store them securely! Last Note - Security!
  • 29. Google Inc. - All Rights Reserved Resources Download links AdWords API OAuth 2.0 Guide Optimizing OAuth 2.0 Requests for AdWords API Google OAuth 2.0 Documentation
  • 30. Google Inc. - All Rights Reserved Questions?
  • 31. Google Inc. - All Rights Reserved