Migrating from Trading API (with Auth'n'Auth) to REST APIs (with OAuth). What a nightmare. A full day of work and I still cannot make a simple 'get orders' call with the API Explorer tool. I thought PayPal API documentation was bad...
Why is there not a single UI for a developer to get a (long lasting) token for their application, with all the scopes the application needs? How idiotic that I have to copy/paste scope names, find an online URL encoder, oh yeah, then a Base64 encoder for my AppID and Secret, then setup Postman with all the right headers - to make ONE call.
OK, so I did all that. Posted to https://api.ebay.com/identity/v1/oauth2/token with scope "https://api.ebay.com/oauth/api_scope".
Got back an access token, but it does not work to get a list of orders, ""Insufficient permissions to fulfill the request.".
Oh, I see from the API doc that this API requires fullfillment scope. OK, back to Postman with scope "https://api.ebay.com/oauth/api_scope/sell.fulfillment.readonly" but I cannot get a token with this scope, the call returns:
The requested scope is invalid, unknown, malformed, or exceeds the scope granted to the client
Well, which is it??? I HATE error message that list multiple possible causes, this is lazy programming.
Since I am reasonably sure it is a valid scope name, I have to assume "exceeds the scope granted to the client". WHAT client? How do I fix this so I can get a token with all the scopes my application needs?