FetchToken returns error in Sandbox "The secret Id you provided does not match with the one you provided earlier"
I am using Java SDK and when I use "FetchToken" call passing a valid session ID it returns: " com.ebay.sdk.ApiException: The secret Id you provided does not match with the one you provided earlier" This is happening in Sandbox only. In Production, it works fine and the token is returned successfully. I tried to test that call on the eBay API test tool and it's failing as well, so it's not a SDK problem. It's Sandbox environment problem. Is anyone facing this issue? Ebay developer staff, please could you have a look and fix the issue? Thank you.
Hi, There is no issue with the Sandbox environment as I was successfully able to make the GeTSessionID and FetchToken without any issues. Can you please let us know the steps that you are following to reproduce the issue? Cheers!!!
Ok, for more information, here are the request and response: Sending SOAP request to:
https://api.sandbox.ebay.com/wsapi?siteid=0&callname=FetchToken&client=java&appid=[MY APP ID] Request: [MY APP ID] [MY DEV ID] [MY AUTH CERT] ReturnAll 963 High o+MCAA**5575c9901540a471d22041c0ffffd92d Response: 2016-04-27T02:04:46.890Z Failure The secret Id is invalid. The secret Id you provided does not match with the one you provided earlier. 16117 Error RequestError 949 E949_CORE_API_17895653_R1
Hi @corc-ches, The reason why you are seeing this issue is because in your specific case, the sessionID has a '+' sign which does not get url encoded and gets replaced by blank space leading to the error you are seeing. This issue is known with most of the browsers and it has been fixed in the FetchToken flow after you login into the website:
https://developer.ebay.com/signin For time being, I would suggest you to please login and go through the fetch token flow in order to generate your token. Thanks
Hi @jigishmehta The SessionID is exactly the String value returned by the GetSessionID call. And how come this works in the Production environment? Codes are the same, only the URL endpoint is pointing to the production server.
Sandbox Environment GetSessionID request: ReturnAll 963 High [MY RUNAME] Sandbox Environment GetSessionID response: 2016-04-27T03:07:44.597Z Success 949 E949_CORE_API_17895653_R1 o+MCAA**55afca451540a471d22041c0ffffd927 I think it would be better that the SessionID generator in the Sandbox Environment should remove the +.
Yes, thank you for your help and I appreciate your quick response. I did go through the fetchToken flow as you suggested for the meantime. But, I really would want this be fixed because in our application flow, we allow ebay users to go through the auth & sign-in process during new account registration in order for our application to get auth token of the registrant (ebay user).