The fastest way to blow up a Google Ads account with AI is to connect it with more access than it needs. If Claude can “manage” campaigns, one wrong prompt or mis-click can change bids, budgets, or keywords before you notice.
This guide shows the safest way to connect Claude to Google Ads: a true read-only setup that lets Claude pull performance data, reports, and search terms for analysis while keeping every edit locked down. You’ll also learn what permissions to avoid, how to confirm the connection is genuinely view-only, and how to keep clean boundaries if you’re working through an MCC.
Use this quick-start checklist to connect safely on the first pass.
- Confirm what you’re connecting: a Google Ads account or a manager account (MCC). Know the exact customer ID(s).
- Use the right Google login: sign in with the Google user that already has access to the target account.
- Start the connection: in your AI tool, choose Google Ads and begin the OAuth sign-in flow.
- Approve the minimum permissions: when Google shows the consent screen, proceed only if it indicates view access (avoid anything that implies “manage” or “edit”).
- Select account boundaries: pick the specific account(s) you want Claude to read, avoid “all accounts” when possible.
- Verify data loads: check that campaigns, spend, and search terms appear, then stop and validate permissions before asking for changes.
Before you begin, have: your Google Ads Customer ID, the correct Google login, and a clear list of accounts Claude is allowed to see. If you use Roger, it connects read-only by default and asks for explicit approval before applying any suggested changes.
What Does “Read-Only” Mean in Google Ads Access?
“Read-only” is a permission level in Google Ads that lets a user or connected tool view data but blocks any change to campaigns, budgets, billing, or settings. It is the safest starting point when you connect an AI assistant like Claude, because it limits the connection to reporting and analysis.
| Google Ads Access Level | What Claude Can Do | What Claude Cannot Do |
|---|---|---|
| Read-only | Read campaign performance, search terms, keywords, ads, assets, audiences, change history (view), and most settings needed for audits and reporting. | Edit anything. Create or pause campaigns. Change bids or budgets. Add negative keywords. Adjust conversion tracking. Change billing users or payment methods. |
| Standard | Everything in read-only, plus create and edit campaigns, ads, keywords, assets, audiences, and many account settings. | Some admin-only areas (varies by account), but it still enables spend-impacting changes. |
| Admin | Full control across the account, including user management and high-risk settings. | Very little. This is the level you avoid for external tools unless you have a specific, audited reason. |
Read-only access still exposes sensitive business data. Claude can see what you grant access to, including performance by campaign, ad group, keyword, audience, device, location, and time period. If the account contains customer lists for Customer Match, offline conversion imports, or remarketing audiences, treat access as confidential even when it is read-only.
Where People Get Tripped Up
Google Ads permissions and OAuth scopes are separate concepts. You can invite a user as read-only inside Google Ads, then accidentally authorize a broader OAuth scope in a connector that allows edits through the Google Ads API. For the safest setup, you want both: read-only user access in Google Ads and a connector that requests read-only scopes.
Roger follows this least-privilege approach: it connects read-only by default for audits, monitoring routines, and reporting, then asks for explicit approval before it applies suggested changes.
How to Connect Claude to Google Ads Using the Safest Read-Only Method
Read-only is safest when you connect through a dedicated Google user that can only view the exact Google Ads account you intend to analyze. Treat the connection like you would a contractor login: minimal access, clear boundaries, easy to revoke.
Least-Privilege Connection Steps (OAuth)
- Create or choose a “reporting-only” Google user (recommended): use a separate Google Account that you can disable later without touching your main admin login.
- Grant view access in Google Ads: in Google Ads, go to Tools and settings > Access and security (or Access and security under Account settings). Invite that user with Read-only access to the specific Customer ID you want Claude to read.
- Start the connection in Claude (or your AI tool): choose Google Ads as the data source and begin the Google sign-in flow.
- Pick the correct Google login: sign in with the reporting-only user, not your admin user.
- Review the consent screen carefully: proceed only if the app requests permissions that match reporting. Avoid consent prompts that imply managing or editing Google Ads.
- Select account boundaries: when the tool asks which accounts to connect, choose the single intended Google Ads account (or the specific MCC and sub-account list you approve). Skip “all accounts” unless you truly need it.
If you use Roger, this is the default posture: connect read-only for audits and reporting, then approve any proposed edits explicitly.
Confirm The Connection Worked
- Data appears: you can see campaign names, impressions, clicks, cost, and date ranges in the tool.
- No edit surfaces: the tool can draft recommendations, but it cannot push changes without an approval step (or it should fail when attempting to write).
- Account match: the Customer ID shown in the tool matches the account you intended to connect.
Which Google Ads Permissions Should You Avoid (Even If Setup “Works”)?
Approval flows only work if the connection cannot edit anything in the first place. The most common failure mode is a setup that “connects fine” but quietly grants write access through Google Ads user roles, OAuth scopes, or account selection.
Permissions And Scopes To Avoid
- Google Ads user access: Standard or Admin. Standard can create, edit, pause, and change bids and budgets. Admin adds user management and other high-risk settings. For external tools and AI assistants, start with Read-only inside Google Ads.
- Manager account (MCC) access when you only need one client. Granting access at the manager level can expose every linked client account, even if you intended a single Customer ID. Prefer client-level access or strict account allowlists in the connector.
- OAuth consent that says “manage” instead of “view”. In Google’s consent screen, wording matters. If the permission text implies managing Google Ads, assume the token can write via the Google Ads API.
