Multi-factor authentication policy for Google Ads accounts

Today, we are rolling out a feature that allows the administrative users of Google Ads accounts to set a required multi-factor authentication policy, including 2-Step Verification. When this new authentication policy is enabled on a particular Google Ads account, all users who want to access that account must have their Google accounts enrolled in 2-Step Verification.

Note: The Google account users can alternately fulfill this requirement by enrolling their accounts in Advanced Protection.

What will happen to your API access?
If 2-Step Verification is required for a particular Google Ads account, then 2-Step Verification also needs to be set up for the Google account used to generate the OAuth2 refresh token accessing the Google Ads account. Follow this link to opt in to 2-Step Verification. Failing to do so will result in the AuthorizationError.TWO_STEP_VERIFICATION_NOT_ENROLLED error when you try to access the Google Ads account.

Access to the Google Ads account will be restored once you opt in to the 2-Step Verification. The multi-factor authentication policy does not affect the way you access the AdWords API or the Google Ads API Beta in any other aspects--you can still use an OAuth2 refresh token and a developer token to access the AdWords API and the Google Ads API Beta as usual.

2-Step Verification ensures only strongly verified users have access to your Google accounts. Opt in now to avoid hitting the AuthorizationError.TWO_STEP_VERIFICATION_NOT_ENROLLED error in advance.

As always, if you have any questions or concerns, please post on our forum.