eBay

finneyspartdepot1 · ‎09-16-2023

I'm very confused on how to get the user token so I can use the fulfillment API. That way I can get a list of my daily order.

Values I don't understand:

code=<authorization-code-value>

redirect_uri=<RuName-value>

client_id=<app-client-id-value>

#!/bin/bash

#get passwords from file...

#devid=$(cat ebay-dev-token.txt | grep DevId | cut -d ' ' -f 2)

token=$(cat ebay-dev-token.txt | grep Token | cut -d ' ' -f 2)
clientid=$(cat ebay-dev-token.txt | grep -i clientid | cut -d ' ' -f 2)
clientsecret=$(cat ebay-dev-token.txt | grep -i clientsecret | cut -d ' ' -f 2)
redirect=$(cat ebay-dev-token.txt | grep -i redirect | cut -d ' ' -f 2)

#get base64 password
base64key=$(echo "$clientid:$clientsecret" | base64 | tr -d '\n')

#get access token 'Authorization:Bearer '$apptoken''

apptokendata=$(curl -X POST 'https://api.ebay.com/identity/v1/oauth2/token' \
-H 'Content-Type: application/x-www-form-urlencoded' \
-H 'Authorization: Basic '$base64key'' \
-d 'grant_type=client_credentials' | json_pp)

apptoken=$(echo "$apptokendata" | grep access_token | cut -d '"' -f 4)

#echo "$apptoken" #working

#how to user access token

#HTTP method: POST
#URL (Sandbox): https://api.sandbox.ebay.com/identity/v1/oauth2/token

# HTTP headers:
# Content-Type = application/x-www-form-urlencoded
# Authorization = Basic <B64-encoded-oauth-credentials>

# Request body:
# grant_type=authorization_code
# code=<authorization-code-value>
# redirect_uri=<RuName-value>

usertoken=$(curl -X POST 'https://api.ebay.com/identity/v1/oauth2/token' \
-H 'Content-Type: application/x-www-form-urlencoded' \
-H 'Authorization: Basic '$base64key'' \
--data-urlencode "grant_type=authorization_code" \
--data-urlencode 'code='$token'' \
--data-urlencode 'redirect_uri='$redirect'' | json_pp)

echo "$usertoken" #error invalid grant or issued to another client


#/* URL redirects a user to the application's Grant Application Access page */

#GET https://auth.sandbox.ebay.com/oauth2/authorize?
# client_id=<app-client-id-value>&
# locale=<locale-value>& // optional
# prompt=login // optional
# redirect_uri=<app-RuName-value>&
# response_type=code&
# scope=<scopeList>& // a URL-encoded string of space-separated scopes
# state=<custom-state-value>& // optional

#echo "client=$clientid" App ID/Client ID = <app-client-id-value>?
#echo "$redirect" #eBay Redirect URL name only? not really sure what this is <app-RuName-value>

curl -X 'GET' 'https://auth.ebay.com/oauth2/authorize?' -H "Content-Type: application/json" \
-H "client_id="$clientid"" -H "locale=en-US" -H "prompt=login" -H 'redirect_uri='$redirect'' -H "response_type=code"


#use fulfillment api not working as usertoken invalid

curl -X 'GET' 'https://api.ebay.com/sell/fulfillment/v1/order?filter=creationdate:%5B2022-05-01T15:05:43.026Z..%5D&limit=5&offset=5' -H "Content-Type:application/json" \
-H "Authorization:Bearer "$usertoken"" | json_pp

echo -e "\ndone"

finneyspartdepot1 · ‎09-17-2023

Well I got the thing to work but why does the fufilllment api not work with just the user access token. I keep getting this message:

{
   "errors" : [
      {
         "category" : "REQUEST",
         "domain" : "ACCESS",
         "errorId" : 1100,
         "longMessage" : "Insufficient permissions to fulfill the request.",
         "message" : "Access denied"
      }
   ]
}

The only way around it is to refresh the authorization every time which is a problem as it's not easy to automate as I have to go to a site login then pull the url what is the best solution here?

https://auth.ebay.com/oauth2/authorize?prompt=login&client_id='$clientid'&locale=en-US&redirect_uri='$redirect'&response_type=code&scope='$scope''

shipscript · ‎09-17-2023

@finneyspartdepot1

You should only need to log in once. After that, you can generate a user access token via a refresh token for up to 18 months.

Start on this page that illustrates the grant flow.

https://developer.ebay.com/api-docs/static/oauth-authorization-code-grant.html

Then go down the topics in the left menu for more details.

The user-token flow has three steps:

Authorization Code. Request the Authorization Code from the user (this is the one time the user must log in to eBay to give authorization). It can be initiated from a URL if you wish. This authorization is returned as a URL query string on the acceptance URL from the user's log in. The Authorization Code has a short life span of 5 minutes.
User Access Token. The Authorization Code must be quickly traded for a User Access Token within that 5 minute period. Read the acceptance URL's query to retrieve the Authorization and use that value to request a User Access Token. The User Access Token expires within 2 hours and provides values for a refresh token if a longer duration is needed.
Refresh Token. Retrieve a Refresh Token for the User Access Token. This will be the 18 month token. When the initial User Access Token expires, use the Refresh Token to mint a new 2-hour User Access Token for the same user. Keep minting new 2-hour tokens as needed for the next 18 months (or until the token is revoked in the user's account settings). When the Refresh Token expires, the user must again log in to eBay to get a new Authorization Code.

ShipScript has been an eBay Community volunteer since 2003, specializing in HTML, CSS, Scripts, Photos, Active Content, Technical Solutions, and online Seller Tools.