- Broad Google Account scopes that expand data exposure. Some connectors request extra Google scopes (for example, Google Drive or Gmail) for convenience features like exports. Decline anything unrelated to Ads reporting unless you explicitly need it and have internal approval.
- Offline conversion and Customer Match related access. Read-only still lets a tool see conversion actions and audience configuration in many cases. Treat any account that uses Customer Match, enhanced conversions, or offline conversion imports as sensitive, and keep the access surface small.
Two mistakes cause most accidental over-permissioning: people invite the tool as a Standard user “just to get it working,” and people authorize an OAuth prompt without reading the exact permission text.
If you want a concrete reference for roles, Google documents Google Ads access levels in its help center: About access levels in Google Ads.
How to Verify It’s Truly Read-Only (3 Fast Checks)
Google’s access-level labels are a start, but you should verify the connection end-to-end: in Google Ads, in the connected tool, and at the account boundary. These three checks take a few minutes and catch most “oops, it can edit” setups.
Three Fast Read-Only Checks
- Confirm the Google Ads user role is Read-only (and nothing higher).
In Google Ads, open Tools and settings > Access and security. Find the Google user you connected with and confirm the access level shows Read-only. If you see Standard or Admin, stop and downgrade it, or remove the user and re-invite with Read-only. Then re-authenticate the connector so it cannot reuse older permissions. - Attempt a “write” action and make sure it is blocked.
In the AI tool, look for any action that would change the account, for example: “add negative keyword,” “pause campaign,” “change budget,” or “apply recommendations.” A read-only connection should either (a) not show an apply button at all, or (b) fail with a permission error when it tries to push changes through the Google Ads API. In Roger, read-only is the default posture: it drafts changes and requires explicit approval before anything applies. - Verify account boundaries using Customer ID and scope.
In the tool’s Google Ads connection settings, confirm the displayed Customer ID matches the intended account. If you connected through an MCC, confirm the tool lists only the client accounts you approved, not every account under the manager. Back in Google Ads, open Tools and settings > Account access (or the manager account’s access list) and confirm the connected user appears only where it should.
If any check fails, revoke access immediately: remove the user in Access and security and revoke the app in your Google Account’s Third-party access page.
Read-Only Setup for Agencies: MCC, Client Accounts, and Data Boundaries
When you revoke access after a failed check, agencies often discover the real problem: the connection sat at the MCC level, so it could see far more than one client. In Google Ads, a manager account (MCC) is a container for many client Customer IDs. If you connect an AI tool to the MCC without strict boundaries, you risk cross-client data exposure.
Clean Read-Only Pattern for Agencies
The safest agency setup uses a dedicated “reporting-only” Google user and limits what that user can see inside the MCC.
- Create one Google user per client (best isolation) or per client group with the same confidentiality requirements.
- Invite that user at the client account level whenever possible: in the client Google Ads account, go to Tools and settings > Access and security, then grant Read-only. This avoids accidental visibility into other linked accounts.
- If you must use MCC access (because the connector requires it), grant the user Read-only on the manager account and then restrict access to specific client accounts in the MCC’s user access controls. Do not leave the user with visibility to “All accounts.”
- Connect the AI tool using that reporting-only user, then select an explicit allowlist of Customer IDs during setup.
Google documents manager and client access behavior in its help center: About manager accounts (MCC).
For agencies, the practical goal is simple: each token maps to one client boundary. If a client offboards, you delete one user, revoke one OAuth grant, and the rest of your book stays untouched.
Roger fits this workflow well because it connects read-only by default and works cleanly with MCC structures, so you can run audits, monitoring routines, and reporting per Customer ID without mixing client datasets.
How Roger Handles Read-Only by Default (and When to Approve Changes)
Read-only by default is what keeps audits, monitoring, and reporting safe at scale. Roger treats the Google Ads connection as a data pipe first: it pulls performance, search terms, change history, and settings needed for analysis, then keeps its hands off your live account until you say otherwise.
That separation matters because most “AI automation” failures come from permission drift. Someone grants Standard access “temporarily,” a connector keeps an old token, and suddenly a tool can pause campaigns or change budgets. Roger’s workflow avoids that by keeping analysis and execution in different steps.
What Roger Does With Read-Only Access
With read-only access, Roger focuses on work that should never require edit rights:
- Audits: find wasted spend via search terms, match types, duplicates, broken structure, and budget allocation issues.
- Monitoring routines: watch for spend spikes, conversion drops, disapproved ads, learning resets, or sudden CPC changes.
- Reporting: generate weekly or monthly summaries, performance breakdowns by campaign and audience, and client-ready exports.
You still control the account. Roger can recommend actions like adding negative keywords, tightening location targeting, or adjusting bids, but recommendations stay in “draft” until you approve.
When To Approve Changes (And How To Keep It Safe)
Approve changes when two conditions hold: (1) the recommendation cites the exact entities it will touch (campaign name, ad group, keyword, budget), and (2) you can explain the expected impact in one sentence (for example, “block irrelevant queries that spent €240 last month with zero conversions”).
Use an explicit approval habit:
- Ask Roger for the diff: what will change, where, and what stays untouched.
- Apply in small batches (for example, one campaign or one theme of negatives).
- Check results in Google Ads after 24 to 72 hours, then expand.
If you want the safest next step today, connect a dedicated read-only Google user, run an audit in Roger, and approve one tightly scoped change you can revert in minutes.