Authentication with OAuth


As of June 1, 2022, we're gradually requiring multi-factor authentication for customers signing in through third-party applications to use Bing Ads API, Content API, and Hotel API.

You must update your application to get user consent using the new msads.manage scope. All application developers must take action to use the new scope.

For more information see the Multi-factor authentication requirement guide.

Consider the user that you want to sign in e.g., The Bing Ads API will not accept that email address and password. Instead you need to set the AuthenticationToken header element that contains a user access token. You can think of an access token as representing a user name and password.

How can you get an access token for a user? As an application developer you'll use a Microsoft authorization URL to prompt the Microsoft Advertising user for consent. Once a user provides consent, you can get an access token and act on behalf of the user.

Microsoft Advertising leverages the Microsoft identity platform endpoint for developers and the OAuth 2.0 protocol to authenticate work or school accounts from Azure Active Directory (AAD) and personal Microsoft accounts (MSA), such as,, and

  1. Register an application

  2. Request user consent for your application to manage their Microsoft Advertising accounts

  3. Get access and refresh tokens

  4. Make your first API call


For details about how to get access and refresh tokens using the Bing Ads SDKs, see Authentication With the SDKs.

Next steps

See Also

Get started