OAuth
Accessing Shopranos Data via OAuth#
When developing a third-party app for the Shopranos platform, secure access to data is provided through OAuth-based authentication. Each app is assigned unique credentials, and by following the steps below, developers can obtain an access token that grants access to Shopranos data for an installed app.Credentials Overview#
1.
Client ID and Client Secret:These credentials are generated when the app is created.
Location: You can find the Client ID and Client Secret on the app's detail page at apps.shopranos.eu. 2.
This ID represents the organization that has installed your app.
Location: The Company ID is provided via the App Install Webhook, which is triggered when a company installs your app.
Obtaining an Access Token#
To access Shopranos data, you need to authenticate your app and obtain an access token. Here's how:1.
Send a POST request to the Login Endpoint using your Client ID, Client Secret, and the Company ID.
2.
The access token contains the permissions your app requested and were approved during installation.
Usage: Use this token in the authorization header of your API requests to access Shopranos data for the installer company.
Example Flow#
1.
App Creation: Obtain your Client ID and Client Secret.
2.
App Installation: When a store installs your app, capture the Company ID from the App Install Webhook.
3.
Login Request: Use the Client ID, Client Secret, and Company ID to request an access token from the Login Endpoint.
4.
Access Data: With the token, make authorized API calls to access the store's data, as permitted by the app's approved permissions.
Security Considerations#
Keep Credentials Secure: Ensure that your Client ID, Client Secret, and access token are stored securely and not exposed to unauthorized parties.
Token Expiry: Be mindful of the token's expiry time and refresh it as needed to maintain access.
Modified at 2024-09-02 07:15:26
