Skip to main content

OAuth & Integrations

  • Backend callback route: GET/POST /api/google-ads/auth/callback handled by googleAdsController.handleAuthCallback
  • Frontend success page: frontend/app/oauth/google-ads/success/page.tsx
  • Available accounts: GET /api/google-ads/auth/available-accounts?accessToken=...
  • Create account: POST /api/google-ads/accounts/create

Redirect URIs (production)

  • If using custom domains:
    • Google Ads: https://app.ostenai.com/api/google-ads/callback (ensure this maps to backend .../auth/callback or adjust accordingly)
    • Meta Ads: https://app.ostenai.com/api/meta-ads/callback
    • TikTok Ads: https://app.ostenai.com/api/tiktok-ads/callback
  • Backend Cloud Run example env:
    • GOOGLE_OAUTH_REDIRECT_URI=https://<cloudrun-host>/api/google-ads/auth/callback

Known Requirements / Gotchas

  • Google Ads API requires:
    • developer-token: <GOOGLE_ADS_DEVELOPER_TOKEN>
    • Authorization: Bearer <OAUTH2_ACCESS_TOKEN>
    • Content-Type: application/json
  • customers:listAccessibleCustomers may return 501 if developer token/access is not enabled for this operation or account hierarchy is not a Manager account (MCC).
  • The service handles 501 by returning guidance/demo entries; upgrade access or use test manager + test accounts.

Meta Ads & TikTok Ads

  • Similar available-accounts and connect flows under /api/meta-ads/* and /api/tiktok-ads/*
  • Frontend success pages under frontend/app/oauth/meta-ads/success/page.tsx and frontend/app/oauth/tiktok-ads/success/page.tsx

Google Analytics 4 (GA4)

  • GA4 uses a frontend callback page to complete the OAuth flow and let the user pick a property.
  • Frontend callback route: frontend/app/(dashboard)/dashboard/google-analytics/callback/page.tsx

Redirect URI (production)

  • Google Analytics (GA4): https://app.ostenai.com/dashboard/google-analytics/callback
    • Set this exact URI in the Google Cloud Console OAuth client.
    • Set backend env var GOOGLE_ANALYTICS_REDIRECT_URI to the same URI so backend-generated links remain consistent.

Notes

  • GA scripts must only load on public pages (landing, marketing, login, signup, data deletion) — do not load on OAuth success pages or any dashboard pages.
  • After callback, the frontend exchanges the authorization code with the backend to list properties and save the selected property.