-
Notifications
You must be signed in to change notification settings - Fork 162
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Support Client Credentials oauth flow for unsupervised clients #197
Comments
Our team is having the same issue. We're also building a server-to-server flow with no third-party, and the standard interactive flow is not very feasible or secure. We'd love to be able to do a client_credentials flow but have been unable to get this to work. |
It would be good to understand whether this is something the Ads API supports (in which case it's just a matter of getting the code working) or whether the API just doesn't support it at all and we have to use the standard flow w/ refresh tokens and such. |
to minimize dependency, bingads library does not use msal. I see you are using scope "https://ads.microsoft.com/.default", which is different from here, is that expected? |
@qitia thanks! I've tried
Sending
I guess the question is whether we should expect the Ads API to support the client credentials flow or not |
Our team is facing the same issue as described by @oaosman84.
@qitia - could you please confirm on this? |
This is quite an elementary and fundamentally essential feature for most use-cases for any api. Can you guys confirm or deny if this works for the reporting API (i.e. that having a headless / unsupervised service is even possible)? |
We had to eliminate our spend on the Bing Ads platform and shift that budget to other platforms since the current API flow is untenable for us. |
Microsoft does a bad job as always. No answers, no docs, no convenient API just that SOAP crap that thousands of developers have to deal with |
It's been 2 years and there hasn't been any further interest from Microsoft. I think it's not difficult to explain why Bing is rated so low by users. |
We have scripts running as unsupervised background processes(as cronjobs). These scripts cannot rely on an interactive user consent flow for authentication. Previously we had been using the desktop flow to manually(through developer intervention on a local machine) retrieve an access and refresh token that were then copied over to the server side, which is obviously a problematic workflow for efficiency, reliability and security reasons.
Instead, I am trying to use the Client Credentials oauth flow which is designed for this purpose. Since we are part of the same entity owning the application and the bingads account which we are using with the API, we do not need explicit consent from a specific user(we are not acting on behalf of another user). we already possess the client credentials needed to authenticate.
I am trying to use tokens acquired through this flow using the microsoft service authentication library (https://github.com/AzureAD/microsoft-authentication-library-for-python). I am trying to implement a custom
bingads.OAuthAuthorization
subclass implementing this flow using the msal python library. Here's the code:Acquiring the access token using msal works, but for some reason the bingads library still cannot successfully authenticate with the API.
Also, no refresh token are used in this flow.
Thanks!
The text was updated successfully, but these errors were encountered: