Application token exceeds the scope granted to the client
Hi all, I'm currently trying to upgrade our affiliate apps to the OAuth calls. This is all working perfectly under sandbox but not during live. The issue is that when I try to obtain an "application token" with the various Buy scopes (in this case
https://api.ebay.com/oauth/api_scope/buy.marketing) it will return [error_description] => The requested scope is invalid, unknown, malformed, or exceeds the scope granted to the client I'm confident that the call is okay so it would seem that this developer account does not have sufficient scope to deal with these requests. How would I go about adding scope to the account? The ebay affiliate network would seem to imply that all API's should be available to an affiliate? Any help from ebay developers would be greatly appreciated as this does not appear to be an issue I can fix my end.
Hi @hiperlights_russia, The key to the message is "exceeds the scope granted to the client". The buy.marketing scope and many others are not part of the default scopes given. You can check what scopes you have access to by going to
https://developer.ebay.com/my/keys, and clicking on the "OAuth scopes" link for a keyset. If you do not see the scope in that list you do not have access.
HI @hiperlights_russia, I am sorry you feel that way. We do have ~500k developers who use the OAuth tokens without any issues. At this point I am unclear of what your exact issue is. You did not give much info just a statement. I believe maybe you are saying when trying to use the links on the developer portal the tokens are not being generated? For Post-Order API you can use
https://developer.ebay.com/Devzone/post-order/concepts/MakingACall.html. These APIs were built before we introduced the concept of scopes so it will work with just the default scope. Again are you trying to use the API Explorer and not getting data?
I DO beleive that eBay Oauth is used by a lot of people. But I never used the whole process so eBay's Oauth was my first try. And documentation is REALLY confusing unclear and VERY STRESSFUL. You can see tons of the SAME topics here af a proof. And the only help I got is google search which led me to stackoverflow. And I found NORMAL description.
https://stackoverflow.com/questions/44603838/ebay-oauth-token-and-refresh-tokens BTW the author is also found ebay docs stressful. I do not use developer portal for tokens' generation as it does not help me. It can generate token but cannot say "HOW TO". And I do not need any help forming JSON array... POST-ORDER API DOES NOT WORK for me. I generate token with ALL scopes. And it works for "scoped" requests. And does not work for POST-ORDER API. Moreover P-O API does not even throw ANY errors. So it is useless for me as it is impossible to debug anything. I do believe it works for you but I guess you have some docs or help available. A have seen "Making a call" but it is also COMPLETELY USELESS because it describes obvious things (yes, headers section are usefull but nothing more). And does not describe troubleshooting at all. I can send a call to P-O API with no payload - it answers "". No auth header - it answers "". Random symbols in payload - it answers "". It is NOT a usefull API... AND API Explorer DOES NOT contain POST-ORDER API. So it is impossible to test anything.