02-01-2024 11:02 AM
Hi
I'm trying to get renew my access token so that I keep using the search api without having to change the token manually.
I keep getting response 500. What am I doing wrong?
import base64
import requests
client_id = "username-appName-PRD-xxxxxxxxx-xxxxxxxx"
url = "https://api.ebay.com/identity/v1/oauth2/token"
client_secret = "access token"
credentials = client_id + ":" + client_secret
b_credentials = credentials.encode('ascii')
base64_auth_credentials = str(base64.b64encode(b_credentials))
body = {
"grant_type": 'client_credentials',
"scope": "https%3A%2F%2Fapi.ebay.com%2Foauth%2Fapi_scope%09"
}
headers = {
"Content-Type": "application/x-www-form-urlencoded",
"Authorization": "Basic " + base64_auth_credentials
}
req = requests.post(url, json=body, headers=headers)
print(req)
req.text or req.json() doesn't return anything.
02-01-2024 12:06 PM
I assume you obfuscated these two variables
client_id = "username-appName-PRD-xxxxxxxxx-xxxxxxxx"
client_secret = "access token"
and that you are retrieving the actual keys shown on your account page:
https://developer.ebay.com/my/keys
There is a stray character at the end of this scope.
"scope": "https%3A%2F%2Fapi.ebay.com%2Foauth%2Fapi_scope%09"
Since I don't know Python, I asked ChatGPT to correct your code. I have no clue if this is correct:
import base64 import requests import urllib.parse client_id = "username-appName-PRD-xxxxxxxxx-xxxxxxxx" client_secret = "client_secret" url = "https://api.ebay.com/identity/v1/oauth2/token" credentials = f"{client_id}:{client_secret}" b_credentials = credentials.encode('ascii') base64_auth_credentials = base64.b64encode(b_credentials).decode('ascii') scope = "https://api.ebay.com/oauth/api_scope" encoded_scope = urllib.parse.quote(scope) body = { "grant_type": 'client_credentials', "scope": encoded_scope } headers = { "Content-Type": "application/x-www-form-urlencoded", "Authorization": "Basic " + base64_auth_credentials } req = requests.post(url, data=body, headers=headers) print(req.json())
02-01-2024 12:27 PM
I've written my token retrieval in PHP. There are two routines. One creates the token and the other checks the age of the token. I use only one token across all of my applications, so they all call the same token setting module.
My scheme is to keep my keys and tokens in secured files on the server. The code module looks for the existence of a token file and its creation date. If the file does not exist, or if the 2-hour token is more than one hour and 59 minutes old, the tool fetches my credentials and requests a new token.
eBay recommends testing the token and renewing only if the token returns an expired notice. That would certainly be appropriate and more efficient when accessing different tokens across multiple applications and users.