question

volodymytsuku_0 avatar image
1 Like"
volodymytsuku_0 asked ·

One token for both new and traditional APIs

**Is it possible to use one token to access both new Sell/Buy APIs as well as traditional Selling/Buying APIs?** The idea is for the user to grant access to the app once, allowing the app to call different types of APIs. We want to use new Sell APIs to manage account and inventory but we also need to be able to call traditional things like [GetCategoryFeatures][1]. Obviously, using OAuth 2.0 access token in XML / SOAP calls does not work. Developer console mentions the following: > eBay supports OAuth 2.0 for RESTful APIs as well as XML and SOAP APIs but I was not able to find relevant documentation on the way to make it actually work. Any help or clarification is highly appreciated! [1]: https://developer.ebay.com/Devzone/XML/docs/Reference/eBay/GetCategoryFeatures.html
apitrading apitokenoauth2tokensauthentication
10 |600 characters needed characters left characters exceeded

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

volodymytsuku_0 avatar image
0 Likes"
volodymytsuku_0 answered ·
@dantqiues So, it is possible to use user access token to communicate with both new and traditional APIs. It means you can have one authentication flow (based on OAuth2) and then send a much wider range of calls. The following documentation describes how to get OAuth2 flow work: - [Merchant Feeds - Using eBay OAuth][1] - [Getting a User token][2] Then, the application can pass access token using X-EBAY-API-IAF-TOKEN request header, for example: POST /ws/api.dll HTTP/1.1 Host: api.ebay.com Content-Type: text/xml X-EBAY-API-COMPATIBILITY-LEVEL: 1009 X-EBAY-API-CALL-NAME: GetCategoryFeatures X-EBAY-API-SITEID: 0 X-EBAY-API-IAF-TOKEN: ${USER_ACCESS_TOKEN} One thing which we discovered along the way is that [Platform Notifications][3] might NOT be sent even if you successfully subscribe with the access token. In this case, you need to contact support and ask to enable receiving notifications for your Sandbox or Production App ID. Also, note that eBay might introduce separate OAuth scope to grant access to traditional APIs in the future. [1]: https://developer.ebay.com/Devzone/merchant-products/account-management/HowTo/oauth.html [2]: https://developer.ebay.com/devzone/rest/ebay-rest/content/oauth-gen-user-token.html [3]: https://developer.ebay.com/devzone/guides/ebayfeatures/Notifications/Notifications.html
· Share
10 |600 characters needed characters left characters exceeded

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

dantqiues avatar image
1 Like"
dantqiues answered ·
This would be really nice, it's pretty inconvenient to have to navigate two completely separate APIs / logins / token systems to build a complete application.
· Share
10 |600 characters needed characters left characters exceeded

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

dantqiues avatar image
0 Likes"
dantqiues answered ·
This is excellent news! Do you know if the X-EBAY-API-IAF-TOKEN is documented anywhere? I already had the OAuth process working at this point (as well as the old It will make authenticating much easier with only having to manage the OAuth process once.
· Share
10 |600 characters needed characters left characters exceeded

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

volodymytsuku_0 avatar image
0 Likes"
volodymytsuku_0 answered ·
@dantqiues I have not found it in the documentation but initially discovered it in the API Explorer tool. If you go to API Explorer, generate OAuth user token, select Trading API call then the tool will insert the header for you: https://developer.ebay.com/my/api_test_tool?index=0≈i=trading&call=GetItem&variation=xml I reconfirmed the approach with eBay development support team during the recent eBay Connect 2017 event
· Share
10 |600 characters needed characters left characters exceeded

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

dantqiues avatar image
1 Like"
dantqiues answered ·
Very helpful, thank you so much!
· Share
10 |600 characters needed characters left characters exceeded

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

dantqiues avatar image
1 Like"
dantqiues answered ·
@volodymytsuku_0 are there any special interactions regarding the scope of the token to be aware of? I.E. do I need to mint the token with specific scopes to enable all features of the Trading API or are certain calls like AddItem limited to a sell.inventory scope for example?
· Share
10 |600 characters needed characters left characters exceeded

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

volodymytsuku_0 avatar image
0 Likes"
volodymytsuku_0 answered ·
@dantqiues Unfortunately, I do not know about the precise mapping of scopes. I do know however that a new scope or even scopes are coming specifically to serve Trading API via OAuth.
· Share
10 |600 characters needed characters left characters exceeded

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

dantqiues avatar image
1 Like"
dantqiues answered ·
Thank you again for the answer, sometimes the documentation can feel a bit lacking and just getting a quick response like this can save a ton of time and trouble!
· Share
10 |600 characters needed characters left characters exceeded

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

Write an Answer

Hint: Notify or tag a user in this post by typing @username.

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.