Another option for generating OAuth2 credentials is to use the OAuth2 Playground. The OAuth2 Playground, in conjunction with the Google API Console, allows you to manually create OAuth2 tokens.
Prerequisites
Before creating credentials, you need to create a project, configure your user consent screen, and enable the AdMob API.
Get a client ID and client secret
Create a credential
Open the Google API Console Credentials page.
From the project drop-down, select an existing project or create a new one.
On the Credentials page, select Create credentials, then select OAuth client ID.
Under Application type, choose Web application.
Under Authorized redirect URIs, add a line with:
https://developers.google.com/oauthplayground
Click Create.
On the Client ID page, take note of the client ID and client secret. You'll need these in the next step.
Configure an OAuth consent screen
You must configure an OAuth consent screen before using an OAuth 2.0 client ID.
Open the Google API Console Consent Screen page.
From the project drop-down, select the same project used to generate the credential.
Configure your OAuth consent screen to use your OAuth 2.0 client ID. There are multiple ways to do this:
- Set your user type to External and publishing status to Published.
- Or, set your user type to External and publishing status to Testing, then add Test users by selecting add users to give them access to use your OAuth 2.0 client ID.
See additional information on setting up your OAuth consent screen.
Generate tokens
Go to the OAuth2 Playground, (using this link should pre-populate some key values for you).
Click the gear icon in the upper right corner and check the box labeled Use your own OAuth credentials (if it isn't already checked).
Make sure that:
- OAuth flow is set to Server-side.
- Access type is set to Offline (this ensures you get a refresh token and an access token, instead of just an access token).
Enter the OAuth2 client ID and OAuth2 client secret you obtained above.
In the section labeled Step 1 - Select & authorize APIs, enter the following URL in the text box at the bottom, if it's not already there, then click Authorize APIs:
https://www.googleapis.com/auth/admob.readonly
If prompted, sign in to the account to which you want to grant access and authorization. Otherwise, confirm that the current Google user in the top right corner is the AdMob account for whom you want to obtain credentials.
A prompt appears indicating your app would like to See your AdMob data. Click Accept to continue.
In the tab labeled Step 2 - Exchange authorization code for tokens, an Authorization code should appear. Click Exchange authorization code for tokens.
If all goes well, the Refresh token and Access token should be filled in for you (you may have to re-expand Step 2 - Exchange authorization code for tokens):
Copy the Refresh token into the configuration file for your client library of choice, along with the client ID and client secret.
Remove the OAuth2 Playground from your client ID
Now that you have a refresh token, you no longer need the OAuth2 Playground to be an authorized redirect URI. To remove it from the list of authorized redirect URIs:
Go to the Google API Console Credentials page.
From the project drop-down, select your project.
On the Credentials page, click the client ID name to edit.
Remove
https://developers.google.com/oauthplayground
from the Authorized redirect URIs. Note that you must leave at least one redirect URI in place.Click Save.
Revoke shared tokens
You can revoke shared tokens in two ways:
Navigate to your Google account permissions page and revoke access from the relevant project.
Alternatively, you can revoke web application tokens using the Google Identity API.