Issues using OAuth with the Bing Ads API

Question

I'm currently just trying to run this sample code: https://msdn.microsoft.com/en-us/library/dn705832(v=msads.90).aspx, I've originally posted this question on Stackoverflow: http://stackoverflow.com/questions/35443429/issues-using-oauth-with-the-bing-ads-api

Unfortunately, I can't seem to get my application to authenticate. Every time I try, it just returns a 401 Unauthorized error with no explanation. 

Here are the steps I've taken so far:

 1. Enabled API access in the Bing Merchant Center:
Have my API user setup with a dev token (on https://developers.bingads.microsoft.com/Account): http://i.stack.imgur.com/Mmd0C.png

 2. Registered my API application: http://i.stack.imgur.com/JZuD4.png

 3. Gave my user permissions to use the application: http://i.stack.imgur.com/crTGq.png

 4. Updated the authentication in the example code:

Instead of having the Username/Password/DeveloperToken in the headers of the sample code, I replaced it to only have AuthenticationToken and DeveloperToken:

    var headers = new WebHeaderCollection();
    headers.Add("AuthenticationToken", AccessToken /* a really long base64 encoded string */);
    headers.Add("DeveloperToken", DeveloperToken /* 012X111111111111 */);

The `DeveloperToken` is from https://developers.bingads.microsoft.com/Account:  http://i.stack.imgur.com/WIybc.png

The `AuthenticationToken` is from:

   1. Accessing this in my browser: `https://login.live.com/oauth20_authorize.srf?client_id=00000[myclientid]&scope=bingads.manage&response_type=token&redirect_uri=https://login.live.com/oauth20_desktop.srf`

   2. Logging in with my Microsoft account, clicking yes

   3. It returns this URL:
`https://login.live.com/oauth20_desktop.srf?lc=1033#access_token=[some long base 64 string]&token_type=bearer&expires_in=3600&scope=bingads.manage&user_id=[some hex string]`
   4. I take the long url-encoded base64 string ("access token") and use that as my authentication token

No matter which token I use from the oauth response, I keep getting a 401 Unauthorized error from the API endpoint (the body message says "The specified user is not authorized."). What am I doing wrong here?

Answer 1

Hi Kevin.

Does the user in step 3 ("Gave my user permissions to use the application") and step 2 ("Logging in with my Microsoft account, clicking yes") have access to the BMC store and catalog? It is possible to have a separate Microsoft account / API user who is assigned a DeveloperToken in the Dev Center, but who cannot access the specified account and catalog. For example you could use one Microsoft account for all API credentials / app registration, and then authenticate any other Bing Ads and BMC users - if those users grant your app permissions to manage their accounts / catalogs. The Bing Ads and BMC users must have access to the respective accounts and catalogs.

If you have already confirmed access to the catalog for the user in the steps mentioned above, please feel free to escalate to support and the team can take a closer look.

Best regards,

Eric