question

stalin-1945 avatar image
1 Like"
stalin-1945 asked ·

Cannot get application access token for ebay REST API

Hello, I'm trying to get application access tokens using this guide: http://developer.ebay.com/devzone/rest/ebay-rest/content/gen-app-token.html My request is: curl -X POST " https://api.sandbox.ebay.com/identity/v1/oauth2/token"; -H "Content-Type: application/x-www-form-urlencoded" -H "Authorization: Basic " -d "grant_type=client_credentials&redirect_uri=http%3A%2F% 2Fdomain.com≻ope=https%3A%2F% 2Fapi.ebay.com%2Foauth%2Fscope%2F%40public%20https%3A%2F% 2Fapi.ebay.com%2Foauth%2Fscope%2Fbuy%40user" Response: Status: 400: Bad Request { "error": "invalid_scope" "error_description": "client does not support scopes" "error_uri": null } What do I do wrong?
oauth
10 |600 characters needed characters left characters exceeded

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

itisdesign avatar image
1 Like"
itisdesign answered ·
@oresthry, The issue I had was I was mistakenly attempting to request an Application token for scopes that only allowed User tokens. Example: All of the Sell API calls (except for Metadata) only allow a User token. Thus, attempts to request an Application token for any of the Sell API calls (except for Metadata) will result in the error we're seeing. To see if a call allows an Application token, just CTRL+F the call's doc for "OAuth request scope" and you will see either "This request requires a user access token with the following scope" or "This request requires either a user access token or an application access token with the following scope". Unless it mentions 'application', then requesting an application token for it will error. Thanks!, -Aaron
· 2 · Share
10 |600 characters needed characters left characters exceeded

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

This is ridiculously overcomplicated. I appreciate your input, I just spent the better half of a day trying to figure out my authentication issues until I saw your post.
1 Like 1 · ·
You're welcome. Definitely overcomplicated!
0 Likes 0 · ·
ah-8422 avatar image
0 Likes"
ah-8422 answered ·
Hello, i get this response when i try to get token with oauth from my application $curl->setHeaders([ 'Content-Type' => 'application/x-www-form-urlencoded', 'Authorization' => sprintf('Basic %s',base64_encode(sprintf('%s:%s', $client_id, $client_secret))) ]); $curl->post(' https://api.sandbox.ebay.com/identity/v1/oauth2/token', [ 'grant_type' => 'client_credentials', 'scope' => urlencode(' https://api.ebay.com/oauth/api_scope/sell.inventory') ]); //i got this response stdClass Object ( [error] => invalid_scope [error_description] => The requested scope is invalid, unknown, malformed, or exceeds the scope granted to the client ) I checked the scope exists in my oauth scopes list. Anyone please help, I am stuck on this from so many days, can't even get the right token
· Share
10 |600 characters needed characters left characters exceeded

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

oresthry avatar image
0 Likes"
oresthry answered ·
Any updates here? Did anyone managed to get it working? I've got the same exact problems as @itisdesign and noticed too that those scopes are not properly working and need some fixes. REST API looks good, but why there is never enough help from eBay devs when they do things like that :(
· Share
10 |600 characters needed characters left characters exceeded

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

memoky avatar image
0 Likes"
memoky answered ·
The work-around for your problem could be using Ebay's Merchant Integration Platform. You have to subscribe then you can upload products via SFTP feeds. [Here][1] [1]: https://go.developer.ebay.com/merchant-integration-platform
· Share
10 |600 characters needed characters left characters exceeded

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

itisdesign avatar image
0 Likes"
itisdesign answered ·
@davidtsadler, For some reason the Forum UI won't display your last post, but I did get the email notification containing it. Regarding your question: I want to use many calls, but Inventory and Fulfillment ones to start with.
· Share
10 |600 characters needed characters left characters exceeded

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

davidtsadler avatar image
0 Likes"
davidtsadler answered ·
@stalin-1945 It sounds like that your authorization token may be wrong. These are the steps that I've used to get a working response. From my eBay developer account I grabbed a copy of my sandbox App ID and Cert ID. For this example assume the values are `AppDTS` and `CertDTS`. These two values correspond to the `client_id` and `client_secret` needed in the request. To generate the authorization token I joined the two together with a colon to get `AppDTS:CertDTS`. This combined value is then encoded in Base 64. I used https://www.base64encode.org/ to get the value `QXBwRFRTOkNlcnREVFM=`. To pass this value via the HTTP header requires adding the word Basic followed by a space to the front. The full cURL command is therefore: curl https://api.sandbox.ebay.com/identity/v1/oauth2/token \ -X POST \ -H "Content-Type: application/x-www-form-urlencoded" \ -H "Authorization: Basic QXBwRFRTOkNlcnREVFM=" \ -d "grant_type=client_credentials&redirect_uri=http://shopfrenzy.runashop.lan≻ope= https://api.ebay.com/oauth/api_scope"; On my system using the above command with the correct token works. (I use the same redirect_uri and scope values as those above!) {"access_token":"XXXXXX","token_type":"Application Access Token","expires_in":7200,"refresh_token":"N/A"} If this doesn't work for you then check the following. 1. Ensure that the sandbox App and Cert ID are been used. 2. Check that your sandbox keys have scopes. In you developer account there should be a link to "OAuth Scopes" under your sandbox and production application keys. 3. See if the [API explorer]( https://developer.ebay.com/my/api_test_tool?index=0) can generate a token for you. Use the Browse API and the Search operation in the tool. There will be a link "Get OAuth Application Token". If this is able to generate a token it means that your account is set up correctly and your cURL request should work. I should point out that if you get this to work and obtain a token you will only have access to public information from eBay. If your app requires a different scope, for example https://api.ebay.com/oauth/api_scope/sell.fulfillment, then you are going to need a token that requires a seller's permission. At which point you instead need to follow the guide at http://developer.ebay.com/devzone/rest/ebay-rest/content/gen-user-token.html
· 1 · Share
10 |600 characters needed characters left characters exceeded

