Authorization
TikTok Ads
Prerequisites
The TikTok Ads connector uses OAuth 2.0 (3-legged authorization flow) to authenticate with the TikTok Marketing API. Before creating a credential in Nexla, you must register a developer application in the TikTok developer portal to obtain a Client ID and Client Secret.
Register a TikTok for Business Developer Application
To obtain the OAuth credentials required by Nexla, create an application in the TikTok developer portal and request access to the Marketing API.
-
Sign in to the TikTok Developer Portal using your TikTok for Business account credentials. If your organization does not yet have a TikTok for Business account, create one at business.tiktok.com before proceeding.
-
Navigate to Manage Apps and click Connect a new app.
-
Fill in the required application details:
-
App Name: Enter a descriptive name for the integration (for example, "Nexla Data Integration").
-
App Icon: Upload an icon for your application.
-
Category: Select the category that most closely matches your use case.
-
-
Under Products, select Marketing API to request access to the TikTok Business API endpoints that Nexla will use.
-
Under Permissions / Scopes, select the following scopes, which correspond to the data that Nexla will access:
-
ad_management_basic— Required to read campaign, ad group, and ad data. -
ad_management_audience— Required to read custom audience and pixel data. -
ad_management_reporting— Required to retrieve performance reports.
-
-
Enter a valid Redirect URI for your integration. For Nexla-managed OAuth, use the redirect URI provided in the Nexla credential overlay.
-
Click Submit to save the application.
-
After the application is created, navigate to the app's detail page. Copy and securely store the App ID (Client ID) and App Secret (Client Secret) shown on this page.
New applications start in Sandbox Mode, which allows you to test the OAuth flow and API calls against limited data before submitting for production review. For production use with live advertiser data, submit the application for TikTok's review through the developer portal. The review process evaluates your OAuth implementation, data handling practices, and use-case appropriateness. Additional information is available in the TikTok Business API documentation.
Identify Your Advertiser ID
Each TikTok Ads data source request requires an Advertiser ID that identifies the specific ad account to query. The Advertiser ID is a 19-digit number assigned to each TikTok Ads Manager account.
-
Sign in to TikTok Ads Manager.
-
The Advertiser ID appears in the browser URL as the value of the
aadvidparameter — for example:https://ads.tiktok.com/i18n/dashboard?aadvid=7012345678901234567. -
Copy this value. You will need to enter it when configuring individual data source endpoints in Nexla.
If you manage multiple ad accounts through a Business Center, each account has its own unique Advertiser ID. When configuring Nexla data sources, you specify the Advertiser ID for the account you wish to pull data from. A list of advertiser IDs accessible to the authorized app is also returned as part of the OAuth token exchange response.
Create a TikTok Ads Credential
- To create a new TikTok Ads credential, after selecting the data source type, click the Add Credential tile to open the Add New Credential overlay.
Credential Name & Description
-
Enter a name for the credential in the Credential Name field and a short, meaningful description in the Credential Description field.
Resource descriptions are recommended but are not required. They should be used to provide information about the resource purpose, data freshness, etc. that can help the owner and other users efficiently understand and utilize the resource.
OAuth2 Authentication
The TikTok Ads connector authenticates using OAuth 2.0 with a 3-legged authorization flow. In this flow, Nexla redirects you to TikTok's authorization page, where you grant the application permission to access your advertiser accounts. After authorization, TikTok issues an access token and a refresh token that Nexla uses for all subsequent API calls. The access token is short-lived and Nexla automatically refreshes it using the refresh token, which is valid for approximately one year.
-
Enter the App ID (Client ID) obtained from the TikTok developer portal in the Client ID field. This value identifies the registered TikTok application that Nexla will use to make API calls on your behalf.
-
Enter the App Secret (Client Secret) obtained from the TikTok developer portal in the Client Secret field. This value is used to securely exchange the authorization code for an access token and refresh token.
ImportantThe Client Secret is sensitive. Treat it like a password — do not share it publicly or commit it to source control. If you believe it has been exposed, regenerate it immediately in the TikTok developer portal under Manage Apps > your app > App Secret.
-
Click the Authorize button in the credential overlay. Nexla will redirect you to TikTok's authorization page.
-
On the TikTok authorization page, sign in with the TikTok for Business account that has access to the advertiser accounts you wish to connect, and grant the requested permissions (
ad_management_basic,ad_management_audience, andad_management_reporting). -
After authorization is complete, TikTok will redirect back to Nexla with an authorization code. Nexla automatically exchanges this code for an access token and refresh token, completing the credential setup.
TikTok access tokens expire after 24 hours and are automatically refreshed by Nexla using the refresh token. If the refresh token itself expires (after approximately one year), you will need to re-authorize the credential by repeating the OAuth flow above.
Save the Credential
-
Once all of the relevant steps in the above sections have been completed, click the Save button at the bottom of the overlay to save the configured credential.
-
The newly added credential will now appear in a tile on the Authenticate screen during data source creation and can be selected for use with a new data source.