question

becrafty avatar image
0 Likes"
becrafty asked ·

Application token exceeds the scope granted to the client

Hi all, I'm currently trying to upgrade our affiliate apps to the OAuth calls. This is all working perfectly under sandbox but not during live. The issue is that when I try to obtain an "application token" with the various Buy scopes (in this case https://api.ebay.com/oauth/api_scope/buy.marketing) it will return [error_description] => The requested scope is invalid, unknown, malformed, or exceeds the scope granted to the client I'm confident that the call is okay so it would seem that this developer account does not have sufficient scope to deal with these requests. How would I go about adding scope to the account? The ebay affiliate network would seem to imply that all API's should be available to an affiliate? Any help from ebay developers would be greatly appreciated as this does not appear to be an issue I can fix my end.
tokensscopesoauth scopestoken api unauthorized
10 |600 characters needed characters left characters exceeded

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

hiperlights_russia avatar image
0 Likes"
hiperlights_russia answered ·
V2 POST-ORDER is dead. Everyone can check it easily: This command will return nothing (HTTP/1.1 302 Found): curl https://api.ebay.com/post-order/v2/casemanagement/5215420250 And will redirect request to: http://pages.ebay.com/messages/page_not_responding.html?RlogId=**** This command will return JSON error (HTTP/1.1 400 Bad Request): https://api.ebay.com/sell/fulfillment/v1/order/08-04343-80420
· 1 · Share
10 |600 characters needed characters left characters exceeded

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

Hi @hiperlights_russia, Again many other developers use it. So to say such things as "V2 POST-ORDER is dead" is inaccurate. We will work on helping you get your call working, but please refrain from making general statements that are inaccurate just because it doesn't work for your case.
0 Likes 0 · ·
hiperlights_russia avatar image
0 Likes"
hiperlights_russia answered ·
...regarding POST-ORDER API. My class which makes calls. Code sample in php: $orderId = "08-04343-80420"; $res = ebay_api::sendRequest2([ "url" => " https://api.ebay.com/sell/fulfillment/v1/order/{$orderId}";, "urlParams" => [ ] ]); var_dump($res); This outputs order data. So token and request are okay. The same method to POST ORDER API: $caseId = "5215420250"; $res = ebay_api::sendRequest2([ "url" => " https://api.ebay.com/post-order/v2/casemanagement/{$caseId}";, "urlParams" => [ ] ]); var_dump($res); Gives me NOTHING. Returns "". AND ONLY WHEN I LOOK INTO CURL INTERNAL DATA I can see: ["redirect_url"]=> http://pages.ebay.com/messages/page_not_responding.html?RlogId=**** So this API IS NOT RESPONDING. So... POST-ORDER API is dead...
· 1 · Share
10 |600 characters needed characters left characters exceeded

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

@sanjeev_developersupport can you help here please. Create a working sample.
0 Likes 0 · ·
hiperlights_russia avatar image
0 Likes"
hiperlights_russia answered ·
I DO beleive that eBay Oauth is used by a lot of people. But I never used the whole process so eBay's Oauth was my first try. And documentation is REALLY confusing unclear and VERY STRESSFUL. You can see tons of the SAME topics here af a proof. And the only help I got is google search which led me to stackoverflow. And I found NORMAL description. https://stackoverflow.com/questions/44603838/ebay-oauth-token-and-refresh-tokens BTW the author is also found ebay docs stressful. I do not use developer portal for tokens' generation as it does not help me. It can generate token but cannot say "HOW TO". And I do not need any help forming JSON array... POST-ORDER API DOES NOT WORK for me. I generate token with ALL scopes. And it works for "scoped" requests. And does not work for POST-ORDER API. Moreover P-O API does not even throw ANY errors. So it is useless for me as it is impossible to debug anything. I do believe it works for you but I guess you have some docs or help available. A have seen "Making a call" but it is also COMPLETELY USELESS because it describes obvious things (yes, headers section are usefull but nothing more). And does not describe troubleshooting at all. I can send a call to P-O API with no payload - it answers "". No auth header - it answers "". Random symbols in payload - it answers "". It is NOT a usefull API... AND API Explorer DOES NOT contain POST-ORDER API. So it is impossible to test anything.
· 1 · Share
10 |600 characters needed characters left characters exceeded

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

You can try to use https://ebaydts.com/eBayKBDetails?KBid=5075 which gives a few pointers when going through the steps.
0 Likes 0 · ·
jourbandts avatar image
0 Likes"
jourbandts answered ·
HI @hiperlights_russia, I am sorry you feel that way. We do have ~500k developers who use the OAuth tokens without any issues. At this point I am unclear of what your exact issue is. You did not give much info just a statement. I believe maybe you are saying when trying to use the links on the developer portal the tokens are not being generated? For Post-Order API you can use https://developer.ebay.com/Devzone/post-order/concepts/MakingACall.html. These APIs were built before we introduced the concept of scopes so it will work with just the default scope. Again are you trying to use the API Explorer and not getting data?
· Share
10 |600 characters needed characters left characters exceeded

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

hiperlights_russia avatar image
0 Likes"
hiperlights_russia answered ·
This is NOT the key since you are NOT able to generate a key with a scope ANY OTHER than " https://api.ebay.com/oauth/api_scope";. The key to the message is that you HAVE to do EXACTLY the following: 1. Generate Oauth token + refresh token via CODE based procedure; 2. Use your token and REFRESH it with refresh token once is has expired That is all. ANY OTHER method will fail. AND eBay documentation HAS NO CLUE about it. MOREOVER eBay has "new APIs". F.e. "post-order API". https://developer.ebay.com/Devzone/post-order/index.html BUT IT IS COMPLETELY USELESS AND NON-DOCUMENTED. Because there is NO SCOPE to use it. And NO DESCRIPTION provided.... it is really insane. I have tried to call this one: https://developer.ebay.com/Devzone/post-order/post-order_v2_casemanagement-caseid__get.html IT HAS NO ANSWER. NO INFO. NO ERROR. NOTHING. JUST AN "" VAL.
· Share
10 |600 characters needed characters left characters exceeded

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

jourbandts avatar image
0 Likes"
jourbandts answered ·
Hi @hiperlights_russia, The key to the message is "exceeds the scope granted to the client". The buy.marketing scope and many others are not part of the default scopes given. You can check what scopes you have access to by going to https://developer.ebay.com/my/keys, and clicking on the "OAuth scopes" link for a keyset. If you do not see the scope in that list you do not have access.
· Share
10 |600 characters needed characters left characters exceeded

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

sanjeev_developersupport avatar image
0 Likes"
sanjeev_developersupport answered ·
Hi @hiperlights_russia, We try to reproduce the issue but for us, it is working fine. Please share the screenshot if you are getting any error message and make sure you have selected keyset while generating the token.![alt text][1] Best Regards [1]: /storage/temp/2433-oauth-token-issue.png

· Share
10 |600 characters needed characters left characters exceeded

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

hiperlights_russia avatar image
0 Likes"
hiperlights_russia answered ·
I have the same situation... and seems to be a great problem for everyone. Try to generate token here and your requests will work: https://developer.ebay.com/my/api_test_tool?index=0&env=production&api=fulfillment&call=order-orderid__GET&variation=json But it seems impossible to generate token by API with normal scope ...
· Share
10 |600 characters needed characters left characters exceeded

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.

Write an Answer

Hint: Notify or tag a user in this post by typing @username.

Up to 2 attachments (including images) can be used with a maximum of 512.0 KiB each and 1.0 MiB total.