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

@davidtsadler, The [documentation][1] says the request for an "Application" access token accepts a list of scopes. What we are reporting here is that it currently only accepts the default scope (api_scope) but not any of the other scopes (api_scope/foo.bar and api_scope/foo.bar.readonly) that were granted to a keyset. That is the issue we need eBay to fix. [1]: http://developer.ebay.com/devzone/rest/ebay-rest/content/gen-app-token.html
0 Likes 0 · ·
itisdesign avatar image
0 Likes"
itisdesign answered ·
Hi eBay, I see the same issue as @stalin-1945 and @t0m201 above. The following return {"error":"invalid_scope","error_description":"client does not support scopes","error_uri":null} Production: c:\curl.exe -X POST " https://api.ebay.com/identity/v1/oauth2/token"; -H "Content-Type: application/x-www-form-urlencoded" -H "Authorization: Basic " -d "grant_type=client_credentials&redirect_uri= ≻ope=https%3A%2F%2Fapi%2Eebay%2Ecom%2Foauth%2Fapi_scope%2Fsell%2Efulfillment" Sandbox: c:\curl.exe -X POST " https://api.sandbox.ebay.com/identity/v1/oauth2/token"; -H "Content-Type: application/x-www-form-urlencoded" -H "Authorization: Basic " -d "grant_type=client_credentials&redirect_uri= ≻ope=https%3A%2F%2Fapi%2Eebay%2Ecom%2Foauth%2Fapi_scope%2Fsell%2Efulfillment" Do your instructions need updated at http://developer.ebay.com/devzone/rest/ebay-rest/content/gen-app-token.html? Thanks!, -Aaron
· 3 · Share
10 |600 characters needed characters left characters exceeded

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

Does using https://api.ebay.com/oauth/api_scope as the scope work?
0 Likes 0 · ·
No, David, another error: curl -X POST " https://api.sandbox.ebay.com/identity/v1/oauth2/token"; -H "Content-Type: application/x-www-form-urlencoded" -H "Authorization: Basic " -d "grant_type=client_credentials&redirect_uri=http%3A%2F%2Fshopfrenzy.runashop.lan≻ope=https%3A%2F% 2Fapi.ebay.com%2Foauth%2Fapi_scope" result: {"error":"invalid_request","error_description":"request is invalid","error_uri":null}%
0 Likes 0 · ·
@davidtsadler, Using https://api.ebay.com/oauth/api_scope returns a useless access token, as originally noted by @t0m201 above.
0 Likes 0 · ·
itisdesign avatar image
0 Likes"
itisdesign answered ·
Hi eBay, I see the same issue as @stalin-1945 and @t0m201 above. The following return {"error":"invalid_scope","error_description":"client does not support scopes","error_uri":null} Production: c:\curl.exe -X POST " https://api.ebay.com/identity/v1/oauth2/token"; -H "Content-Type: application/x-www-form-urlencoded" -H "Authorization: Basic " -d "grant_type=client_credentials&redirect_uri=≻ope=https%3A%2F%2Fapi%2Eebay%2Ecom%2Foauth%2Fapi_scope%2Fsell%2Efulfillment" Sandbox: c:\curl.exe -X POST " https://api.sandbox.ebay.com/identity/v1/oauth2/token"; -H "Content-Type: application/x-www-form-urlencoded" -H "Authorization: Basic " -d "grant_type=client_credentials&redirect_uri=≻ope=https%3A%2F%2Fapi%2Eebay%2Ecom%2Foauth%2Fapi_scope%2Fsell%2Efulfillment" Do your instructions need updated at http://developer.ebay.com/devzone/rest/ebay-rest/content/gen-app-token.html? Thanks!, -Aaron
· Share
10 |600 characters needed characters left characters exceeded

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

t0m201 avatar image
0 Likes"
t0m201 answered ·
Hi, I have the same issue. I get the same error message when I make a request with scope included (as per the api guide) but when I remove "scope=", it returns a valid token however that token is useless because it isn't allowed any permissions. Why doesn't it accept any scopes??
· Share
10 |600 characters needed characters left characters exceeded

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

Write an Answer

Hint: Notify or tag a user in this post by typing @username.

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.