In early 2020, we started requiring multi-factor authentication in Microsoft Advertising online. Multi-factor authentication is a security process that requires you to verify your identity in two different ways, and it's critical for the security and safety of our users.
As we continue to assess the readiness of our developer community and consider the many partner disruptions due to the pandemic, we're extending our enforcement date by three months. The new date is June 1, 2022. Even with this extended timeline, security updates aren't something to put aside until later.
Action required
To complete this upgrade, you must update your application and prompt users for consent using “msads.manage” scope via the Microsoft identity platform endpoint. All Microsoft Advertising developers must take action to use the new scope.
With each API request, we'll check the access token to ensure the user granted consent via the new “msads.manage” scope. Upon enforcement of multi-factor authentication, any access token provisioned otherwise (i.e., the "bingads.manage" scope with the Microsoft identity platform endpoint or the "bingads.manage" scope with the Live Connect endpoint) won’t be accepted and the corresponding API calls will fail.
We recommend that you make the necessary changes as soon as possible.
SDK support
Support for the new “msads.manage scope” is added with Bing Ads SDKs (NET, Java, Python, and PHP) version 13.0.10 released this month.
The new “msads.manage” scope is now used by default in all SDKs. For backwards compatibility you can temporarily use “ads.manage” or “bingads.manage” with a small code change.
var oAuthDesktopMobileAuthCodeGrant = new OAuthDesktopMobileAuthCodeGrant(
Settings.Default["ClientId"].ToString(),
apiEnvironment,
OAuthScope.ADS_MANAGE // temporary workaround
);
For more information, see our API documentation. As always please feel free to contact support or post a question in the Bing Ads API developer forum.
Microsoft
