Google Ads MCP Server Setup for Claude and Gemini
Set up Google's official read-only Google Ads MCP server with Claude Desktop, Gemini CLI, and Cursor. Includes 12-prompt GAQL library + OAuth guide.
Exposed Tools
Write Operations
Env Vars Required
License
Key Takeaways
The Google Ads MCP server ships from github.com/googleads/google-ads-mcp as a pipx-installable Python package that gives any MCP-compatible client (Claude Desktop, Claude Code, Gemini CLI, Cursor, Windsurf) direct read access to a Google Ads account via GAQL. This post is the end-to-end setup reference: credentials, installation, client configuration, the full tool surface, a twelve-query GAQL prompt library, security hardening, and fixes for the errors you will actually hit.
If you are looking for the strategic context — how MCP fits into the programmatic Google Ads stack alongside the v23.1 API and the April 2026 core update — read the Google Ads API v23.1 + April 2026 core update playbook. This post focuses exclusively on the MCP implementation layer.
The read-only boundary is the safety model. The official Google server refuses to mutate anything. That is not a bug — it is the intentional guardrail that lets you put this in front of an LLM without a three-week security review.
What the MCP Server Is (and Is Not)
Model Context Protocol (MCP) is an open standard for exposing tools to LLM clients. The Google Ads MCP server is the official Google implementation of that standard for the Google Ads API. Understanding its scope is the first thing that saves you a week:
- Read-only GAQL bridge for LLM clients
- Two tools: list_accessible_customers, search
- OAuth 2.0 and service-account compatible
- stdio transport (pipx spawns the process)
- Apache 2.0 licensed, official Google repo
- A write path for bid or budget changes
- A way to create campaigns or ad groups
- A replacement for the Ads Scripts editor
- A filter on which customer IDs are visible
- A dashboard with its own UI
Two Google-authored repos, similar names. This post covers the canonical server at github.com/googleads/google-ads-mcp(two tools, strict read-only — the one Google's docs reference). A related repo at github.com/google-marketing-solutions/google_ads_mcp exists and exposes five tools (execute_gaql, list_accessible_accounts, get_gaql_doc, get_reporting_view_doc, get_reporting_fields_doc) with slightly different naming. If you are following an older tutorial or agency runbook, confirm which repo it targets before copying config.
Prerequisites and Credentials
Before you touch pipx, line up four things:
| Requirement | Where to get it | Notes |
|---|---|---|
| Google Cloud project | console.cloud.google.com → new project | Enable the Google Ads API in APIs & Services. |
| OAuth credentials OR service account | APIs & Services → Credentials | Download credentials.json; store securely. |
| Google Ads developer token | Google Ads UI → Tools & Settings → API Center | 22-character string. Apply for Standard access for production queries. |
| Customer ID(s) | Top-right of Google Ads UI | Hyphenated format; drop hyphens for API calls. |
Basic vs. Standard developer token: Basic access works for testing but throttles queries and is limited to test accounts. For any production GAQL work, apply for Standard access in the API Center. Approvals take 1-2 business days for agency accounts with active spend.
OAuth vs. Service Account
Pick this before you install. Changing auth mode later means reissuing credentials and reconfiguring every client.
| Dimension | OAuth 2.0 (user) | Service Account |
|---|---|---|
| Best for | Solo analyst, single account, laptop usage | Agency manager accounts, VPS deploys, team usage |
| First run | Browser consent flow | JSON key file — no browser |
| Survives user offboarding | No | Yes |
| Token rotation | Refresh token; expires if revoked | Rotate JSON key via IAM |
| Works over SSH without a browser | Requires out-of-band flow | Yes |
Rule of thumb: one laptop, one account = OAuth. Team use or manager account = service account with domain-wide delegation. Changing your mind later means reconfiguring every client's MCP block.
Installation via pipx
The official repo is built around a single pipx command. pipx isolates the server in its own virtual environment, so it will not collide with the Python you use for client work.
