Authentication with OAuth

Important

In June 2022, we introduced multi-factor authentication as a requirement for Bing Ads. You may still need to make a code change in order to become compliant with this requirement. Microsoft Advertising is performing technical enforcement checks in early October.

This blog post outlines the steps you should take to ensure compliance.

For more information, see the multi-factor authentication requirement guide.

Consider the user that you want to sign in e.g., example@contoso.com. The Bing Ads API will not accept that email address and password. Instead you need to set the AuthenticationToken header element that contains a user access token. You can think of an access token as representing a user name and password.

How can you get an access token for a user? As an application developer you'll use a Microsoft authorization URL to prompt the Microsoft Advertising user for consent. Once a user provides consent, you can get an access token and act on behalf of the user.

Microsoft Advertising leverages the Microsoft identity platform endpoint for developers and the OAuth 2.0 protocol to authenticate work or school accounts from Azure Active Directory (AAD) and personal Microsoft accounts (MSA), such as hotmail.com, outlook.com, and msn.com.

  1. Register an application

  2. Request user consent for your application to manage their Microsoft Advertising accounts

  3. Get access and refresh tokens

  4. Make your first API call

Tip

For details about how to get access and refresh tokens using the Bing Ads SDKs, see Authentication With the SDKs.

Next steps

See Also

Get started