Since Google Ads accounts contain user data, your application must obtain authorization from the user to access this data. There are two broad approaches based on how you obtain this authorization.
Choose your app type
Since Google Ads accounts contain user data, your app needs to obtain authorization from the user to access this data. There are two broad approaches based on how you obtain this authorization.
| Service Account | User Authentication | |
| Summary | Manually configure your Google Ads account to give a service account access to that account. Afterwards, your app can use the service account credentials to make API calls to the Google Ads account without any user interaction. The API calls work as long as the service account has access to the Google Ads account. | Obtain a one-time OAuth 2.0 authorization from a user to allow your app to manage their Google Ads account. Afterwards, your app can use the OAuth 2.0 refresh token (issued as part of the OAuth 2.0 authorization process) to make API calls to the Google Ads account. The API calls work as long as the user doesn't revoke the authorization, or until the authorization expires due to inactivity or other reasons. |
| Ease of use | Minimal configuration and approvals required due to lack of user authorization in the app. | Extensive configuration and approvals required due to user authentication being part of the app. |
| Recommendation | Strongly recommended as the preferred approach | Legacy approach. Use as a fallback option when you cannot give a service account the required permissions to your Google Ads account. |