You can use a service account to authorize Merchant API access to your own merchant account. See authorize third-party app access to merchant accounts if your app needs to access your clients' merchant accounts.
A service account is a special kind of account, typically used by an application rather than a person. A service account is identified by its email address, which is unique to the account.
You must have a merchant account before you can complete these steps.
Create a service account
Generate service account credentials, or access the public credentials you've already generated, then create an OAuth 2.0 Client ID:
- Go to the Google API Console.
- Select a project in the drop-down menu at the top of the page, or click NEW PROJECT to create one.
- Search for Merchant API in the list of Google APIs, and make sure it's enabled for this project.
- Click Manage.
- In the sidebar on the left, select Credentials. You might need to click the left-pointing arrow at the top left of the page to see Credentials.
- Select CREATE CREDENTIALS, then Service account.
- Name the service account. This is the default username for the service account ID. Save the service account ID, including the part after the '@' character, for later use.
Click CREATE, go through the optional steps to grant access to the project and users, then click DONE.
Get a JSON private key
Generate a JSON private key for your service account in the in the Google API Console:
- Click the service account, then select the KEYS tab.
- Click ADD KEY > Create new key.
- Select JSON as the key type.
- Click CREATE to download the private key. Note: You can only download the privage key when it's created. You can't come back to this step later.
Give the service account access to your merchant account
Add the new service account as a user to your merchant account:
- Sign in to Merchant Center.
- Click Account Access in your account settings.
Click + Add user, and use your service account ID as the email address for the new user.
If you didn't save your service account ID, go to the Service Accounts administration page, and select your project.
Specify the User access and Email notifications preferences for the service account.
Click Add user to save your preferences and return to the list of users. The service account ID should now be listed with the chosen user role.
You can repeat these steps for all service accounts that need to access your merchant account data.
Frequently asked questions
- Can I sign in to the Merchant Center UI with my service account?
- No, service accounts aren't regular Google Accounts and can't access the Merchant Center UI.
- How often do I need to refresh service account access tokens?
- Access tokens expire one hour after they're issued by the Google OAuth 2.0
Authorization Server. When an access token expires, the application should
use the client library to fetch another access token. To manually refresh
your token, delete the
stored-token.json
file and re-authenticate.