1. Install pipx
# macOS / Linux
brew install pipx # macOS
python3 -m pip install --user pipx && python3 -m pipx ensurepath # Linux
# Verify
pipx --version2. Dry-run the server
# Fetches the repo, installs in an isolated venv, prints the help text
pipx run --spec git+https://github.com/googleads/google-ads-mcp.git google-ads-mcp --help3. Set the three environment variables
The server reads three env vars. These typically live in your shell profile or (better) a .env the MCP client injects:
export GOOGLE_APPLICATION_CREDENTIALS="/abs/path/to/credentials.json"
export GOOGLE_PROJECT_ID="your-gcp-project-id"
export GOOGLE_ADS_DEVELOPER_TOKEN="22-char-token"Never commit these to source control. For team deploys, keep them in the client's secret manager (GCP Secret Manager, Doppler, 1Password CLI, AWS Secrets Manager) and render them into the environment at start.
Client Configuration Matrix
Same server, different config file per client. The block below appears in each.
| Client | Config path | Reload required |
|---|---|---|
| Claude Desktop | ~/Library/Application Support/Claude/claude_desktop_config.json (macOS) | Quit + relaunch |
| Claude Code | .mcp.json in the project root | /mcp refresh or new session |
| Gemini CLI | ~/.gemini/settings.json | /mcp in CLI |
| Cursor | ~/.cursor/mcp.json | Reload window |
| Windsurf | ~/.codeium/windsurf/mcp_config.json | Reload |
Canonical config block
{
"mcpServers": {
"google-ads": {
"command": "pipx",
"args": [
"run",
"--spec",
"git+https://github.com/googleads/google-ads-mcp.git",
"google-ads-mcp"
],
"env": {
"GOOGLE_APPLICATION_CREDENTIALS": "/abs/path/to/credentials.json",
"GOOGLE_PROJECT_ID": "your-gcp-project-id",
"GOOGLE_ADS_DEVELOPER_TOKEN": "22-char-token"
}
}
}
}Tool Reference
The entire agent surface is two tools. Memorize them.
Returns customer IDs and names the authenticated credentials can access. Call once per session to populate the agent's list of targetable accounts.
No parameters. Returns array of { id, name }.
Takes a customer ID and a GAQL query string. Returns rows. This is the entire reporting surface.
Params: { customer_id, query }. Returns array of row objects.
12-Prompt GAQL Library
These are the twelve GAQL queries our team uses 80% of the time in agency reporting. Save them as skills, prompts, or snippets for your MCP client of choice.
1. Campaign performance, last 7 days
SELECT campaign.id, campaign.name,
metrics.cost_micros, metrics.conversions, metrics.ctr
FROM campaign
WHERE campaign.status = 'ENABLED'
AND segments.date DURING LAST_7_DAYS
ORDER BY metrics.cost_micros DESC2. Search terms with zero conversions
SELECT search_term_view.search_term, metrics.cost_micros, metrics.clicks
FROM search_term_view
WHERE metrics.conversions = 0
AND metrics.cost_micros > 50000000
AND segments.date DURING LAST_30_DAYS
ORDER BY metrics.cost_micros DESC
LIMIT 1003. Frequency saturation (v23.1)
SELECT campaign.id, campaign.name,
metrics.unique_users, metrics.unique_users_ten_plus
FROM campaign
WHERE segments.date DURING LAST_14_DAYS
AND campaign.advertising_channel_type = 'PERFORMANCE_MAX'4. Ad groups with no ads served
SELECT ad_group.name, ad_group.status, metrics.impressions
FROM ad_group
WHERE metrics.impressions = 0
AND ad_group.status = 'ENABLED'
AND segments.date DURING LAST_30_DAYS5. Budget pacing
SELECT campaign.name, campaign_budget.amount_micros,
metrics.cost_micros
FROM campaign
WHERE segments.date = TODAY
AND campaign.status = 'ENABLED'6. Top converting keywords
SELECT ad_group_criterion.keyword.text, metrics.conversions,
metrics.cost_per_conversion
FROM keyword_view
WHERE segments.date DURING LAST_30_DAYS
AND metrics.conversions > 0
ORDER BY metrics.conversions DESC
LIMIT 507. Disapproved assets
SELECT ad_group_ad.ad.id, ad_group_ad.policy_summary.approval_status
FROM ad_group_ad
WHERE ad_group_ad.policy_summary.approval_status
IN ('DISAPPROVED', 'SITE_SUSPENDED')8. Device-split conversion rate
SELECT segments.device, metrics.conversions, metrics.clicks,
metrics.conversions_value
