All geek questions in one place

EBay oauth badge and update tokens

struggled for a couple of days with eBay token authentication. It’s hard for me to understand how to get new tokens, after registering for the developer program account, I requested a set of keys and received them, after which I give access to the Auth'n'Auth token, for which promises for 18 months, and yes, the token works only on trade, purchase and search api.

But when you need to complete a purchase, sale and trade, you must receive tokens. And you can make the so-called "Single-User Application" style and paste it into oauth from the User Token Tool, and get oauth after 2 hours.

The token expires later and you lose access to the above api. I tried to extract the tokens from Trading> Get Session ID, Trade> Run, but after providing the session ID for the Fetch token, it says: "The end user did not authenticate Auth and Auth." while there is a valid token of 18 months, it continues to return this error.

Is there any sample article about this that anyone could read or write?

+12
source share
4 answers

The OAuth API "New Sell" process is described in detail here, not the auth 'n' auth process or the outdated trading API. This is also for the sandbox, although the production procedure is similar.

Your confusion is not unreasonable. My own experience with this API stream, as well as the experience of a large part of the official developer forums , has been stressful. The procedure for creating oauth is described in detail below, whether you are connecting to a single , dedicated account or multiple accounts.

There is an official guide that explains the whole process, so I hesitate to recreate the whole guide here. Although I can provide a summary (I suggest following the instructions below using Postman before trying to get through your application):

  1. Get your client ID and Client Secret from here ( do not share them publicly )
  2. Generate RuName (redirect URL) from here by clicking "Get token from eBay through your application" and filling out the form. This form is designed to create the appearance of a login page to which users will be redirected to allow your application access to their account. RuName will appear immediately below the column heading "RuName (name of the eBay redirect URL)"
  3. Gather a list of areas you need. Each API endpoint requires an OAuth token with the appropriate scope permissions. For example, the Create or Replace Inventory Item endpoint requires a scope of https://api.ebay.com/oauth/api_scope/sell.inventory . Find out which endpoints you will need, and go to the API documentation for each and find the scope section.

  4. The get request now looks like this:

     'https://signin.sandbox.ebay.com/authorize? client_id=<your-client-id-value>& redirect_uri=<your-RuName-value>& response_type=code& scope=https%3A%2F%2Fapi.ebay.com%2Foauth%2Fapi_scope%2Fsell.account%20 https%3A%2F%2Fapi.ebay.com%2Foauth%2Fapi_scope%2Fsell.inventory'

    It is also recommended that you add the state query string that I skipped for ease of use, but you should find out what it is and why they are recommended for OAuth.

  5. This browser URL will redirect you to the login page so that the user allows your application to access their account, but only for areas in the URL. When you receive the PHP curl request, you will receive the redirect URL itself. Important: a sign from the end user is necessary, even if there will be only one user in your application. For example, you have an e-commerce site for a customer, and you want to send your products to their single eBay account. You will still need to do this process at least once every 18 months (find out why in the near future).
  6. As soon as the user logs in and confirms, the browser displays the page "You can close this window now." The authorization code required for the next step is located in the URL of this page as a code query string. If you are developing an application for multiple users and plan to actually have them log in on this page, you need to configure the application so that it receives a response with a confirmation, which will be the above URL, and extract the code from it. This code is very short-lived. If you extract it manually through a browser, you need to quickly follow these steps.

  7. Now you need to make a POST request to https://api.sandbox.ebay.com/identity/v1/oauth2/token . See the structure below:

     HTTP method: POST URL (Sandbox): https://api.sandbox.ebay.com/identity/v1/oauth2/token HTTP headers: Content-Type = application/x-www-form-urlencoded Authorization = Basic <B64-encoded-oauth-credentials> (A base64-encoded value made from your client ID and client secret, separated by colon. For example, in PHP you could generate it with: 'base64_encode ("fakeclientid123:fakeclientsecret123")') Request body (wrapped for readability): grant_type=authorization_code& (literally the string "authorization_code") code=<authorization-code-value>& (code retreived in previous step) redirect_uri=<RuName-value> (same RuName as earlier)

    If successful, this query will return something like below:

     { "access_token": "v^1.1#i^1#p^3#r^1...XzMjRV4xMjg0", "token_type": "User token", "expires_in": 7200, "refresh_token": "v^1.1#i^1#p^3#r^1...zYjRV4xMjg0", "refresh_token_expires_in": 47304000 }

    Here is the oauth token we are looking for that will last 2 hours . The second token is the update token, which will last ~ 18 months. Keep this token safe, do not transfer it, and do not hard code it in your application. From now on, your application should make update calls using this token to get a new oauth when necessary. After 18 months or in case of repeated passage of the "Allow access" procedure, the user will need to perform all of the above in order to generate a new update token. Assuming the API has not changed at this point.

    It is worth noting that an 18-month life is not a normal OAuth update procedure, which usually should return a new update token every time the old one is used.

  8. To update oauth:

      HTTP method: POST URL (Sandbox): https://api.sandbox.ebay.com/identity/v1/oauth2/token HTTP headers: Content-Type = application/x-www-form-urlencoded Authorization = Basic <B64-encoded-oauth-credentials> Request body (wrapped for readability): grant_type=refresh_token& refresh_token=<your-refresh-token-value>& scope=https%3A%2F%2Fapi.ebay.com%2Foauth%2Fapi_scope%2Fsell.account%20 https%3A%2F%2Fapi.ebay.com%2Foauth%2Fapi_scope%2Fsell.inventory

Hope this helps!

+28
source

For those struggling with this, make sure you use a coded code / token.

I almost lost my mind trying to figure out what was wrong, because ebay returns reflex update decor

+4
source

For those struggling, please note that the URL in step 4 is different from the URL specified on eBay. The eBay URL starts with https://auth.sandbox.ebay.com/oauth2/authorize , but the URL in step 4 starts with https://signin.sandbox.ebay.com/authorize

+1
source

This is a continuation of FullStackFool's answer .

The following link adds clarity to step 7, which was difficult for me personally. Take a look at RyanPPG's answer (if someone else adds another)

Had to make it a comment, but in this set of comments it will be hard to find.

0
source

Source: https://habr.com/ru/post/1268930/

More articles:


All Articles