The Ad Manager API now supports a read-only OAuth scope. This new scope, https://www.googleapis.com/auth/admanager.readonly, allows developers to request read-only access to their users' Ad Manager data.
This new scope is only available for the Ad Manager API . It is not supported by the legacy Ad Manager SOAP API , which will continue to require the full-access scope.
The read-only scope allows reading data and running reports, but does not grant permission to write or modify data. This provides an enhanced security layer for developers and users of read-only integrations, such as reporting dashboards or alerting tools.
No action is required for existing integrations. If your application does not require write access, we recommend migrating to the new read-only scope. For a refresher on how to configure OAuth, see Using Oauth 2.0 for Web Server Authentication .
As always, Ad Manager access controls, including User roles and Restrictions imposed by teams , are applied to all API requests regardless of the OAuth scope used.
If you have any questions or want to discuss this post, reach out to us on our Google Advertising and Measurement Community Discord server.