FROM campaign
WHERE segments.date DURING LAST_30_DAYS
GROUP BY segments.device9. Quality score distribution
SELECT ad_group_criterion.quality_info.quality_score,
COUNT(*) AS count
FROM keyword_view
WHERE ad_group_criterion.status = 'ENABLED'
GROUP BY ad_group_criterion.quality_info.quality_score10. Impression share lost to budget
SELECT campaign.name,
metrics.search_budget_lost_impression_share,
metrics.search_rank_lost_impression_share
FROM campaign
WHERE segments.date DURING LAST_7_DAYS
ORDER BY metrics.search_budget_lost_impression_share DESC11. Geographic performance
SELECT geographic_view.country_criterion_id,
metrics.conversions, metrics.cost_micros
FROM geographic_view
WHERE segments.date DURING LAST_30_DAYS
ORDER BY metrics.conversions DESC
LIMIT 2012. Asset group performance (Performance Max)
SELECT asset_group.name, metrics.impressions, metrics.conversions,
metrics.cost_per_conversion
FROM asset_group
WHERE segments.date DURING LAST_14_DAYS
ORDER BY metrics.conversions DESCAgent Workflow Patterns
Three patterns work cleanly with the read-only MCP server:
1. Reporting Q&A
Analyst asks plain-English questions in Claude Desktop. Claude selects the right GAQL template, calls search, and summarizes. No writes. No approvals needed.
2. Anomaly detection + alert
Scheduled agent (cron or n8n) runs the saturation query nightly, posts anomalies to Slack with recommended fixes. The fix is a ticket — a human executes it via REST or the UI.
3. Proposal drafting
Agent pulls last-30-day performance via MCP, pairs it with a brand-voice skill, drafts a budget reallocation proposal into a Google Doc. Account lead reviews before any mutation happens.
Security Hardening
The read-only constraint removes write risk but not read risk. Five hardening rules we apply on every agency deploy:
- Scope credentials narrowly. One service account per client; grant only the customer IDs that client touches.
- Never commit secrets.
credentials.json, developer tokens, and refresh tokens go in a secret manager (GCP Secret Manager, Doppler, 1Password CLI)..envis gitignored. - Pin the server version. Replace
git+https://.../google-ads-mcp.gitwithgit+https://.../google-ads-mcp.git@<commit-sha>so an upstream change never silently alters behaviour. - Log every query. Wrap the MCP call site in audit logging that records user, customer_id, GAQL, row count. Compliance-friendly and invaluable for debugging.
- Rotate keys quarterly. Service-account JSON keys live as long as you let them. Calendar a quarterly rotation.
Common Errors and Fixes
| Error | Cause | Fix |
|---|---|---|
| PERMISSION_DENIED | Developer token missing Standard access | Apply for Standard access in API Center |
| INVALID_ARGUMENT on customer_id | Hyphens in the ID | Strip hyphens — API wants 10 digits only |
| RESOURCE_EXHAUSTED | Rate limit hit on a tight loop | Back off; add LIMIT to GAQL; batch |
| Server not listed in /mcp | Config didn't reload or JSON syntax error | Validate JSON, quit + relaunch the client |
| 401 UNAUTHENTICATED after weeks | OAuth refresh token revoked | Re-run OAuth consent; switch to service account if recurring |
Conclusion
The Google Ads MCP server is the smallest possible surface area for an enormous capability: a natural-language reporting agent for PPC, with zero write risk. The whole setup is pipx + three env vars + a config block in your MCP client. The moat is the GAQL prompt library — twelve canonical queries above cover most of what agencies need.
Pair this with a separate REST write workflow and you have the complete programmatic PPC stack. The strategic playbook for pairing reads and writes in 2026 lives in the Google Ads API v23.1 + April 2026 core update playbook.
Ship an AI PPC Agent Without the Risk
We configure MCP reads, build the GAQL skill library, and wire the REST write workflow behind policy gates — all under your credentials.
Frequently Asked Questions
Related Guides
More on programmatic Google Ads, MCP workflows, and AI agent deployment.